Total
716 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-6072 | 2 Debian, Videolabs | 2 Debian Linux, Libmicrodns | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
An exploitable code execution vulnerability exists in the label-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing compressed labels in mDNS messages, the rr_decode function's return value is not checked, leading to a double free that could be exploited to execute arbitrary code. An attacker can send an mDNS message to trigger this vulnerability.
|
|||||
| CVE-2020-5988 | 1 Nvidia | 1 Virtual Gpu Manager | 2024-11-21 | 3.6 LOW | 7.1 HIGH |
|
NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which allocated memory can be freed twice, which may lead to information disclosure or denial of service. This affects vGPU version 8.x (prior to 8.5), version 10.x (prior to 10.4) and version 11.0.
|
|||||
| CVE-2020-3685 | 1 Qualcomm | 506 Apq8009, Apq8009w, Apq8017 and 503 more | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
|
Pointer variable which is freed is not cleared can result in memory corruption and leads to denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
|
|||||
| CVE-2020-3613 | 1 Qualcomm | 2 Sm8150, Sm8150 Firmware | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
Double free issue in kernel memory mapping due to lack of memory protection mechanism in Snapdragon Compute, Snapdragon Mobile, Snapdragon Voice & Music in SM8150
|
|||||
| CVE-2020-3610 | 1 Qualcomm | 74 Apq8009, Apq8009 Firmware, Apq8053 and 71 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
Possibility of double free of the drawobj that is added to the drawqueue array of the context during IOCTL commands as there is no refcount taken for this object in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8053, APQ8096AU, APQ8098, MSM8909W, MSM8917, MSM8953, MSM8996AU, Nicobar, QCS405, QCS605, QM215, Rennell, SA415M, Saipa ...
Show More |
|||||
| CVE-2020-3179 | 1 Cisco | 25 Asa 5505, Asa 5505 Firmware, Asa 5510 and 22 more | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
|
A vulnerability in the generic routing encapsulation (GRE) tunnel decapsulation feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a memory handling error when GRE over IPv6 traffic is processed. An attacker could exploit this vulnerability by sending crafted GRE over IPv6 packets with either IPv4 or IPv6 payload through an affected device. A succe ...
Show More |
|||||
| CVE-2020-36434 | 1 Sys-info Project | 1 Sys-info | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
An issue was discovered in the sys-info crate before 0.8.0 for Rust. sys_info::disk_info calls can trigger a double free.
|
|||||
| CVE-2020-36401 | 2 Linux, Mruby | 2 Linux Kernel, Mruby | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
mruby 2.1.2 has a double free in mrb_default_allocf (called from mrb_free and obj_free).
|
|||||
| CVE-2020-36318 | 1 Rust-lang | 1 Rust | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
In the standard library in Rust before 1.49.0, VecDeque::make_contiguous has a bug that pops the same element more than once under certain condition. This bug could result in a use-after-free or double free.
|
|||||
| CVE-2020-36225 | 3 Apple, Debian, Openldap | 3 Macos, Debian Linux, Openldap | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
A flaw was discovered in OpenLDAP before 2.4.57 leading to a double free and slapd crash in the saslAuthzTo processing, resulting in denial of service.
|
|||||
| CVE-2020-36223 | 3 Apple, Debian, Openldap | 4 Mac Os X, Macos, Debian Linux and 1 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
A flaw was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Values Return Filter control handling, resulting in denial of service (double free and out-of-bounds read).
|
|||||
| CVE-2020-36205 | 1 Xcb Project | 1 Xcb | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
An issue was discovered in the xcb crate through 2020-12-10 for Rust. base::Error does not have soundness. Because of the public ptr field, a use-after-free or double-free can occur.
|
|||||
| CVE-2020-35891 | 1 Ordnung Project | 1 Ordnung | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
An issue was discovered in the ordnung crate through 2020-09-03 for Rust. compact::Vec violates memory safety via a remove() double free.
|
|||||
| CVE-2020-35885 | 1 Alpm-rs Project | 1 Alpm-rs | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
An issue was discovered in the alpm-rs crate through 2020-08-20 for Rust. StrcCtx performs improper memory deallocation.
|
|||||
| CVE-2020-35862 | 1 Bitvec Project | 1 Bitvec | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
An issue was discovered in the bitvec crate before 0.17.4 for Rust. BitVec to BitBox conversion leads to a use-after-free or double free.
|
|||||
| CVE-2020-27794 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A | 9.1 CRITICAL |
|
A double free issue was discovered in radare2 in cmd_info.c:cmd_info(). Successful exploitation could lead to modification of unexpected memory locations and potentially causing a crash.
