CWE-415: CWE-415
Yearly Trend
Top Affected Vendors
All CWE-415 CVEs (240)
CVE-2024-35368 is a double-free vulnerability in FFmpeg's rkmppdec.c component that allows memory corruption when processing certain media files. Atta...
Nov 29, 2024A double-free vulnerability in Firefox and Thunderbird's PKCS7 decryption function could allow memory corruption when processing malformed encrypted d...
Nov 26, 2024This CVE describes a double free vulnerability in the NFS client and server implementation in OpenBSD, which could allow attackers to execute arbitrar...
Nov 15, 2024CVE-2024-27099 is a double-free vulnerability in the uAMQP C library used for AMQP 1.0 communication with Azure Cloud Services. When processing a malf...
Feb 27, 2024A double-free vulnerability in libbiosig's BrainVision header parsing allows arbitrary code execution when processing malicious .vdhr files. This affe...
Feb 20, 2024This CVE describes a double-free vulnerability in SchedMD Slurm workload manager that allows attackers to cause denial of service or potentially execu...
Dec 14, 2023This vulnerability in OpenBSD and LibreSSL allows memory corruption through double-free or use-after-free conditions in SSL_clear function. Attackers ...
Jun 16, 2023A double free vulnerability in picoTCP's fragment reassembly function allows attackers to execute arbitrary code by triggering memory corruption. This...
Feb 15, 2023This vulnerability allows remote attackers to execute arbitrary code on affected Android devices without user interaction. The flaw exists in the NFC ...
Jun 15, 2022CVE-2021-37120 is a double-free vulnerability in Huawei smartphones that allows attackers to cause kernel crashes or potentially escalate privileges. ...
Jan 3, 2022This vulnerability in the sys-info Rust crate before version 0.8.0 allows attackers to trigger a double free condition when calling sys_info::disk_inf...
Aug 8, 2021CVE-2021-36088 is a double-free vulnerability in Fluent Bit's JSON parser that can lead to memory corruption and potential remote code execution. This...
Jul 1, 2021CVE-2021-34184 is a double-free vulnerability in Miniaudio's ma_default_vfs_close__stdio function that can lead to buffer overflow and potential remot...
Jun 25, 2021CVE-2021-31162 is a double-free vulnerability in Rust's standard library Vec::from_iter function that occurs when freeing an element panics, potential...
Apr 14, 2021A double-free vulnerability in Rust's VecDeque::make_contiguous function allows attackers to cause use-after-free or double-free conditions, potential...
Apr 11, 2021This vulnerability in the id-map Rust crate allows double-free memory corruption when a user-provided function panics during get_or_insert operations....
Apr 7, 2021This vulnerability in the Rust 'through' crate allows double-free memory corruption when the map function panics. Attackers could exploit this to exec...
Apr 1, 2021This vulnerability in the Rust scratchpad crate allows double-free memory corruption when a user-provided function panics during move_elements operati...
Mar 5, 2021This vulnerability in the Rust containers crate allows double-free memory corruption when a panic occurs during certain operations. Attackers can expl...
Jan 26, 2021This vulnerability in the alpm-rs Rust crate allows double-free memory corruption due to improper deallocation in StrcCtx. Attackers can exploit this ...
Dec 31, 2020This vulnerability in the Rust bitvec crate allows memory corruption through use-after-free or double-free errors when converting BitVec to BitBox. An...
Dec 31, 2020This vulnerability in the Rust http crate before version 0.1.20 involves improper use of raw pointers in the HeaderMap::Drain API, which can lead to m...
Dec 31, 2020A double-free vulnerability in PowerDNS Authoritative when GSS-TSIG is enabled allows remote unauthenticated attackers to crash the service or potenti...
Oct 2, 2020CVE-2020-24978 is a double-free vulnerability in NASM (Netwide Assembler) that could allow attackers to execute arbitrary code or cause denial of serv...
Sep 4, 2020CVE-2022-33231 is a double-free memory corruption vulnerability in Qualcomm chipsets that occurs during encryption key initialization. Successful expl...
Apr 13, 2023A double free vulnerability in Samsung Exynos mobile processors allows local attackers to escalate privileges by exploiting memory corruption. This af...
