CWE-415

High likelihood

Double Free

Parent: CWE-825 - Expired Pointer Dereference

The product calls free() twice on the same memory address.

786 vulnerabilities with CWE-415
CVE-2020-36223 HIGH
macOS 10.14.0-10.14.5 - Denial of Service via Values Return Filter Control Handling
CVSS 7.5
CVE-2020-36205 MEDIUM
xcb < 2020-12-10 - Use-After-Free in base::Error
CVSS 5.5
CVE-2020-3685 HIGH
Qualcomm APQ8009 - Use-After-Free
CVSS 7.5
CVE-2020-11217 HIGH
Qualcomm PM3003A and related - Use-After-Free in Audio Driver Speaker Protection Parameter Handling
CVSS 7.8
CVE-2020-35891 HIGH
ordnung < 2020-09-03 - Use-After-Free in compact::Vec remove()
CVSS 7.5
CVE-2020-35885 CRITICAL
alpm-rs < 2020-08-20 - Use-After-Free in StrcCtx
CVSS 9.8
CVE-2020-35862 CRITICAL
bitvec < 0.17.4 - Use-After-Free in BitVec to BitBox Conversion
CVSS 9.8
CVE-2020-16590 MEDIUM
GNU Binutils 2.35 - Double Free in BFD Symbol Table Processing
CVSS 5.5
CVE-2020-15710 MEDIUM
PulseAudio - Double Free in Bluez 5 Module
CVSS 5.3
CVE-2020-17019 HIGH
Microsoft Office - Remote Code Execution via Double Free
CVSS 7.8
CVE-2020-16970 HIGH
Azure Sphere < 20.07 - Unauthenticated Remote Code Execution via Double Free
CVSS 8.1
CVE-2020-9747 HIGH
Adobe Animate < 20.5 - Double Free via Crafted .fla File
CVSS 7.8
CVE-2020-1686 HIGH
Juniper Junos OS 18.4-19.4 - Denial of Service via Malformed IPv6 Packet
CVSS 7.5
CVE-2020-27153 HIGH
BlueZ < 5.55 - Double Free in GATT Service Discovery
CVSS 8.6
CVE-2020-25637 MEDIUM
libvirt < 6.8.0 - Double Free in QEMU Domain Network Interface Request
CVSS 6.7
CVE-2020-5988 HIGH
NVIDIA Virtual GPU Manager - Info Disclosure/DoS
CVSS 7.1
CVE-2020-24698 CRITICAL
PowerDNS Authoritative <4.3.0 - RCE
CVSS 9.8
CVE-2020-25773 HIGH
Trend Micro Apex One - Remote Code Execution via Corrupted Configuration File Import
CVSS 7.8
CVE-2020-0392 HIGH
Android - Use-After-Free in SurfaceFlinger
CVSS 7.8
CVE-2020-25559 HIGH
gnuplot 5.5 - Double Free in print_set_output
CVSS 7.8
CVE-2020-24978 CRITICAL
NASM 2.15.04rc3 - Double Free in pp_tokline
CVSS 9.8
CVE-2020-17498 MEDIUM
Wireshark 3.2.0-3.2.5 - Use After Free
CVSS 6.5
CVE-2020-0241 HIGH
Android - Use-After-Free in NuPlayerStreamListener
CVSS 7.8
CVE-2020-16217 HIGH
Advantech WebAccess HMI Designer < 2.1.9.31 - Double Free via Crafted Project File
CVSS 7.8
CVE-2020-1647 CRITICAL
Juniper Junos OS on SRX Series Double Free via ICAP HTTP Message Processing
CVSS 9.8
Details
Vulnerabilities 786
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits