CWE-415— Double Free
719 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-415page 1 of 15
- CVE-2003-0015NONECVSS 0.0EG 0.02003-02-07
Double-free vulnerability in CVS 1.11.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed Directory request, as demonstrated by bypassing write checks to execute Update-pro…
- CVE-2003-1048HIGHCVSS 7.8EG 7.82004-07-27
Double free vulnerability in mshtml.dll for certain versions of Internet Explorer 6.x allows remote attackers to cause a denial of service (application crash) via a malformed GIF image.
- CVE-2004-0642NONECVSS 0.0EG 0.02004-09-28
Double free vulnerabilities in the error handling code for ASN.1 decoders in the (1) Key Distribution Center (KDC) library and (2) client library for MIT Kerberos 5 (krb5) 1.3.4 and earlier may allow remote attackers to execute arbitrary c…
- CVE-2004-0643NONECVSS 0.0EG 0.02004-09-28
Double free vulnerability in the krb5_rd_cred function for MIT Kerberos 5 (krb5) 1.3.1 and earlier may allow local users to execute arbitrary code.
- CVE-2005-0891HIGHCVSS 7.5EG 7.52005-05-02
Double free vulnerability in gtk 2 (gtk2) before 2.2.4 allows remote attackers to cause a denial of service (crash) via a crafted BMP image.
- CVE-2007-1216NONECVSS 0.0EG 0.02007-04-06
Double free vulnerability in the GSS-API library (lib/gssapi/krb5/k5unseal.c), as used by the Kerberos administration daemon (kadmind) in MIT krb5 before 1.6.1, when used with the authentication method provided by the RPCSEC_GSS RPC librar…
- CVE-2007-4773CRITICALCVSS 9.8EG 9.82020-01-15
Systrace before 1.6.0 has insufficient escape policy enforcement.
- CVE-2008-2944NONECVSS 0.0EG 0.02008-06-30
Double free vulnerability in the utrace support in the Linux kernel, probably 2.6.18, in Red Hat Enterprise Linux (RHEL) 5 and Fedora Core 6 (FC6) allows local users to cause a denial of service (oops), as demonstrated by a crash when runn…
- CVE-2009-1544HIGHCVSS 8.8EG 8.82009-08-12
Double free vulnerability in the Workstation service in Microsoft Windows allows remote authenticated users to gain privileges via a crafted RPC message to a Windows XP SP2 or SP3 or Server 2003 SP2 system, or cause a denial of service via…
- CVE-2010-3080NONECVSS 0.0EG 0.02010-09-21
Double free vulnerability in the snd_seq_oss_open function in sound/core/seq/oss/seq_oss_init.c in the Linux kernel before 2.6.36-rc4 might allow local users to cause a denial of service or possibly have unspecified other impact via an uns…
- CVE-2010-3957HIGHCVSS 7.3EG 7.32010-12-16
Double free vulnerability in the OpenType Font (OTF) driver in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges…
- CVE-2010-4494NONECVSS 0.0EG 0.02010-12-07
Double free vulnerability in libxml2 2.7.8 and other versions, as used in Google Chrome before 8.0.552.215 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors relat…
- CVE-2011-1803MEDIUMCVSS 6.5EG 6.52019-11-12
An issue exists in third_party/WebKit/Source/WebCore/svg/animation/SVGSMILElement.h in WebKit in Google Chrome before Blink M11 and M12 when trying to access a removed smil element.
- CVE-2011-2335HIGHCVSS 7.5EG 7.52019-11-12
A double-free vulnerability exists in WebKit in Google Chrome before Blink M12 in the WebCore::CSSSelector function.
- CVE-2011-2821NONECVSS 0.0EG 0.02011-08-29
Double free vulnerability in libxml2, as used in Google Chrome before 13.0.782.215, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted XPath expression.
- CVE-2011-2834NONECVSS 0.0EG 0.02011-09-19
Double free vulnerability in libxml2, as used in Google Chrome before 14.0.835.163, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling.
- CVE-2011-3892NONECVSS 0.0EG 0.02011-11-11
Double free vulnerability in the Theora decoder in Google Chrome before 15.0.874.120 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted stream.
- CVE-2014-0301NONECVSS 0.0EG 0.02014-03-12
Double free vulnerability in qedit.dll in DirectShow in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold a…
- CVE-2014-0502HIGHCVSS 8.8EG 9.0⚠ KEV2014-02-21
Double free vulnerability in Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows and Mac OS X and before 11.2.202.341 on Linux, Adobe AIR before 4.0.0.1628 on Android, Adobe AIR SDK before 4.0.0.162…
- CVE-2014-1252NONECVSS 0.0EG 0.02014-01-24
Double free vulnerability in Apple Pages 2.x before 2.1 and 5.x before 5.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Microsoft Word file.
- CVE-2014-1767NONECVSS 0.0EG 0.02014-07-08
Double free vulnerability in the Ancillary Function Driver (AFD) in afd.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Wind…
- CVE-2014-4343NONECVSS 0.0EG 0.02014-08-14
Double free vulnerability in the init_ctx_reselect function in the SPNEGO initiator in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.10.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (m…
- CVE-2015-0058NONECVSS 0.0EG 0.02015-02-11
Double free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows 8.1, Windows Server 2012 R2, and Windows RT 8.1 allows local users to gain privileges via a crafted application, aka "Windows Cursor Object Double Free…
- CVE-2015-0312NONECVSS 0.0EG 0.02015-01-28
Double free vulnerability in Adobe Flash Player before 13.0.0.264 and 14.x through 16.x before 16.0.0.296 on Windows and OS X and before 11.2.202.440 on Linux allows attackers to execute arbitrary code via unspecified vectors.
- CVE-2015-9165CRITICALCVSS 9.8EG 9.82018-04-18
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 617, SD 650/52, SD 808, and S…
- CVE-2016-8618MEDIUMCVSS 5.3EG 9.82018-07-31
The libcurl API function called `curl_maprintf()` before version 7.51.0 can be tricked into doing a double-free due to an unsafe `size_t` multiplication, on systems using 32 bit `size_t` variables.
- CVE-2016-8619MEDIUMCVSS 5.3EG 9.82018-08-01
The function `read_data()` in security.c in curl before version 7.51.0 is vulnerable to memory double free.
- CVE-2016-9969HIGHCVSS 7.5EG 7.52019-05-23
In libwebp 0.5.1, there is a double free bug in libwebpmux.
- CVE-2017-13181HIGHCVSS 7.8EG 7.82018-01-12
In the doGetThumb and getThumbnail functions of MtpServer, there is a possible double free due to not NULLing out a freed pointer. This could lead to an local elevation of privilege enabling code execution as a privileged process with no a…
- CVE-2017-14449HIGHCVSS 7.5EG 8.82018-04-24
A double-Free vulnerability exists in the XCF image rendering functionality of SDL2_image-2.0.2. A specially crafted XCF image can cause a Double-Free situation to occur. An attacker can display a specially crafted image to trigger this vu…
- CVE-2017-15330MEDIUMCVSS 5.5EG 5.52018-02-15
The Flp Driver in some Huawei smartphones of the software Vicky-AL00AC00B124D, Vicky-AL00AC00B157D, Vicky-AL00AC00B167 has a double free vulnerability. An attacker can trick a user to install a malicious application which has a high privil…
- CVE-2017-15826HIGHCVSS 7.8EG 7.82018-03-30
Due to a race condition in MDSS rotator in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-20, a double free vulnerability may potentially exist when two threads free the same perf structures.
