Astra Linux – Vulnerability in opensc

A heap double-free issue was detected in Opensc before version 0.22.0 in scpkcs15freetokeninfo...

CVE-2026-12043 Heap double-free in AWS Common Runtime aws-c-http

Improper handling of HPACK dynamic table size updates in the AWS Common Runtime aws-c-http library might allow a remote threat actor operating a server to cause memory corruption on a connecting client application, potentially leading to arbitrary code execution, via a crafted sequence of HTTP/2...

CVE-2026-12043

CVE-2026-12043 affects the AWS Common Runtime aws-c-http library due to improper handling of HPACK dynamic table size updates, which can cause memory corruption on a connecting client via a crafted sequence of HTTP/2 HEADERS frames. The vulnerability could lead to arbitrary code execution on vuln...

OSV-2026-785 Heap-double-free in _dwarf_load_elf_symtab_symbols

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=514753154 Crash type: Heap-double-free Crash state: dwarfloadelfsymtabsymbols dwarfelfnlsetup dwarfinitpathdla...

OSV-2026-744 Heap-double-free in _dwarf_destruct_elf_nlaccess

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=513032442 Crash type: Heap-double-free Crash state: dwarfdestructelfnlaccess dwarfelfnlsetup dwarfinitpathdla...

OSV-2026-589 Heap-double-free in coap_new_oscore_conf

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=503812134 Crash type: Heap-double-free Crash state: coapnewoscoreconf oscoreconfparsetarget.c coapnewoscoreconf...

OSV-2026-29 Heap-double-free in local_parse_glob

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=474561494 Crash type: Heap-double-free Crash state: localparseglob sshbindconfigparseline sshbindconfigparsestring...

Unity Linux 20.1070e Security Update: opensc (UTSA-2025-680623)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-680623 advisory. A heap double free issue was found in Opensc before version 0.22.0 in scpkcs15freetokeninfo. Tenable has extracted the preceding description block directly from the...

EUVD-2021-29734

Malicious code in bioql PyPI...

OSV-2025-538 Heap-double-free in policydb_destroy

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=430091583 Crash type: Heap-double-free Crash state: policydbdestroy checkpolicy-fuzzer.c definegenfscontext...

Linux Distros Unpatched Vulnerability : CVE-2021-42778

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap double free issue was found in Opensc before version 0.22.0 in scpkcs15freetokeninfo. CVE-2021-42778 Note that Nessus relies on the presence of the packa...

OSV-2025-50 Heap-double-free in r_crbtree_free

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=390503425 Crash type: Heap-double-free Crash state: rcrbtreefree rbinobjectfree rbinfilefree...

PT-2025-19369 · Git +1 · Radare2

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. affected versions not specified Description: The software contains a heap-double-free issue. The crash state involves r crbtree free, r bin object free, and r bin file free. Recommendations: At the momen...

OSV-2024-985 Heap-double-free in libssh2_default_free

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69362 Crash type: Heap-double-free Crash state: libssh2defaultfree sessionfree libssh2sessionfree...

OSV-2024-859 Heap-double-free in libssh2_default_free

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69726 Crash type: Heap-double-free Crash state: libssh2defaultfree diffiehellmanshaalgo kexmethoddiffiehellmangroup14keyexchange...

PT-2024-40891 · Libssh2 · Libssh2

Name of the Vulnerable Software and Affected Versions: libssh2 affected versions not specified Description: The issue is related to a heap-double-free crash. Technical details about the crash include the involvement of the libssh2 default free function, session free, and libssh2 session free...

RHEL 8 : opensc (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - opensc: Stack buffer overflow issues in various places CVE-2021-42782 - A heap double free issue was foun...

OSV-2024-79 Heap-double-free in supported_features

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=66398 Crash type: Heap-double-free Crash state: supportedfeatures handleatcommand handleatcommandfortest...

OSV-2024-42 Heap-double-free in dwg_free_common_entity_data

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=66111 Crash type: Heap-double-free Crash state: dwgfreecommonentitydata dwgfreePLANESURFACE dwgfreevariablenoclass...

PT-2024-40759 · Git +1 · Libredwg

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a heap-double-free crash. Technical details include the crash state with functions such as dwg free common entity data, dwg free...