A person sends a payment to a merchant, then soon after sends another payment using the same coins to themselves.
If this is done properly - or with features such as Replace By Fee (RBF) - then different groups of miners will use those coins in different ways, making the competing transaction invalid. Once 1 or 2 confirmations happen though, the merchant can be confident their payment will not be double spent.
A person sends a payment to a merchant or exchange, then colludes with a large miner to spend those coins to a different address.
If the attackers have a majority of hash, then they are able to double spend as many coins as they want, and eventually publish their malicious transactions which double spend all the coins back to themselves. This type of double spend attack takes a lot of resources, and is only a concern when transactions deal with large volumes of low hash-rate coins. This is also a reason why exchanges require significantly more confirmations than is needed for everyday, relatively low value, transactions.