Total
559 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2021-0397 | 1 Google | 1 Android | 2024-08-03 | 9.8 Critical |
In sdp_copy_raw_data of sdp_discovery.cc, there is a possible system compromise due to a double free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-174052148 | ||||
CVE-2021-0392 | 1 Google | 1 Android | 2024-08-03 | 7.8 High |
In main of main.cpp, there is a possible memory corruption due to a double free. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-9Android ID: A-175124730 | ||||
CVE-2022-47975 | 1 Huawei | 2 Emui, Harmonyos | 2024-08-03 | 7.5 High |
The DUBAI module has a double free vulnerability. Successful exploitation of this vulnerability may affect system availability. | ||||
CVE-2022-42915 | 6 Apple, Fedoraproject, Haxx and 3 more | 14 Macos, Fedora, Curl and 11 more | 2024-08-03 | 8.1 High |
curl before 7.86.0 has a double free. If curl is told to use an HTTP proxy for a transfer with a non-HTTP(S) URL, it sets up the connection to the remote server by issuing a CONNECT request to the proxy, and then tunnels the rest of the protocol through. An HTTP proxy might refuse this request (HTTP proxies often only allow outgoing connections to specific port numbers, like 443 for HTTPS) and instead return a non-200 status code to the client. Due to flaws in the error/cleanup handling, this could trigger a double free in curl if one of the following schemes were used in the URL for the transfer: dict, gopher, gophers, ldap, ldaps, rtmp, rtmps, or telnet. The earliest affected version is 7.77.0. | ||||
CVE-2022-40522 | 1 Qualcomm | 108 Csr8811, Csr8811 Firmware, Ipq6000 and 105 more | 2024-08-03 | 8.4 High |
Memory corruption in Linux Networking due to double free while handling a hyp-assign. | ||||
CVE-2022-40515 | 1 Qualcomm | 318 Apq8009, Apq8009 Firmware, Apq8009w and 315 more | 2024-08-03 | 7.3 High |
Memory corruption in Video due to double free while playing 3gp clip with invalid metadata atoms. | ||||
CVE-2022-40507 | 1 Qualcomm | 484 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 481 more | 2024-08-03 | 8.4 High |
Memory corruption due to double free in Core while mapping HLOS address to the list. | ||||
CVE-2022-40304 | 4 Apple, Netapp, Redhat and 1 more | 25 Ipados, Iphone Os, Macos and 22 more | 2024-08-03 | 7.8 High |
An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be provoked. | ||||
CVE-2022-39170 | 2 Fedoraproject, Libdwarf Project | 2 Fedora, Libdwarf | 2024-08-03 | 8.8 High |
libdwarf 0.4.1 has a double free in _dwarf_exec_frame_instr in dwarf_frame.c. | ||||
CVE-2022-39002 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-08-03 | 9.8 Critical |
Double free vulnerability in the storage module. Successful exploitation of this vulnerability will cause the memory to be freed twice. | ||||
CVE-2022-36234 | 1 Simplenetwork Project | 1 Simplenetwork | 2024-08-03 | 7.5 High |
SimpleNetwork TCP Server commit 29bc615f0d9910eb2f59aa8dff1f54f0e3af4496 was discovered to contain a double free vulnerability which is exploited via crafted TCP packets. | ||||
CVE-2022-36043 | 1 Rizin | 1 Rizin | 2024-08-03 | 7.8 High |
Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to a double free in bobj.c:rz_bin_reloc_storage_free() when freeing relocations generated from qnx binary plugin. A user opening a malicious qnx binary could be affected by this vulnerability, allowing an attacker to execute code on the user's machine. Commit number a3d50c1ea185f3f642f2d8180715f82d98840784 contains a patch for this issue. | ||||
CVE-2022-34494 | 1 Linux | 1 Linux Kernel | 2024-08-03 | 5.5 Medium |
rpmsg_virtio_add_ctrl_dev in drivers/rpmsg/virtio_rpmsg_bus.c in the Linux kernel before 5.18.4 has a double free. | ||||
CVE-2022-34495 | 1 Linux | 1 Linux Kernel | 2024-08-03 | 5.5 Medium |
rpmsg_probe in drivers/rpmsg/virtio_rpmsg_bus.c in the Linux kernel before 5.18.4 has a double free. | ||||
CVE-2022-33227 | 1 Qualcomm | 142 Aqt1000, Aqt1000 Firmware, Csrb31024 and 139 more | 2024-08-03 | 6.7 Medium |
Memory corruption in Linux android due to double free while calling unregister provider after register call. | ||||
CVE-2022-33307 | 1 Qualcomm | 220 Aqt1000, Aqt1000 Firmware, Qam8255p and 217 more | 2024-08-03 | 8.4 High |
Memory Corruption due to double free in automotive when a bad HLOS address for one of the lists to be mapped is passed. | ||||
CVE-2022-33231 | 1 Qualcomm | 438 315 5g Iot Modem, 315 5g Iot Modem Firmware, 8098 and 435 more | 2024-08-03 | 9.3 Critical |
Memory corruption due to double free in core while initializing the encryption key. | ||||
CVE-2022-33033 | 1 Gnu | 1 Libredwg | 2024-08-03 | 7.8 High |
LibreDWG v0.12.4.4608 was discovered to contain a double-free via the function dwg_read_file at dwg.c. | ||||
CVE-2022-32614 | 2 Google, Mediatek | 10 Android, M6789, Mt6855 and 7 more | 2024-08-03 | 6.7 Medium |
In audio, there is a possible memory corruption due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07310571; Issue ID: ALPS07310571. | ||||
CVE-2022-31614 | 1 Nvidia | 1 Virtual Gpu | 2024-08-03 | 7 High |
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin) where it may double-free some resources. An attacker may exploit this vulnerability with other vulnerabilities to cause denial of service, code execution, and information disclosure. |