Jun 3, 2025This vulnerability in Windows Telephony Server allows remote attackers to execute arbitrary code on affected systems by sending specially crafted netw...
Feb 11, 2025This vulnerability in Windows DirectShow allows remote attackers to execute arbitrary code on affected systems by tricking users into opening speciall...
Jan 14, 2025CVE-2024-35365 is a double-free vulnerability in FFmpeg's audio stream initialization function that could allow attackers to execute arbitrary code or...
Jan 3, 2025This vulnerability in SQL Server Native Client allows remote attackers to execute arbitrary code on affected systems by sending specially crafted requ...
Nov 12, 2024This vulnerability in SQL Server Native Client OLE DB Provider allows remote attackers to execute arbitrary code on affected systems by sending specia...
Jul 9, 2024CVE-2024-30013 is a double-free vulnerability (CWE-415) in Windows MultiPoint Services that allows remote attackers to execute arbitrary code on affec...
Jul 9, 2024This vulnerability in Microsoft Speech API (SAPI) allows remote attackers to execute arbitrary code on affected systems by sending specially crafted r...
Jun 11, 2024A double-allocation vulnerability in the Linux kernel's SWIOTLB subsystem allows memory corruption when handling DMA allocations with specific alignme...
May 17, 2024CVE-2023-39975 is a double-free vulnerability in MIT Kerberos 5's Key Distribution Center (KDC) that allows authenticated users to potentially execute...
Aug 16, 2023CVE-2022-27864 is a double free vulnerability in Autodesk Design Review that allows remote attackers to execute arbitrary code when users open malicio...
Jul 29, 2022This vulnerability allows a remote attacker to trigger a double-free memory corruption in Chrome's WebGL component by tricking users into visiting a m...
Jul 28, 2022CVE-2021-39528 is a double-free vulnerability in LibreDWG's dwg_free_MATERIAL_private() function that can lead to memory corruption and potential remo...
Sep 20, 2021CVE-2021-36080 is a double-free vulnerability in GNU LibreDWG's bit_chain_free function that can lead to memory corruption and potential remote code e...
Jul 1, 2021This vulnerability is a double-free memory corruption flaw in Chrome's ICU library that allows remote attackers to potentially execute arbitrary code ...
Jun 7, 2021A remote code execution vulnerability in Windows font library allows attackers to execute arbitrary code by tricking users into viewing malicious webs...
Aug 14, 2019A double-free vulnerability in Weston Embedded uC-TCP-IP v3.06.01's IP header loopback parsing allows memory corruption via specially crafted network ...
Feb 20, 2024Picotls TLS library contains a double-free vulnerability when parsing malicious TLS handshake messages, which could lead to process crashes or potenti...
Oct 11, 2024This vulnerability allows unauthenticated remote attackers to cause denial of service on Cisco Meraki MX and Z Series VPN gateways by sending crafted ...
Oct 2, 2024This vulnerability allows unauthenticated remote attackers to crash Cisco Catalyst 9000 wireless controllers by sending malformed CAPWAP packets, caus...
Sep 23, 2021This vulnerability allows unauthenticated remote attackers to crash Cisco Catalyst 9000 wireless controllers by sending malformed CAPWAP protocol pack...
Sep 23, 2021CVE-2022-33307 is a double-free memory corruption vulnerability in Qualcomm automotive components that allows attackers to execute arbitrary code or c...
Jun 6, 2023A double free vulnerability in Qualcomm Snapdragon chipsets allows attackers to potentially execute arbitrary code or cause denial of service when dev...
Apr 7, 2021A double free vulnerability in QEMU's virtio devices (virtio-gpu, virtio-serial-bus, virtio-crypto) allows malicious privileged guest users to crash t...
Apr 9, 2024This vulnerability allows remote attackers to execute arbitrary code on Windows systems running vulnerable versions of the Secure Socket Tunneling Pro...
May 9, 2023About CWE-415 (CWE-415)
Our database tracks 240 CVEs classified as CWE-415, with 25 rated critical and 191 rated high severity. The average CVSS score for CWE-415 vulnerabilities is 7.8.
External reference: View CWE-415 on MITRE CWE →
Monitor CWE-415 Vulnerabilities
Get alerted when new CWE-415 CVEs affect your infrastructure.
Start Monitoring Free