An issue was discovered in VxWorks 6.9 through 7. In the IKE component, a specifically crafted packet may lead to reading beyond the end of a buffer, or a double free.
CWE-415
CVE-2021-42778
A heap double free issue was found in Opensc before version 0.22.0 in sc_pkcs15_free_tokeninfo.
CVE-2021-42613
A double free in cleanup_index in index.c in Halibut 1.2 allows an attacker to cause a denial of service or possibly have other unspecified impact via a crafted text document.
CVE-2021-42533
Adobe Bridge version 11.1.1 (and earlier) is affected by a double free vulnerability when parsing a crafted DCM file, which could result in arbitrary code execution in the context of the current user. This vulnerability requires user interaction to exploit.
CVE-2021-41688
DCMTK through 3.6.6 does not handle memory free properly. The object in the program is free but its address is still used in other locations. Sending specific requests to the dcmqrdb program will incur a double free. An attacker can use it to launch a DoS attack.
CVE-2021-40873
An issue was discovered in Softing Industrial Automation OPC UA C++ SDK before 5.66, and uaToolkit Embedded before 1.40. Remote attackers to cause a denial of service (DoS) by sending crafted messages to a client or server. The server process may crash unexpectedly because of a double free, and must be restarted.