CVEbaza.plSłownik CWECWE-763
Common Weakness Enumeration

CWE-763

Release of Invalid Pointer or Reference

Kategoria: BaseCVE: 109
Opis

Produkt próbuje zwrócić zasób pamięci do systemu, ale wywołuje nieprawidłową funkcję zwalniającą lub niewłaściwie wywołuje odpowiednią funkcję zwalniającą. Może to prowadzić do błędów w zarządzaniu pamięcią i niestabilności aplikacji.

Description (EN)

The product attempts to return a memory resource to the system, but it calls the wrong release function or calls the appropriate release function incorrectly.

Podatności CVE z CWE-763 (109)
9.8
CVSS
CRITICAL
CVE-2026-52993

Podatność w podsystemie TIPC jądra Linux powoduje double-free podczas przetwarzania pakietów sieciowych. Błąd krytyczny umożliwia zdalnemu atakującemu, bez uwierzytelnienia, wykonanie dowolnego kodu lub destabilizację systemu.

pub. 2026-06-24
9.8
CVSS
CRITICAL
CVE-2024-44852

W pakiecie navigation2 systemu Open Robotics ROS2 (wersja humble) wykryto podatność prowadzącą do naruszenia segmentacji (segmentation violation) w funkcji theta_star::ThetaStar::isUnsafeToPlan(). Podatność otrzymała ocenę CVSS 9.8 (CRITICAL), co wskazuje na możliwość poważnego wpływu na dostępność, integralność i poufność systemu.

pub. 2024-12-06
9.8
CVSS
CRITICAL
CVE-2021-42377

An attacker-controlled pointer free in Busybox's hush applet leads to denial of service and possible code execution when processing a crafted shell command, due to the shell mishandling the &&& string. This may be used for remote code execution under rare conditions of filtered command input.

pub. 2021-11-15
9.8
CVSS
CRITICAL
CVE-2021-30473

aom_image.c in libaom in AOMedia before 2021-04-07 frees memory that is not located on the heap.

pub. 2021-05-06
9.8
CVSS
CRITICAL
CVE-2021-24028

An invalid free in Thrift's table-based serialization can cause the application to crash or potentially result in code execution or other undesirable effects. This issue affects Facebook Thrift prior to v2021.02.22.00.

pub. 2021-04-14
9.8
CVSS
CRITICAL
CVE-2020-0103

In a2dp_aac_decoder_cleanup of a2dp_aac_decoder.cc, there is a possible invalid free due to memory corruption. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-9Android ID: A-148107188

pub. 2020-05-14
9.8
CVSS
CRITICAL
CVE-2020-11105

An issue was discovered in USC iLab cereal through 1.3.0. It employs caching of std::shared_ptr values, using the raw pointer address as a unique identifier. This becomes problematic if an std::shared_ptr variable goes out of scope and is freed, and a new std::shared_ptr is allocated at the same address. Serialization fidelity thereby becomes dependent upon memory layout. In short, serialized std::shared_ptr variables cannot always be expected to serialize back into their original values. This can have any number of consequences, depending on the context within which this manifests.

pub. 2020-03-30
9.8
CVSS
CRITICAL
CVE-2019-11930

An invalid free in mb_detect_order can cause the application to crash or potentially result in remote code execution. This issue affects HHVM versions prior to 3.30.12, all versions between 4.0.0 and 4.8.5, all versions between 4.9.0 and 4.23.1, as well as 4.24.0, 4.25.0, 4.26.0, 4.27.0, 4.28.0, and 4.28.1.

pub. 2019-12-04
9.8
CVSS
CRITICAL
CVE-2018-6836

The netmonrec_comment_destroy function in wiretap/netmon.c in Wireshark through 2.4.4 performs a free operation on an uninitialized memory address, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.

pub. 2018-02-08
9.3
CVSS
CRITICAL
CVE-2025-14233

Podatność klasy invalid free (CWE-763) w module przetwarzania plików CPCA dotyczy drukarek biurowych i laserowych Canon z firmware w wersji v06.02 i wcześniejszych. Atakujący z dostępem do segmentu sieciowego może doprowadzić do braku odpowiedzi urządzenia lub wykonać dowolny kod (RCE).

