VYPR

CWE-415

Double Free

VariantDraftLikelihood: High

Description

The product calls free() twice on the same memory address.

Hierarchy (View 1000)

Children

none

CVEs mapped to this weakness (275)

page 4 of 14
  • CVE-2026-32074HigApr 14, 2026
    risk 0.51cvss 7.8epss 0.00

    Double free in Windows Projected File System allows an authorized attacker to elevate privileges locally.

  • CVE-2026-32069HigApr 14, 2026
    risk 0.51cvss 7.8epss 0.00

    Double free in Windows Projected File System allows an authorized attacker to elevate privileges locally.

  • CVE-2026-26179HigApr 14, 2026
    risk 0.51cvss 7.8epss 0.00

    Double free in Windows Kernel allows an authorized attacker to elevate privileges locally.

  • CVE-2026-26163HigApr 14, 2026
    risk 0.51cvss 7.8epss 0.00

    Double free in Windows Kernel allows an authorized attacker to elevate privileges locally.

  • CVE-2023-53596HigOct 4, 2025
    risk 0.51cvss 7.8epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: drivers: base: Free devm resources when unregistering a device In the current code, devres_release_all() only gets called if the device has a bus and has been probed. This leads to issues when using bus-less…

  • CVE-2025-39790HigSep 11, 2025
    risk 0.51cvss 7.8epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: Detect events pointing to unexpected TREs When a remote device sends a completion event to the host, it contains a pointer to the consumed TRE. The host uses this pointer to process all of the…

  • CVE-2025-38699HigSep 4, 2025
    risk 0.51cvss 7.8epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: scsi: bfa: Double-free fix When the bfad_im_probe() function fails during initialization, the memory pointed to by bfad->im is freed without setting bfad->im to NULL. Subsequently, during driver…

  • CVE-2025-38079HigJun 18, 2025
    risk 0.51cvss 7.8epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: crypto: algif_hash - fix double free in hash_accept If accept(2) is called on socket type algif_hash with MSG_MORE flag set and crypto_ahash_import fails, sk2 is freed. However, it is also freed in…

  • CVE-2024-53213HigDec 27, 2024
    risk 0.51cvss 7.8epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: net: usb: lan78xx: Fix double free issue with interrupt buffer allocation In lan78xx_probe(), the buffer `buf` was being freed twice: once implicitly through `usb_free_urb(dev->urb_intr)` with the…

  • CVE-2024-49989HigOct 21, 2024
    risk 0.51cvss 7.8epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix double free issue during amdgpu module unload Flexible endpoints use DIGs from available inflexible endpoints, so only the encoders of inflexible links need to be freed. Otherwise, a…

  • CVE-2024-49882HigOct 21, 2024
    risk 0.51cvss 7.8epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: ext4: fix double brelse() the buffer of the extents path In ext4_ext_try_to_merge_up(), set path[1].p_bh to NULL after it has been released, otherwise it may be released twice. An example of what triggers this…

  • CVE-2024-36940HigMay 30, 2024
    risk 0.51cvss 7.8epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: pinctrl: core: delete incorrect free in pinctrl_enable() The "pctldev" struct is allocated in devm_pinctrl_register_and_init(). It's a devm_ managed pointer that is freed by devm_pinctrl_dev_release(), so…

  • CVE-2024-26257HigApr 9, 2024
    risk 0.51cvss 7.8epss 0.01

    Microsoft Excel Remote Code Execution Vulnerability

  • CVE-2023-33161HigJul 11, 2023
    risk 0.51cvss 7.8epss 0.01

    Microsoft Excel Remote Code Execution Vulnerability

  • CVE-2018-9513HigOct 2, 2018
    risk 0.51cvss 7.8epss 0.00

    In copy_process of fork.c, there is possible memory corruption due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel…

  • CVE-2018-4000HigOct 1, 2018
    risk 0.51cvss 7.8epss 0.01

    An exploitable double-free vulnerability exists in the Office Open XML parser of Atlantis Word Processor, version 3.2.5.0. A specially crafted document can cause a TTableRow instance to be referenced twice, resulting in a double-free vulnerability when both the references go out…

  • CVE-2018-11840HigSep 18, 2018
    risk 0.51cvss 7.8epss 0.00

    In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing the WLAN driver command ioctl a temporary buffer used to construct the reply message may be freed twice.

  • CVE-2018-11276HigSep 18, 2018
    risk 0.51cvss 7.8epss 0.00

    In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, double free of memory allocation is possible in Kernel when it explicitly tries to free that memory on driver probe failure, since memory allocated is automatically freed…

  • CVE-2018-11273HigSep 18, 2018
    risk 0.51cvss 7.8epss 0.00

    In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, 'voice_svc_dev' is allocated as a device-managed resource. If error 'cdev_alloc_err' occurs, 'device_destroy' will free all associated resources, including 'voice_svc_dev'…

  • CVE-2018-11270HigSep 18, 2018
    risk 0.51cvss 7.8epss 0.00

    In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, memory allocated with devm_kzalloc is automatically released by the kernel if the probe function fails with an error code. This may result in data corruption.