diff --git a/docs/changes.txt b/docs/changes.txt
index fb006f9cc..142fd33e7 100644
--- a/docs/changes.txt
+++ b/docs/changes.txt
@@ -102,6 +102,7 @@
 - Fixed keys extraction in luks2hashcat - now extracts all active keys
 - Fixed maximum password length in module/test_module of hash-mode 2400
 - Fixed maximum password length in module/test_module of hash-mode 2410
+- Fixed memory leaks in tuning_db_init in tuningdb.c
 - Fixed minimum password length in module of hash-mode 28200
 - Fixed minimum password length in module of hash-mode 29800
 - Fixed out-of-boundary read when a fast hash defines a kernel_loops_min value higher than the amplifiers provided by the user
diff --git a/src/tuningdb.c b/src/tuningdb.c
index 1c5e6cb32..41d3795aa 100644
--- a/src/tuningdb.c
+++ b/src/tuningdb.c
@@ -72,6 +72,8 @@ int tuning_db_init (hashcat_ctx_t *hashcat_ctx)
 
   char **tuning_db_files = scan_directory (tuning_db_folder);
 
+  hcfree (tuning_db_folder);
+
   for (int i = 0; tuning_db_files[i] != NULL; i++)
   {
     char *tuning_db_file = tuning_db_files[i];
@@ -80,9 +82,19 @@ int tuning_db_init (hashcat_ctx_t *hashcat_ctx)
 
     const size_t dblen = strlen (tuning_db_file);
 
-    if (dblen < suflen) continue; // make sure to not do any out-of-boundary reads
+    if (dblen < suflen)
+    {
+      hcfree (tuning_db_file);
 
-    if (memcmp (tuning_db_file + dblen - suflen, TUNING_DB_SUFFIX, suflen) != 0) continue;
+      continue; // make sure to not do any out-of-boundary reads
+    }
+
+    if (memcmp (tuning_db_file + dblen - suflen, TUNING_DB_SUFFIX, suflen) != 0)
+    {
+      hcfree (tuning_db_file);
+
+      continue;
+    }
 
     HCFILE fp;
 
@@ -90,6 +102,8 @@ int tuning_db_init (hashcat_ctx_t *hashcat_ctx)
     {
       event_log_error (hashcat_ctx, "%s: %s", tuning_db_file, strerror (errno));
 
+      for (int j = 0; tuning_db_files[j] != NULL; j++) hcfree (tuning_db_files[j]);
+
       return -1;
     }