pub. 2026-01-16
9.3
CVSS
HIGH
CVE-2007-4367

Opera before 9.23 allows remote attackers to execute arbitrary code via crafted Javascript that triggers a "virtual function call on an invalid pointer."

pub. 2007-08-15
8.8
CVSS
HIGH
CVE-2025-25215

An arbitrary free vulnerability exists in the cv_close functionality of Dell ControlVault3 prior to 5.15.10.14 and Dell ControlVault3 Plus prior to 6.2.26.36. A specially crafted ControlVault API call can lead to an arbitrary free. An attacker can forge a fake session to trigger this vulnerability.

pub. 2025-06-13
8.8
CVSS
HIGH
CVE-2024-6607

It was possible to prevent a user from exiting pointerlock when pressing escape and to overlay customValidity notifications from a `&lt;select&gt;` element over certain permission prompts. This could be used to confuse a user into giving a site unintended permissions. This vulnerability affects Firefox < 128 and Thunderbird < 128.

pub. 2024-07-09
8.8
CVSS
HIGH
CVE-2022-42309

Xenstore: Guests can crash xenstored Due to a bug in the fix of XSA-115 a malicious guest can cause xenstored to use a wrong pointer during node creation in an error path, resulting in a crash of xenstored or a memory corruption in xenstored causing further damage. Entering the error path can be controlled by the guest e.g. by exceeding the quota value of maximum nodes per domain.

pub. 2022-11-01
8.7
CVSS
HIGH
CVE-2025-13824

A security issue exists due to improper handling of malformed CIP packets during fuzzing. The controller enters a hard fault with solid red Fault LED and becomes unresponsive. Upon power cycle, the controller will enter recoverable fault where the MS LED and Fault LED become flashing red and reports fault code 0xF019. To recover, clear the fault.

pub. 2025-12-15
8.7
CVSS
HIGH
CVE-2025-11838

A memory corruption vulnerability in WatchGuard Fireware OS may allow an unauthenticated attacker to trigger a Denial of Service (DoS) condition in the Mobile User VPN with IKEv2 and the Branch Office VPN using IKEv2 when configured with a dynamic gateway peer. This vulnerability affects Fireware OS 12.6.1 up to and including 12.11.4 and 2025.1 up to and including 2025.1.2.

pub. 2025-12-04
8.5
CVSS
HIGH
CVE-2021-3682

A flaw was found in the USB redirector device emulation of QEMU in versions prior to 6.1.0-rc2. It occurs when dropping packets during a bulk transfer from a SPICE client due to the packet queue being full. A malicious SPICE client could use this flaw to make QEMU call free() with faked heap chunk metadata, resulting in a crash of QEMU or potential code execution with the privileges of the QEMU process on the host.

pub. 2021-08-05
8.4
CVSS
HIGH
CVE-2025-47749

V-SFT v6.2.5.0 and earlier contains an issue with free of pointer not at start of buffer in VS6EditData.dll!CWinFontInf::WinFontMsgCheck function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution.

pub. 2025-05-19
8.4
CVSS
HIGH
CVE-2023-43532

Memory corruption while reading ACPI config through the user mode app.

pub. 2024-02-06
8.2
CVSS
HIGH
CVE-2022-26942

The Motorola MTM5000 series firmwares lack pointer validation on arguments passed to trusted execution environment (TEE) modules. Two modules are used, one responsible for KVL key management and the other for TETRA cryptographic functionality. In both modules, an adversary with non-secure supervisor level code execution can exploit the issue in order to gain secure supervisor code execution within the TEE. This constitutes a full break of the TEE module, exposing the device key as well as any TETRA cryptographic keys and the confidential TETRA cryptographic primitives.

pub. 2023-10-19
Pokazano 20 z 109 podatności
Informacje
ID: CWE-763
Typ: Base
Podatności: 109
MITRE CWE ↗
← Słownik CWE
CWE-763 — Zwolnienie Nieprawidłowego Wskaźnika lub Referencji | Słownik CWE | CVEbaza.pl