Total
396 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-29933 | 1 Insert Many Project | 1 Insert Many | 2021-04-06 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in the insert_many crate through 2021-01-26 for Rust. Elements may be dropped twice if a .next() method panics. | |||||
CVE-2021-29931 | 1 Arenavec Project | 1 Arenavec | 2021-04-06 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in the arenavec crate through 2021-01-12 for Rust. A double drop can sometimes occur upon a panic in T::drop(). | |||||
CVE-2021-29938 | 1 Slice-deque Project | 1 Slice-deque | 2021-04-06 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in the slice-deque crate through 2021-02-19 for Rust. A double drop can occur in SliceDeque::drain_filter upon a panic in a predicate function. | |||||
CVE-2021-29940 | 1 Through Project | 1 Through | 2021-04-06 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered in the through crate through 2021-02-18 for Rust. There is a double free (in through and through_and) upon a panic of the map function. | |||||
CVE-2021-29929 | 1 Endian Trait Project | 1 Endian Trait | 2021-04-01 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in the endian_trait crate through 2021-01-04 for Rust. A double drop can occur when a user-provided Endian impl panics. | |||||
CVE-2021-0397 | 1 Google | 1 Android | 2021-03-15 | 7.5 HIGH | 9.8 CRITICAL |
In sdp_copy_raw_data of sdp_discovery.cc, there is a possible system compromise due to a double free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-174052148 | |||||
CVE-2021-0392 | 1 Google | 1 Android | 2021-03-12 | 4.6 MEDIUM | 7.8 HIGH |
In main of main.cpp, there is a possible memory corruption due to a double free. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-9Android ID: A-175124730 | |||||
CVE-2021-28034 | 1 Stack Dst Project | 1 Stack Dst | 2021-03-05 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered in the stack_dst crate before 0.6.1 for Rust. Because of the push_inner behavior, a double free can occur upon a val.clone() panic. | |||||
CVE-2021-28031 | 1 Scratchpad Project | 1 Scratchpad | 2021-03-05 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered in the scratchpad crate before 1.3.1 for Rust. The move_elements function can have a double-free upon a panic in a user-provided f function. | |||||
CVE-2021-28028 | 1 Toodee Project | 1 Toodee | 2021-03-05 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered in the toodee crate before 0.3.0 for Rust. Row insertion can cause a double free upon an iterator panic. | |||||
CVE-2021-26954 | 1 Qwutils Project | 1 Qwutils | 2021-02-16 | 5.0 MEDIUM | 5.3 MEDIUM |
An issue was discovered in the qwutils crate before 0.3.1 for Rust. When a Clone panic occurs, insert_slice_clone can perform a double drop. | |||||
CVE-2021-22303 | 1 Huawei | 2 Taurus-al00a, Taurus-al00a Firmware | 2021-02-10 | 4.3 MEDIUM | 3.3 LOW |
There is a pointer double free vulnerability in Taurus-AL00A 10.0.0.1(C00E1R1P1). There is a lack of muti-thread protection when a function is called. Attackers can exploit this vulnerability by performing malicious operation to cause pointer double free. This may lead to module crash, compromising normal service. | |||||
CVE-2020-36205 | 1 Xcb Project | 1 Xcb | 2021-02-02 | 2.1 LOW | 5.5 MEDIUM |
An issue was discovered in the xcb crate through 2020-12-10 for Rust. base::Error does not have soundness. Because of the public ptr field, a use-after-free or double-free can occur. | |||||
CVE-2007-1216 | 3 Canonical, Debian, Mit | 3 Ubuntu Linux, Debian Linux, Kerberos 5 | 2021-02-02 | 9.0 HIGH | N/A |
Double free vulnerability in the GSS-API library (lib/gssapi/krb5/k5unseal.c), as used by the Kerberos administration daemon (kadmind) in MIT krb5 before 1.6.1, when used with the authentication method provided by the RPCSEC_GSS RPC library, allows remote authenticated users to execute arbitrary code and modify the Kerberos key database via a message with an "an invalid direction encoding". | |||||
CVE-2004-0643 | 3 Debian, Mit, Redhat | 5 Debian Linux, Kerberos 5, Enterprise Linux Desktop and 2 more | 2021-02-02 | 4.6 MEDIUM | N/A |
Double free vulnerability in the krb5_rd_cred function for MIT Kerberos 5 (krb5) 1.3.1 and earlier may allow local users to execute arbitrary code. | |||||
CVE-2004-0642 | 3 Debian, Mit, Redhat | 5 Debian Linux, Kerberos 5, Enterprise Linux Desktop and 2 more | 2021-02-02 | 7.5 HIGH | N/A |
Double free vulnerabilities in the error handling code for ASN.1 decoders in the (1) Key Distribution Center (KDC) library and (2) client library for MIT Kerberos 5 (krb5) 1.3.4 and earlier may allow remote attackers to execute arbitrary code. | |||||
CVE-2021-25907 | 1 Containers Project | 1 Containers | 2021-02-02 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered in the containers crate before 0.9.11 for Rust. When a panic occurs, a util::{mutate,mutate2} double drop can be performed. | |||||
CVE-2021-25908 | 1 Fil-ocl Project | 1 Fil-ocl | 2021-02-02 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in the fil-ocl crate through 2021-01-04 for Rust. From<EventList> can lead to a double free. | |||||
CVE-2020-3685 | 1 Qualcomm | 506 Apq8009, Apq8009w, Apq8017 and 503 more | 2021-01-29 | 7.8 HIGH | 7.5 HIGH |
Pointer variable which is freed is not cleared can result in memory corruption and leads to denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2020-11217 | 1 Qualcomm | 193 Pm3003a, Pm4125, Pm6125 and 190 more | 2021-01-29 | 4.6 MEDIUM | 7.8 HIGH |
A possible double free or invalid memory access in audio driver while reading Speaker Protection parameters in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile |