Total
600 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-29929 | 1 Endian Trait Project | 1 Endian Trait | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in the endian_trait crate through 2021-01-04 for Rust. A double drop can occur when a user-provided Endian impl panics. | |||||
| CVE-2021-29627 | 1 Freebsd | 1 Freebsd | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| In FreeBSD 13.0-STABLE before n245050, 12.2-STABLE before r369525, 13.0-RC4 before p0, and 12.2-RELEASE before p6, listening socket accept filters implementing the accf_create callback incorrectly freed a process supplied argument string. Additional operations on the socket can lead to a double free or use after free. | |||||
| CVE-2021-28041 | 4 Fedoraproject, Netapp, Openbsd and 1 more | 11 Fedora, Cloud Backup, Hci Compute Node and 8 more | 2024-11-21 | 4.6 MEDIUM | 7.1 HIGH |
| ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy operating system, or the forwarding of an agent to an attacker-controlled host. | |||||
| CVE-2021-28034 | 1 Stack Dst Project | 1 Stack Dst | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in the stack_dst crate before 0.6.1 for Rust. Because of the push_inner behavior, a double free can occur upon a val.clone() panic. | |||||
| CVE-2021-28031 | 1 Scratchpad Project | 1 Scratchpad | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in the scratchpad crate before 1.3.1 for Rust. The move_elements function can have a double-free upon a panic in a user-provided f function. | |||||
| CVE-2021-28028 | 1 Toodee Project | 1 Toodee | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in the toodee crate before 0.3.0 for Rust. Row insertion can cause a double free upon an iterator panic. | |||||
| CVE-2021-27033 | 1 Autodesk | 1 Design Review | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| A Double Free vulnerability allows remote attackers to execute arbitrary code on PDF files within affected installations of Autodesk Design Review 2018, 2017, 2013, 2012, 2011. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. | |||||
| CVE-2021-26954 | 1 Qwutils Project | 1 Qwutils | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered in the qwutils crate before 0.3.1 for Rust. When a Clone panic occurs, insert_slice_clone can perform a double drop. | |||||
| CVE-2021-25908 | 1 Fil-ocl Project | 1 Fil-ocl | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in the fil-ocl crate through 2021-01-04 for Rust. From<EventList> can lead to a double free. | |||||
| CVE-2021-25907 | 1 Containers Project | 1 Containers | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in the containers crate before 0.9.11 for Rust. When a panic occurs, a util::{mutate,mutate2} double drop can be performed. | |||||
| CVE-2021-25477 | 2 Google, Mediatek | 4 Android, Mt6762, Mt6765 and 1 more | 2024-11-21 | 4.0 MEDIUM | 4.4 MEDIUM |
| An improper error handling in Mediatek RRC Protocol stack prior to SMR Oct-2021 Release 1 allows modem crash and remote denial of service. | |||||
| CVE-2021-23158 | 1 Htmldoc Project | 1 Htmldoc | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| A flaw was found in htmldoc in v1.9.12. Double-free in function pspdf_export(),in ps-pdf.cxx may result in a write-what-where condition, allowing an attacker to execute arbitrary code and denial of service. | |||||
| CVE-2021-22425 | 1 Huawei | 1 Harmonyos | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| A component of the HarmonyOS has a Double Free vulnerability. Local attackers may exploit this vulnerability to cause Root Elevating Privileges. | |||||
| CVE-2021-22386 | 1 Huawei | 2 Emui, Magic Ui | 2024-11-21 | 6.9 MEDIUM | 7.0 HIGH |
| A component of the Huawei smartphone has a Double Free vulnerability. Local attackers may exploit this vulnerability to cause Root Elevation of Privileges. | |||||
| CVE-2021-22332 | 1 Huawei | 8 Cloudengine 12800, Cloudengine 12800 Firmware, Cloudengine 5800 and 5 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| There is a pointer double free vulnerability in some versions of CloudEngine 5800, CloudEngine 6800, CloudEngine 7800 and CloudEngine 12800. When a function is called, the same memory pointer is copied to two functional modules. Attackers can exploit this vulnerability by performing a malicious operation to cause the pointer double free. This may lead to module crash, compromising normal service. | |||||
| CVE-2021-22303 | 1 Huawei | 2 Taurus-al00a, Taurus-al00a Firmware | 2024-11-21 | 4.3 MEDIUM | 3.3 LOW |
| There is a pointer double free vulnerability in Taurus-AL00A 10.0.0.1(C00E1R1P1). There is a lack of muti-thread protection when a function is called. Attackers can exploit this vulnerability by performing malicious operation to cause pointer double free. This may lead to module crash, compromising normal service. | |||||
| CVE-2021-21797 | 1 Gonitro | 1 Nitro Pro | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable double-free vulnerability exists in the JavaScript implementation of Nitro Pro PDF. A specially crafted document can cause a reference to a timeout object to be stored in two different places. When closed, the document will result in the reference being released twice. This can lead to code execution under the context of the application. An attacker can convince a user to open a document to trigger this vulnerability. | |||||
| CVE-2021-1934 | 1 Qualcomm | 194 Apq8017, Apq8017 Firmware, Apq8053 and 191 more | 2024-11-21 | 7.2 HIGH | 8.4 HIGH |
| Possible memory corruption due to improper check when application loader object is explicitly destructed while application is unloading in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT | |||||
| CVE-2021-1910 | 1 Qualcomm | 746 Apq8009, Apq8009 Firmware, Apq8009w and 743 more | 2024-11-21 | 10.0 HIGH | 7.3 HIGH |
| Double free in video due to lack of input buffer length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
| CVE-2021-1888 | 1 Qualcomm | 310 Apq8017, Apq8017 Firmware, Apq8037 and 307 more | 2024-11-21 | 7.2 HIGH | 8.4 HIGH |
| Memory corruption in key parsing and import function due to double freeing the same heap allocation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables | |||||