- CVE-2017-15843HIGHCVSS 7.0EG 7.02018-06-12
Due to a race condition in a bus driver, a double free in msm_bus_floor_vote_context() can potentially occur in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
- CVE-2017-15856HIGHCVSS 7.0EG 7.02018-07-06
Due to a race condition while processing the power stats debug file to read status, a double free condition can occur in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security pa…
- CVE-2017-17320HIGHCVSS 7.8EG 7.82018-03-20
Huawei Mate 9 Pro smartphones with software of LON-AL00BC00B139D, LON-AL00BC00B229, LON-L29DC721B188 have a memory double free vulnerability. The system does not manage the memory properly, that frees on the same memory address twice. An a…
- CVE-2017-18120HIGHCVSS 7.8EG 7.82018-02-02
A double-free bug in the read_gif function in gifread.c in gifsicle 1.90 allows a remote attacker to cause a denial-of-service attack or unspecified other impact via a maliciously crafted file, because last_name is mishandled, a different …
- CVE-2017-18174CRITICALCVSS 9.8EG 9.82018-02-11
In the Linux kernel before 4.7, the amd_gpio_remove function in drivers/pinctrl/pinctrl-amd.c calls the pinctrl_unregister function, leading to a double free.
- CVE-2017-18201CRITICALCVSS 9.8EG 9.82018-02-26
An issue was discovered in GNU libcdio before 2.0.0. There is a double free in get_cdtext_generic() in lib/driver/_cdio_generic.c.
- CVE-2017-18297HIGHCVSS 7.8EG 7.82018-10-23
Double memory free while closing TEE SE API Session management in Snapdragon Mobile in version SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820.
- CVE-2017-18594HIGHCVSS 7.5EG 7.52019-08-29
nse_libssh2.cc in Nmap 7.70 is subject to a denial of service condition due to a double free when an SSH connection fails, as demonstrated by a leading \n character to ssh-brute.nse or ssh-auth-methods.nse.
- CVE-2017-18595HIGHCVSS 7.8EG 7.82019-09-04
An issue was discovered in the Linux kernel before 4.14.11. A double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c.
- CVE-2017-9705HIGHCVSS 7.8EG 7.82018-01-10
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, concurrent rx notifications and read() operations in the G-Link PKT driver can result in a double free condition due to missing…
- CVE-2018-0101CRITICALCVSS 10.0EG 10.02018-01-29
A vulnerability in the Secure Sockets Layer (SSL) VPN functionality of the Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute cod…
- CVE-2018-0102HIGHCVSS 7.4EG 7.42018-01-18
A vulnerability in the Pong tool of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability exists because the affe…
- CVE-2018-0160MEDIUMCVSS 6.3EG 6.32018-03-28
A vulnerability in Simple Network Management Protocol (SNMP) subsystem of Cisco IOS XE Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper management of …
- CVE-2018-0469MEDIUMCVSS 6.8EG 6.82018-10-05
A vulnerability in the web user interface of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to a double-free-in-memory handling by the affected software…
- CVE-2018-1000216HIGHCVSS 8.8EG 8.82018-08-20
Dave Gamble cJSON version 1.7.2 and earlier contains a CWE-415: Double Free vulnerability in cJSON library that can result in Possible crash or RCE. This attack appear to be exploitable via Attacker must be able to force victim to print JS…
- CVE-2018-1000222HIGHCVSS 8.8EG 8.82018-08-20
Libgd version 2.2.5 contains a Double Free Vulnerability vulnerability in gdImageBmpPtr Function that can result in Remote Code Execution . This attack appear to be exploitable via Specially Crafted Jpeg Image can trigger double free. This…
- CVE-2018-1000877HIGHCVSS 8.8EG 8.82018-12-20
libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards) contains a CWE-415: Double Free vulnerability in RAR decoder - libarchive/archive_read_support_format_rar.c, parse_codes(), realloc(rar->lz…
- CVE-2018-10902HIGHCVSS 7.8EG 7.82018-08-21
It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handl…
Map vulnerabilities like CWE-415 to your infrastructure
EchelonGraph correlates every CVE — across CWE-415 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →