VYPR

CWE-763

Release of Invalid Pointer or Reference

BaseIncomplete

Description

The product attempts to return a memory resource to the system, but it calls the wrong release function or calls the appropriate release function incorrectly.

Hierarchy (View 1000)

Parents

CVEs mapped to this weakness (14)

  • CVE-2018-6836CriFeb 8, 2018
    risk 0.64cvss 9.8epss 0.03

    The netmonrec_comment_destroy function in wiretap/netmon.c in Wireshark through 2.4.4 performs a free operation on an uninitialized memory address, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.

  • CVE-2025-13824HigDec 15, 2025
    risk 0.57cvss epss 0.00

    A security issue exists due to improper handling of malformed CIP packets during fuzzing. The controller enters a hard fault with solid red Fault LED and becomes unresponsive. Upon power cycle, the controller will enter recoverable fault where the MS LED and Fault LED become…

  • CVE-2025-25215HigJun 13, 2025
    risk 0.57cvss 8.8epss 0.02

    An arbitrary free vulnerability exists in the cv_close functionality of Dell ControlVault3 prior to 5.15.10.14 and Dell ControlVault3 Plus prior to 6.2.26.36. A specially crafted ControlVault API call can lead to an arbitrary free. An attacker can forge a fake session to …

  • CVE-2017-0731HigAug 9, 2017
    risk 0.51cvss 7.8epss 0.00

    A elevation of privilege vulnerability in the Android media framework (mpeg4 encoder). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36075363.

  • CVE-2026-9516HigJun 3, 2026
    risk 0.42cvss 7.5epss 0.00

    Cpanel::JSON::XS versions before 4.41 for Perl allow denial of service via UTF-8 BOM prefixed input when a decode filter callback throws. To skip a leading 3-byte UTF-8 BOM, decode_json() advances the input scalar's string pointer past the mark with SvPV_set() and restores it…

  • CVE-2018-25243MedApr 4, 2026
    risk 0.40cvss 6.2epss 0.00

    FastTube 1.0.1.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string to the search functionality. Attackers can paste a buffer of 1900 characters into the search bar and trigger a crash when the…

  • CVE-2025-65116MedApr 7, 2026
    risk 0.36cvss 5.5epss 0.00

    Buffer Overflow Vulnerability in JP1/IT Desktop Management 2 - Manager on Windows, JP1/IT Desktop Management 2 - Operations Director on Windows, Job Management Partner 1/IT Desktop Management 2 - Manager on Windows, JP1/IT Desktop Management - Manager on Windows, Job Management…

  • CVE-2020-28941MedNov 19, 2020
    risk 0.36cvss 5.5epss 0.00

    An issue was discovered in drivers/accessibility/speakup/spk_ttyio.c in the Linux kernel through 5.9.9. Local attackers on systems with the speakup driver could cause a local denial of service attack, aka CID-d41227544427. This occurs because of an invalid free when the line…

  • CVE-2026-47312MedMay 19, 2026
    risk 0.29cvss 5.5epss 0.00

    Release of invalid pointer or reference vulnerability in Samsung Open Source Escargot allows Buffer Manipulation. This issue affects Escargot: 590345cc6258317c5da850d846ce6baaf2afc2d3.

  • CVE-2007-4367Aug 15, 2007
    risk 0.01cvss epss 0.08

    Opera before 9.23 allows remote attackers to execute arbitrary code via crafted Javascript that triggers a "virtual function call on an invalid pointer."

  • CVE-2026-22770Jan 20, 2026
    risk 0.00cvss epss 0.00

    ImageMagick is free and open-source software used for editing and manipulating digital images. The BilateralBlurImage method will allocate a set of double buffers inside AcquireBilateralTLS. But, in versions prior to 7.1.2-13, the last element in the set is not properly…

  • CVE-2021-21401Mar 23, 2021
    risk 0.00cvss epss 0.02

    Nanopb is a small code-size Protocol Buffers implementation in ansi C. In Nanopb before versions 0.3.9.8 and 0.4.5, decoding a specifically formed message can cause invalid `free()` or `realloc()` calls if the message type contains an `oneof` field, and the `oneof` directly…

  • CVE-2017-18075HigJan 24, 2018
    risk 0.00cvss 7.8epss 0.00

    crypto/pcrypt.c in the Linux kernel before 4.14.13 mishandles freeing instances, allowing a local user able to access the AF_ALG-based AEAD interface (CONFIG_CRYPTO_USER_API_AEAD) and pcrypt (CONFIG_CRYPTO_PCRYPT) to cause a denial of service (kfree of an incorrect pointer) or…

  • CVE-2015-2695Nov 9, 2015
    risk 0.00cvss epss 0.06

    lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a denial of service (incorrect pointer read and process crash) via a crafted SPNEGO packet that is mishandled during a…