Total
782 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-29627 | 1 Freebsd | 1 Freebsd | 2026-06-17 | 7.2 HIGH | 7.8 HIGH |
| In FreeBSD 13.0-STABLE before n245050, 12.2-STABLE before r369525, 13.0-RC4 before p0, and 12.2-RELEASE before p6, listening socket accept filters implementing the accf_create callback incorrectly freed a process supplied argument string. Additional operations on the socket can lead to a double free or use after free. | |||||
| CVE-2021-28041 | 4 Fedoraproject, Netapp, Openbsd and 1 more | 11 Fedora, Cloud Backup, Hci Compute Node and 8 more | 2026-06-17 | 4.6 MEDIUM | 7.1 HIGH |
| ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy operating system, or the forwarding of an agent to an attacker-controlled host. | |||||
| CVE-2021-28034 | 1 Stack Dst Project | 1 Stack Dst | 2026-06-17 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in the stack_dst crate before 0.6.1 for Rust. Because of the push_inner behavior, a double free can occur upon a val.clone() panic. | |||||
| CVE-2021-28031 | 1 Scratchpad Project | 1 Scratchpad | 2026-06-17 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in the scratchpad crate before 1.3.1 for Rust. The move_elements function can have a double-free upon a panic in a user-provided f function. | |||||
| CVE-2021-28028 | 1 Toodee Project | 1 Toodee | 2026-06-17 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in the toodee crate before 0.3.0 for Rust. Row insertion can cause a double free upon an iterator panic. | |||||
| CVE-2021-27645 | 3 Debian, Fedoraproject, Gnu | 3 Debian Linux, Fedora, Glibc | 2026-06-17 | 1.9 LOW | 2.5 LOW |
| The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 through 2.33, when processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in degraded service or Denial of Service on the local system. This is related to netgroupcache.c. | |||||
| CVE-2021-27033 | 1 Autodesk | 1 Design Review | 2026-06-17 | 6.8 MEDIUM | 7.8 HIGH |
| A Double Free vulnerability allows remote attackers to execute arbitrary code on PDF files within affected installations of Autodesk Design Review 2018, 2017, 2013, 2012, 2011. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. | |||||
| CVE-2021-26954 | 1 Qwutils Project | 1 Qwutils | 2026-06-17 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered in the qwutils crate before 0.3.1 for Rust. When a Clone panic occurs, insert_slice_clone can perform a double drop. | |||||
| CVE-2021-25908 | 1 Fil-ocl Project | 1 Fil-ocl | 2026-06-17 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in the fil-ocl crate through 2021-01-04 for Rust. From<EventList> can lead to a double free. | |||||
| CVE-2021-25907 | 1 Containers Project | 1 Containers | 2026-06-17 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in the containers crate before 0.9.11 for Rust. When a panic occurs, a util::{mutate,mutate2} double drop can be performed. | |||||
| CVE-2021-25477 | 2 Google, Mediatek | 4 Android, Mt6762, Mt6765 and 1 more | 2026-06-17 | 4.0 MEDIUM | 4.4 MEDIUM |
| An improper error handling in Mediatek RRC Protocol stack prior to SMR Oct-2021 Release 1 allows modem crash and remote denial of service. | |||||
| CVE-2021-23158 | 1 Htmldoc Project | 1 Htmldoc | 2026-06-17 | 7.5 HIGH | 9.8 CRITICAL |
| A flaw was found in htmldoc in v1.9.12. Double-free in function pspdf_export(),in ps-pdf.cxx may result in a write-what-where condition, allowing an attacker to execute arbitrary code and denial of service. | |||||
| CVE-2021-22945 | 8 Apple, Debian, Fedoraproject and 5 more | 25 Macos, Debian Linux, Fedora and 22 more | 2026-06-17 | 5.8 MEDIUM | 9.1 CRITICAL |
| When sending data to an MQTT server, libcurl <= 7.73.0 and 7.78.0 could in some circumstances erroneously keep a pointer to an already freed memory area and both use that again in a subsequent call to send data and also free it *again*. | |||||
| CVE-2021-22600 | 3 Debian, Linux, Netapp | 20 Debian Linux, Linux Kernel, 8300 and 17 more | 2026-06-17 | 7.2 HIGH | 6.6 MEDIUM |
| A double free bug in packet_set_ring() in net/packet/af_packet.c can be exploited by a local user through crafted syscalls to escalate privileges or deny service. We recommend upgrading kernel past the effected versions or rebuilding past ec6af094ea28f0f2dda1a6a33b14cd57e36a9755 | |||||
| CVE-2021-22425 | 1 Huawei | 1 Harmonyos | 2026-06-17 | 7.2 HIGH | 7.8 HIGH |
| A component of the HarmonyOS has a Double Free vulnerability. Local attackers may exploit this vulnerability to cause Root Elevating Privileges. | |||||
| CVE-2021-22386 | 1 Huawei | 2 Emui, Magic Ui | 2026-06-17 | 6.9 MEDIUM | 7.0 HIGH |
| A component of the Huawei smartphone has a Double Free vulnerability. Local attackers may exploit this vulnerability to cause Root Elevation of Privileges. | |||||
| CVE-2021-22332 | 1 Huawei | 8 Cloudengine 12800, Cloudengine 12800 Firmware, Cloudengine 5800 and 5 more | 2026-06-17 | 5.0 MEDIUM | 7.5 HIGH |
| There is a pointer double free vulnerability in some versions of CloudEngine 5800, CloudEngine 6800, CloudEngine 7800 and CloudEngine 12800. When a function is called, the same memory pointer is copied to two functional modules. Attackers can exploit this vulnerability by performing a malicious operation to cause the pointer double free. This may lead to module crash, compromising normal service. | |||||
| CVE-2021-22303 | 1 Huawei | 2 Taurus-al00a, Taurus-al00a Firmware | 2026-06-17 | 4.3 MEDIUM | 3.3 LOW |
| There is a pointer double free vulnerability in Taurus-AL00A 10.0.0.1(C00E1R1P1). There is a lack of muti-thread protection when a function is called. Attackers can exploit this vulnerability by performing malicious operation to cause pointer double free. This may lead to module crash, compromising normal service. | |||||
| CVE-2021-21797 | 1 Gonitro | 1 Nitro Pro | 2026-06-17 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable double-free vulnerability exists in the JavaScript implementation of Nitro Pro PDF. A specially crafted document can cause a reference to a timeout object to be stored in two different places. When closed, the document will result in the reference being released twice. This can lead to code execution under the context of the application. An attacker can convince a user to open a document to trigger this vulnerability. | |||||
| CVE-2021-1934 | 1 Qualcomm | 194 Apq8017, Apq8017 Firmware, Apq8053 and 191 more | 2026-06-17 | 7.2 HIGH | 8.4 HIGH |
| Possible memory corruption due to improper check when application loader object is explicitly destructed while application is unloading in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT | |||||