CWE-415 · Double Free
797 CVEs classified under CWE-415 (Double Free). Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2018-0101 | Critical | 10.0 | 2018-01-29 | A vulnerability in the Secure Sockets Layer (SSL) VPN functionality of the Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, rem… |
CVE-2020-37239 | Critical | 9.8 | 2026-05-16 | libbabl 0.1.62 contains a broken double free detection vulnerability that allows attackers to bypass memory safety checks by exploiting signature overwriting i… |
CVE-2026-43011 | Critical | 9.8 | 2026-05-01 | In the Linux kernel, the following vulnerability has been resolved: net/x25: Fix potential double free of skb When alloc_skb fails in x25_queue_rx_frame it c… |
CVE-2026-31609 | Critical | 9.8 | 2026-04-24 | In the Linux kernel, the following vulnerability has been resolved: smb: client: avoid double-free in smbd_free_send_io() after smbd_send_batch_flush() smbd_… |
CVE-2026-31608 | Critical | 9.8 | 2026-04-24 | In the Linux kernel, the following vulnerability has been resolved: smb: server: avoid double-free in smb_direct_free_sendmsg after smb_direct_flush_send_list… |
CVE-2026-33824 | Critical | 9.8 | 2026-04-14 | Double free in Windows IKE Extension allows an unauthorized attacker to execute code over a network. |
CVE-2024-35368 | Critical | 9.8 | 2024-11-29 | FFmpeg n7.0 is affected by a Double Free via the rkmpp_retrieve_frame function within libavcodec/rkmppdec.c. |
CVE-2024-11704 | Critical | 9.8 | 2024-11-26 | A double-free issue could have occurred in `sec_pkcs7_decoder_start_decrypt()` when handling an error path. Under specific conditions, the same symmetric key c… |
CVE-2024-10934 | Critical | 9.8 | 2024-11-15 | In OpenBSD 7.5 before errata 008 and OpenBSD 7.4 before errata 021, avoid possible mbuf double free in NFS client and server implementation, do not use uninit… |
CVE-2024-27099 | Critical | 9.8 | 2024-02-27 | The uAMQP is a C library for AMQP 1.0 communication to Azure Cloud Services. When processing an incorrect `AMQP_VALUE` failed state, may cause a double free pr… |
CVE-2024-23809 | Critical | 9.8 | 2024-02-20 | A double-free vulnerability exists in the BrainVision ASCII Header Parsing functionality of The Biosig Project libbiosig 2.5.0 and Master Branch (ab0ee111). A… |
CVE-2024-22097 | Critical | 9.8 | 2024-02-20 | A double-free vulnerability exists in the BrainVision Header Parsing functionality of The Biosig Project libbiosig Master Branch (ab0ee111) and 2.5.0. A specia… |
CVE-2023-49937 | Critical | 9.8 | 2023-12-14 | An issue was discovered in SchedMD Slurm 22.05.x, 23.02.x, and 23.11.x. Because of a double free, attackers can cause a denial of service or possibly execute a… |
CVE-2023-35784 | Critical | 9.8 | 2023-06-16 | A double free or use after free could occur after SSL_clear in OpenBSD 7.2 before errata 026 and 7.3 before errata 004, and in LibreSSL before 3.6.3 and 3.7.x… |
CVE-2021-33304 | Critical | 9.8 | 2023-02-15 | Double Free vulnerability in virtualsquare picoTCP v1.7.0 and picoTCP-NG v2.1 in modules/pico_fragments.c in function pico_fragments_reassemble, allows attacke… |
CVE-2022-3806 | Critical | 9.8 | 2023-01-25 | Inconsistent handling of error cases in bluetooth hci may lead to a double free condition of a network buffer. |
CVE-2022-44640 | Critical | 9.8 | 2022-12-25 | Heimdal before 7.7.1 allows remote attackers to execute arbitrary code because of an invalid free in the ASN.1 codec used by the Key Distribution Center (KDC). |
CVE-2022-0699 | Critical | 9.8 | 2022-10-17 | A double-free condition exists in contrib/shpsort.c of shapelib 1.5.0 and older releases. This issue may allow an attacker to cause a denial of service or have… |
CVE-2022-39002 | Critical | 9.8 | 2022-09-16 | Double free vulnerability in the storage module. Successful exploitation of this vulnerability will cause the memory to be freed twice. |
CVE-2022-20127 | Critical | 9.8 | 2022-06-15 | In ce_t4t_data_cback of ce_t4t.cc, there is a possible out of bounds write due to a double free. This could lead to remote code execution with no additional ex… |