Total
396 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-6952 | 1 Gnu | 1 Patch | 2019-04-17 | 5.0 MEDIUM | 7.5 HIGH |
A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6. | |||||
CVE-2018-11840 | 1 Google | 1 Android | 2019-04-05 | 7.2 HIGH | 7.8 HIGH |
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing the WLAN driver command ioctl a temporary buffer used to construct the reply message may be freed twice. | |||||
CVE-2019-6978 | 3 Canonical, Debian, Libgd | 3 Ubuntu Linux, Debian Linux, Libgd | 2019-04-04 | 7.5 HIGH | 9.8 CRITICAL |
The GD Graphics Library (aka LibGD) 2.2.5 has a double free in the gdImage*Ptr() functions in gd_gif_out.c, gd_jpeg.c, and gd_wbmp.c. NOTE: PHP is unaffected. | |||||
CVE-2019-0122 | 3 Intel, Linux, Microsoft | 3 Software Guard Extensions Sdk, Linux Kernel, Windows | 2019-03-18 | 3.6 LOW | 7.1 HIGH |
Double free in Intel(R) SGX SDK for Linux before version 2.2 and Intel(R) SGX SDK for Windows before version 2.1 may allow an authenticated user to potentially enable information disclosure or denial of service via local access. | |||||
CVE-2015-1207 | 2 Debian, Google | 2 Debian Linux, Chrome | 2019-03-04 | 4.3 MEDIUM | 6.5 MEDIUM |
Double-free vulnerability in libavformat/mov.c in FFMPEG in Google Chrome 41.0.2251.0 allows remote attackers to cause a denial of service (memory corruption and crash) via a crafted .m4a file. | |||||
CVE-2014-1767 | 1 Microsoft | 9 Windows 7, Windows 8, Windows 8.1 and 6 more | 2019-02-26 | 7.2 HIGH | N/A |
Double free vulnerability in the Ancillary Function Driver (AFD) in afd.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, aka "Ancillary Function Driver Elevation of Privilege Vulnerability." | |||||
CVE-2019-6455 | 1 Gnu | 1 Recutils | 2019-01-17 | 4.3 MEDIUM | 6.5 MEDIUM |
An issue was discovered in GNU Recutils 1.8. There is a double-free problem in the function rec_mset_elem_destroy() in the file rec-mset.c. | |||||
CVE-2018-11987 | 1 Google | 1 Android | 2019-01-09 | 4.6 MEDIUM | 7.8 HIGH |
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, if there is an unlikely memory alloc failure for the secure pool in boot, it can result in wrong pointer access causing kernel panic. | |||||
CVE-2018-11918 | 1 Google | 1 Android | 2018-12-21 | 4.6 MEDIUM | 7.8 HIGH |
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, memory allocated is automatically released by the kernel if the 'probe' function fails with an error code. | |||||
CVE-2018-11823 | 1 Google | 1 Android | 2018-12-21 | 4.6 MEDIUM | 7.8 HIGH |
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, freeing device memory in driver probe failure will result in double free issue in power module. | |||||
CVE-2017-18174 | 1 Linux | 1 Linux Kernel | 2018-12-21 | 7.5 HIGH | 9.8 CRITICAL |
In the Linux kernel before 4.7, the amd_gpio_remove function in drivers/pinctrl/pinctrl-amd.c calls the pinctrl_unregister function, leading to a double free. | |||||
CVE-2018-9356 | 1 Google | 1 Android | 2018-12-14 | 10.0 HIGH | 9.8 CRITICAL |
In bnep_data_ind of bnep_main.c, there is a possible remote code execution due to a double free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-74950468. | |||||
CVE-2018-9415 | 2 Canonical, Google | 2 Ubuntu Linux, Android | 2018-12-12 | 4.6 MEDIUM | 7.8 HIGH |
In driver_override_store and driver_override_show of bus.c, there is a possible double free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-69129004 References: Upstream kernel. | |||||
CVE-2017-18297 | 1 Qualcomm | 14 Sd 425, Sd 425 Firmware, Sd 430 and 11 more | 2018-12-07 | 7.2 HIGH | 7.8 HIGH |
Double memory free while closing TEE SE API Session management in Snapdragon Mobile in version SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820. | |||||
CVE-2018-18718 | 2 Debian, Gnome | 2 Debian Linux, Gthumb | 2018-12-07 | 4.6 MEDIUM | 7.8 HIGH |
An issue was discovered in gThumb through 3.6.2. There is a double-free vulnerability in the add_themes_from_dir method in dlg-contact-sheet.c because of two successive calls of g_free, each of which frees the same buffer. | |||||
CVE-2018-11982 | 1 Qualcomm | 56 Mdm9206, Mdm9206 Firmware, Mdm9607 and 53 more | 2018-11-23 | 8.3 HIGH | 8.8 HIGH |
In Snapdragon (Mobile, Wear) in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 835, Snapdragon_High_Med_2016, a double free of ASN1 heap memory used for EUTRA CAP container occurs during UTRAN to LTE Capability inquiry procedure. | |||||
CVE-2015-5203 | 4 Fedoraproject, Jasper Project, Opensuse and 1 more | 5 Fedora, Jasper, Leap and 2 more | 2018-11-22 | 4.3 MEDIUM | 5.5 MEDIUM |
Double free vulnerability in the jasper_image_stop_load function in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via a crafted JPEG 2000 image file. | |||||
CVE-2018-9513 | 1 Google | 1 Android | 2018-11-20 | 7.2 HIGH | 7.8 HIGH |
In copy_process of fork.c, there is possible memory corruption due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-111081202 References: N/A | |||||
CVE-2016-8618 | 1 Haxx | 1 Curl | 2018-11-13 | 7.5 HIGH | 9.8 CRITICAL |
The libcurl API function called `curl_maprintf()` before version 7.51.0 can be tricked into doing a double-free due to an unsafe `size_t` multiplication, on systems using 32 bit `size_t` variables. | |||||
CVE-2018-11276 | 1 Google | 1 Android | 2018-11-09 | 4.6 MEDIUM | 7.8 HIGH |
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, double free of memory allocation is possible in Kernel when it explicitly tries to free that memory on driver probe failure, since memory allocated is automatically freed on probe. |