CWE-590: CWE-590
Yearly Trend
Top Affected Vendors
All CWE-590 CVEs (9)
CVE-2021-42377 is a critical vulnerability in BusyBox's hush shell applet where an attacker-controlled pointer free leads to denial of service and pot...
Nov 15, 2021This vulnerability in Valve's Game Networking Sockets library allows remote attackers to execute arbitrary code by sending specially crafted unreliabl...
Nov 18, 2020A use-after-free vulnerability in libsoup's soup_message_headers_get_content_disposition() function allows malicious HTTP clients to cause memory corr...
Apr 15, 2025This vulnerability in Windows Ancillary Function Driver for WinSock allows an authorized attacker to perform a use-after-free attack on non-heap memor...
Jan 13, 2026This CVE describes a double-free memory corruption vulnerability in Ubuntu's accountsservice. Attackers can exploit this via the SetLanguage D-Bus fun...
Nov 17, 2021CVE-2025-42994 is a denial-of-service vulnerability in SAP MDM Server's ReadString function where specially crafted packets can cause memory access vi...
Jun 10, 2025CVE-2023-25565 is a denial-of-service vulnerability in GSS-NTLMSSP, a GSSAPI plugin for NTLM authentication. An incorrect free operation when decoding...
Feb 14, 2023This CVE describes an invalid free vulnerability in Ichitaro 2022's Frame stream parser. Attackers can craft malicious documents that cause memory cor...
Apr 5, 2023SAP MDM Server has a session fixation vulnerability (CWE-590) that allows attackers to hijack existing client sessions without re-authentication. This...
Jun 10, 2025About CWE-590 (CWE-590)
Our database tracks 9 CVEs classified as CWE-590, with 3 rated critical and 5 rated high severity. The average CVSS score for CWE-590 vulnerabilities is 8.0.
External reference: View CWE-590 on MITRE CWE →
Monitor CWE-590 Vulnerabilities
Get alerted when new CWE-590 CVEs affect your infrastructure.
Start Monitoring Free