CVE-2018-11982

HIGH Year: 2018
CVSS v3 Score
8.8
High
CVSS v2 Score
8.3
High
Weakness Type
CWE-415
View all →

Vulnerability Description

In Snapdragon (Mobile, Wear) in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 835, Snapdragon_High_Med_2016, a double free of ASN1 heap memory used for EUTRA CAP container occurs during UTRAN to LTE Capability inquiry procedure.

Related Vulnerabilities

CVE-2014-0502

HIGH
CVSS:8.8(High)

Double free vulnerability in Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows and Mac OS X and before 11.2.202.341 on Linux, Adobe AIR before 4.0.0.1628 on ...

CWE-4152014

CVE-2016-1516

HIGH
CVSS:8.8(High)

OpenCV 3.0.0 has a double free issue that allows attackers to execute arbitrary code.

CWE-4152016

CVE-2017-14449

HIGH
CVSS:8.8(High)

A double-Free vulnerability exists in the XCF image rendering functionality of SDL2_image-2.0.2. A specially crafted XCF image can cause a Double-Free situation to occur. An attacker can display a spe...

CWE-4152017

CVE-2017-7393

HIGH
CVSS:8.8(High)

In TigerVNC 1.7.1 (VNCSConnectionST.cxx VNCSConnectionST::fence), an authenticated client can cause a double free, leading to denial of service or potentially code execution.

CWE-4152017

CVE-2017-9078

HIGH
CVSS:8.8(High)

The server in Dropbear before 2017.75 might allow post-authentication root remote code execution because of a double free in cleanup of TCP listeners when the -a option is enabled.

CWE-4152017

CVE-2018-1000216

HIGH
CVSS:8.8(High)

Dave Gamble cJSON version 1.7.2 and earlier contains a CWE-415: Double Free vulnerability in cJSON library that can result in Possible crash or RCE. This attack appear to be exploitable via Attacker m...

CWE-4152018