|
|||||
| CVE-2020-27153 | 3 Bluez, Debian, Opensuse | 3 Bluez, Debian Linux, Leap | 2024-11-21 | 7.5 HIGH | 8.6 HIGH |
|
In BlueZ before 5.55, a double free was found in the gatttool disconnect_cb() routine from shared/att.c. A remote attacker could potentially cause a denial of service or code execution, during service discovery, due to a redundant disconnect MGMT event.
|
|||||
| CVE-2020-25773 | 2 Microsoft, Trendmicro | 2 Windows, Apex One | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
A vulnerability in the Trend Micro Apex One ServerMigrationTool component could allow an attacker to execute arbitrary code on affected products. User interaction is required to exploit this vulnerability in that the target must import a corrupted configuration file.
|
|||||
| CVE-2020-25637 | 2 Opensuse, Redhat | 2 Leap, Libvirt | 2024-11-21 | 7.2 HIGH | 6.7 MEDIUM |
|
A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible for requesting information about network interfaces of a running QEMU domain. This flaw affects the polkit access control driver. Specifically, clients connecting to the read-write socket with limited ACL permissions could use this flaw to crash the libvirt daemon, resulting in a denial of service, or potentially escalate their privileges on the system. The highest threat from this vulnerabili ...
Show More |
|||||
| CVE-2020-24978 | 1 Nasm | 1 Netwide Assembler | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
In NASM 2.15.04rc3, there is a double-free vulnerability in pp_tokline asm/preproc.c. This is fixed in commit 8806c3ca007b84accac21dd88b900fb03614ceb7.
|
|||||
| CVE-2020-24698 | 1 Powerdns | 1 Authoritative | 2024-11-21 | 6.8 MEDIUM | 9.8 CRITICAL |
|
An issue was discovered in PowerDNS Authoritative through 4.3.0 when --enable-experimental-gss-tsig is used. A remote, unauthenticated attacker might be able to cause a double-free, leading to a crash or possibly arbitrary code execution. by sending crafted queries with a GSS-TSIG signature.
|
|||||
| CVE-2020-1862 | 1 Huawei | 2 Campusinsight, Manageone | 2024-11-21 | 2.1 LOW | 3.3 LOW |
|
There is a double free vulnerability in some Huawei products. A local attacker with low privilege may perform some operations to exploit the vulnerability. Due to doubly freeing memory, successful exploit may cause some service abnormal. Affected product versions include:CampusInsight versions V100R019C00;ManageOne versions 6.5.RC2.B050.
|
|||||
| CVE-2020-1829 | 1 Huawei | 6 Nip6800, Nip6800 Firmware, Secospace Usg6600 and 3 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
Huawei NIP6800 versions V500R001C30 and V500R001C60SPC500; and Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, and V500R001C60SPC500 have a vulnerability that the IPSec module handles a message improperly. Attackers can send specific message to cause double free memory. This may compromise normal service.
|
|||||
| CVE-2020-1686 | 1 Juniper | 1 Junos | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
|
On Juniper Networks Junos OS devices, receipt of a malformed IPv6 packet may cause the system to crash and restart (vmcore). This issue can be trigged by a malformed IPv6 packet destined to the Routing Engine. An attacker can repeatedly send the offending packet resulting in an extended Denial of Service condition. Only IPv6 packets can trigger this issue. IPv4 packets cannot trigger this issue. This issue affects Juniper Networks Junos OS 18.4 versions prior to 18.4R2-S4, 18.4R3-S1; 19.1 versio ...
Show More |
|||||
| CVE-2020-1647 | 1 Juniper | 1 Junos | 2024-11-21 | 6.8 MEDIUM | 9.8 CRITICAL |
|
On Juniper Networks SRX Series with ICAP (Internet Content Adaptation Protocol) redirect service enabled, a double free vulnerability can lead to a Denial of Service (DoS) or Remote Code Execution (RCE) due to processing of a specific HTTP message. Continued processing of this specific HTTP message may result in an extended Denial of Service (DoS). The offending HTTP message that causes this issue may originate both from the HTTP server or the client. This issue affects Juniper Networks Junos OS ...
