30 matches found
CVE-2024-47426 Substance3D - Painter | Double Free (CWE-415)
Substance3D - Painter versions 10.1.0 and earlier are affected by a Double Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2024-3187
This issue tracks two CWE-416 Use After Free UAF and one CWE-415 Double Free vulnerabilities in Goahead versions = 6.0.0. These are caused by JST values not being nulled when freed during parsing of JST templates. If the MEGOAHEADJAVASCRIPT flag is enabled, a remote attacker with the privileges t...
CVE-2024-3187
CVE-2024-3187 affects Embedthis GoAhead up to version 6.0.0. The issue stems from JST template parsing where JST values aren’t nulled when freed, causing two Use-After-Free (CWE-416) and one Double-Free (CWE-415) vulnerabilities. If the ME_GOAHEAD_JAVASCRIPT flag is enabled, a remote attacker who...
F5 Networks BIG-IP : libarchive vulnerabilities (K000140964)
The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the K000140964 advisory. CVE-2018-1000877libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards release v3.1.0...
CVE-2023-44247
A double free vulnerability CWE-415 vulnerability in Fortinet FortiOS 6.4 all versions may allow a privileged attacker to execute code or commands via crafted HTTP or HTTPs requests...
CVE-2023-44247
A double free vulnerability CWE-415 vulnerability in Fortinet FortiOS 6.4 all versions may allow a privileged attacker to execute code or commands via crafted HTTP or HTTPs requests...
CVE-2023-44247
Summary : CVE-2023-44247 is a double-free (CWE-415) vulnerability in Fortinet FortiOS 6.4 all versions, potentially allowing a privileged attacker to execute arbitrary code via crafted HTTP/HTTPS requests. Public documentation confirms affected product FortiOS 6.4 and the vulnerability’s nature a...
CVE-2023-44247
A double free vulnerability CWE-415 vulnerability in Fortinet FortiOS 6.4 all versions may allow a privileged attacker to execute code or commands via crafted HTTP or HTTPs requests...
GitHub Security Lab: ihsinme:CPP Add query for CWE-415 Double Free
This bug was reported directly to GitHub Security Lab...
Huawei EulerOS: Security Advisory for libarchive (EulerOS-SA-2019-1067)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Medium: libarchive
Issue Overview: libarchive 3.3.2 suffers from an out-of-bounds read within lhareaddatanone in archivereadsupportformatlha.c when extracting a specially crafted lha archive, related to lhacrc16.CVE-2017-14503 libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards release v3.1.0...
EulerOS 2.0 SP3 : libarchive (EulerOS-SA-2019-1094)
According to the versions of the libarchive package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards release v3.1.0 onwards contains a CWE-415: Double Free vulnerabili...
CUJO Smart Firewall mdnscap mDNS record parsing code execution vulnerability
Summary An exploitable double free vulnerability exists in the mdnscap binary of the CUJO Smart Firewall. When parsing mDNS packets, a memory space is freed twice if an invalid query name is encountered, leading to arbitrary code execution in the context of the mdnscap process. An unauthenticated...
EulerOS 2.0 SP5 : libarchive (EulerOS-SA-2019-1067)
According to the versions of the libarchive package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards release v3.1.0 onwards contains a CWE-415: Double Free vulnerabili...
CVE-2018-1000877
libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards release v3.1.0 onwards contains a CWE-415: Double Free vulnerability in RAR decoder - libarchive/archivereadsupportformatrar.c, parsecodes, reallocrar-lzss.window, newsize with newsize = 0 that can result in Crash/DoS. Thi...
CVE-2018-1000877
libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards release v3.1.0 onwards contains a CWE-415: Double Free vulnerability in RAR decoder - libarchive/archivereadsupportformatrar.c, parsecodes, reallocrar-lzss.window, newsize with newsize = 0 that can result in Crash/DoS. Thi...
CVE-2018-1000877
libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards release v3.1.0 onwards contains a CWE-415: Double Free vulnerability in RAR decoder - libarchive/archivereadsupportformatrar.c, parsecodes, reallocrar-lzss.window, newsize with newsize = 0 that can result in Crash/DoS. Thi...
Double free
libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards release v3.1.0 onwards contains a CWE-415: Double Free vulnerability in RAR decoder - libarchive/archivereadsupportformatrar.c, parsecodes, reallocrar-lzss.window, newsize with newsize = 0 that can result in Crash/DoS. Thi...
CVE-2018-1000877
libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards release v3.1.0 onwards contains a CWE-415: Double Free vulnerability in RAR decoder - libarchive/archivereadsupportformatrar.c, parsecodes, reallocrar-lzss.window, newsize with newsize = 0 that can result in Crash/DoS. Thi...
CVE-2018-1000877
libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards release v3.1.0 onwards contains a CWE-415: Double Free vulnerability in RAR decoder - libarchive/archivereadsupportformatrar.c, parsecodes, reallocrar-lzss.window, newsize with newsize = 0 that can result in Crash/DoS. Thi...