Vulnerabilities > Double Free
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-11-16 | CVE-2015-8962 | Double Free vulnerability in Linux Kernel Double free vulnerability in the sg_common_write function in drivers/scsi/sg.c in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (memory corruption and system crash) by detaching a device during an SG_IO ioctl call. | 7.3 |
| 2016-08-13 | CVE-2016-5384 | Double Free vulnerability in multiple products fontconfig before 2.12.1 does not validate offsets, which allows local users to trigger arbitrary free calls and consequently conduct double free attacks and execute arbitrary code via a crafted cache file. | 7.8 |
| 2016-08-07 | CVE-2016-5772 | Double Free vulnerability in multiple products Double free vulnerability in the php_wddx_process_data function in wddx.c in the WDDX extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted XML data that is mishandled in a wddx_deserialize call. | 9.8 |
| 2016-08-07 | CVE-2016-5768 | Double Free vulnerability in PHP Double free vulnerability in the _php_mb_regex_ereg_replace_exec function in php_mbregex.c in the mbstring extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by leveraging a callback exception. | 9.8 |
| 2016-08-07 | CVE-2016-3132 | Double Free vulnerability in PHP Double free vulnerability in the SplDoublyLinkedList::offsetSet function in ext/spl/spl_dllist.c in PHP 7.x before 7.0.6 allows remote attackers to execute arbitrary code via a crafted index. | 9.8 |
| 2016-05-22 | CVE-2015-8880 | Double Free vulnerability in PHP 7.0.0 Double free vulnerability in the format printer in PHP 7.x before 7.0.1 allows remote attackers to have an unspecified impact by triggering an error. | 9.8 |
| 2014-02-21 | CVE-2014-0502 | Double Free vulnerability in multiple products Double free vulnerability in Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows and Mac OS X and before 11.2.202.341 on Linux, Adobe AIR before 4.0.0.1628 on Android, Adobe AIR SDK before 4.0.0.1628, and Adobe AIR SDK & Compiler before 4.0.0.1628 allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in February 2014. | 8.8 |
| 2006-09-27 | CVE-2006-5051 | Double Free vulnerability in multiple products Signal handler race condition in OpenSSH before 4.4 allows remote attackers to cause a denial of service (crash), and possibly execute arbitrary code if GSSAPI authentication is enabled, via unspecified vectors that lead to a double-free. | 8.1 |
| 2005-07-18 | CVE-2005-1689 | Double Free vulnerability in multiple products Double free vulnerability in the krb5_recvauth function in MIT Kerberos 5 (krb5) 1.4.1 and earlier allows remote attackers to execute arbitrary code via certain error conditions. | 9.8 |
| 2005-05-02 | CVE-2005-0891 | Double Free vulnerability in Gnome GTK Double free vulnerability in gtk 2 (gtk2) before 2.2.4 allows remote attackers to cause a denial of service (crash) via a crafted BMP image. | 7.5 |