Show More |
|||||
| CVE-2020-17498 | 4 Fedoraproject, Opensuse, Oracle and 1 more | 4 Fedora, Leap, Zfs Storage Appliance Kit and 1 more | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
In Wireshark 3.2.0 to 3.2.5, the Kafka protocol dissector could crash. This was addressed in epan/dissectors/packet-kafka.c by avoiding a double free during LZ4 decompression.
|
|||||
| CVE-2020-17019 | 1 Microsoft | 1 Office | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
Microsoft Excel Remote Code Execution Vulnerability
|
|||||
| CVE-2020-16970 | 1 Microsoft | 1 Azure Sphere | 2024-11-21 | 7.2 HIGH | 8.1 HIGH |
|
Azure Sphere Unsigned Code Execution Vulnerability
|
|||||
| CVE-2020-16590 | 2 Gnu, Netapp | 2 Binutils, Ontap Select Deploy Administration Utility | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
A double free vulnerability exists in the Binary File Descriptor (BFD) (aka libbrd) in GNU Binutils 2.35 in the process_symbol_table, as demonstrated in readelf, via a crafted file.
|
|||||
| CVE-2020-16217 | 1 Advantech | 1 Webaccess\/hmi Designer | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. A double free vulnerability caused by processing specially crafted project files may allow remote code execution, disclosure/modification of information, or cause the application to crash.
|
|||||
| CVE-2020-15710 | 2 Canonical, Pulseaudio Project | 2 Ubuntu Linux, Pulseaudio | 2024-11-21 | 3.6 LOW | 5.3 MEDIUM |
|
Potential double free in Bluez 5 module of PulseAudio could allow a local attacker to leak memory or crash the program. The modargs variable may be freed twice in the fail condition in src/modules/bluetooth/module-bluez5-device.c and src/modules/bluetooth/module-bluez5-device.c. Fixed in 1:8.0-0ubuntu3.14.
|
|||||
| CVE-2020-14354 | 2 C-ares, Fedoraproject | 2 C-ares, Fedora | 2024-11-21 | 2.1 LOW | 3.3 LOW |
|
A possible use-after-free and double-free in c-ares lib version 1.16.0 if ares_destroy() is called prior to ares_getaddrinfo() completing. This flaw possibly allows an attacker to crash the service that uses c-ares lib. The highest threat from this vulnerability is to this service availability.
|
|||||
| CVE-2020-14123 | 1 Mi | 1 Miui | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
There is a pointer double free vulnerability in Some MIUI Services. When a function is called, the memory pointer is copied to two function modules, and an attacker can cause the pointer to be repeatedly released through malicious operations, resulting in the affected module crashing and affecting normal functionality, and if successfully exploited the vulnerability can cause elevation of privileges.
|
|||||
| CVE-2020-11900 | 1 Treck | 1 Tcp\/ip | 2024-11-21 | 6.4 MEDIUM | 8.2 HIGH |
|
The Treck TCP/IP stack before 6.0.1.41 has an IPv4 tunneling Double Free.
|
|||||
| CVE-2020-11246 | 1 Qualcomm | 634 Apq8017, Apq8017 Firmware, Apq8037 and 631 more | 2024-11-21 | 7.2 HIGH | 8.4 HIGH |
|
A double free condition can occur when the device moves to suspend mode during secure playback in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
|
|||||
| CVE-2020-11231 | 1 Qualcomm | 430 Apq8017, Apq8017 Firmware, Apq8053 and 427 more | 2024-11-21 | 4.6 MEDIUM | 6.7 MEDIUM |
|
Two threads call one or both functions concurrently leading to corruption of pointers and reference counters which in turn can lead to heap corruption in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
|
|||||
| CVE-2020-11217 | 1 Qualcomm | 193 Pm3003a, Pm4125, Pm6125 and 190 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
A possible double free or invalid memory access in audio driver while reading Speaker Protection parameters in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
|
|||||
| CVE-2020-11044 | 3 Canonical, Debian, Freerdp | 3 Ubuntu Linux, Debian Linux, Freerdp | 2024-11-21 | 3.5 LOW | 2.2 LOW |
|
In FreeRDP greater than 1.2 and before 2.0.0, a double free in update_read_cache_bitmap_v3_order crashes the client application if corrupted data from a manipulated server is parsed. This has been patched in 2.0.0.
|
|||||
| CVE-2020-11017 | 3 Debian, Freerdp, Opensuse | 3 Debian Linux, Freerdp, Leap | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
In FreeRDP less than or equal to 2.0.0, by providing manipulated input a malicious client can create a double free condition and crash the server. This is fixed in version 2.1.0.
|
|||||
| CVE-2020-0392 | 1 Google | 1 Android | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
In getLayerDebugInfo of SurfaceFlinger.cpp, there is a possible code execution due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11Android ID: A-150226608
|
|||||