Latest CVE Feed
-
5.5
MEDIUMCVE-2016-0685
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote authenticated users to affect confidentiality and integrity via vectors related to File Processing.... Read more
Affected Products : peoplesoft_enterprise_peopletools- Published: Apr. 21, 2016
- Modified: Apr. 12, 2025
-
5.5
MEDIUMCVE-2016-6242
OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (assertion failure and kernel panic) via a large ident value in a kevent system call.... Read more
- Published: Mar. 07, 2017
- Modified: Apr. 20, 2025
-
5.5
MEDIUMCVE-2020-1623
A local, authenticated user with shell can view sensitive configuration information via the ev.ops configuration file. This issue affects all versions of Junos OS Evolved prior to 19.2R1.... Read more
Affected Products : junos_os_evolved- Published: Apr. 08, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2018-14775
tss_alloc in sys/arch/i386/i386/gdt.c in OpenBSD 6.2 and 6.3 has a Local Denial of Service (system crash) due to incorrect I/O port access control on the i386 architecture.... Read more
- Published: Aug. 01, 2018
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-1878
Huawei smartphone OxfordS-AN00A with versions earlier than 10.0.1.152D(C735E152R3P3),versions earlier than 10.0.1.160(C00E160R4P1) have an improper authentication vulnerability. Authentication to target component is improper when device performs an operat... Read more
- Published: Mar. 20, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2021-0681
In system properties, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: An... Read more
Affected Products : android- Published: Oct. 06, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2011-2315
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.49, 8.50, and 8.51 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Security.... Read more
- Published: Oct. 18, 2011
- Modified: Apr. 11, 2025
-
5.5
MEDIUMCVE-2021-43512
An issue was discovered in FlightRadar24 v8.9.0, v8.10.0, v8.10.2, v8.10.3, v8.10.4 for Android, allows attackers to cause unspecified consequences due to being able to decompile a local application and extract their API keys.... Read more
Affected Products : flightradar24_flight_tracker- Published: Jun. 02, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2018-2731
Vulnerability in the PeopleSoft Enterprise SCM eProcurement component of Oracle PeopleSoft Products (subcomponent: Manage Requisition Status). Supported versions that are affected are 9.1 and 9.2. Easily exploitable vulnerability allows low privileged att... Read more
Affected Products : peoplesoft_enterprise_scm_eprocurement- Published: Jan. 18, 2018
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2021-44994
There is an Assertion ''JERRY_CONTEXT (jmem_heap_allocated_size) == 0'' failed at /jerry-core/jmem/jmem-heap.c in Jerryscript 3.0.0.... Read more
Affected Products : jerryscript- Published: Jan. 25, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2021-25444
An IV reuse vulnerability in keymaster prior to SMR AUG-2021 Release 1 allows decryption of custom keyblob with privileged process.... Read more
- Published: Aug. 05, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2011-2676
The A-Form and A-Form bamboo before 1.3.6 and 2.x before 2.0.3, and A-Form PC and PC/Mobile before 3.1, plug-ins for Movable Type do not require administrative authentication, which allows remote authenticated users to modify data via unspecified vectors.... Read more
- Published: Nov. 03, 2011
- Modified: Apr. 11, 2025
-
5.5
MEDIUMCVE-2021-46331
Moddable SDK v11.5.0 was discovered to contain a SEGV vulnerability via xs/sources/xsProxy.c in fxProxyGetPrototype.... Read more
Affected Products : moddable_sdk- Published: Jan. 20, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2021-26320
Insufficient validation of the AMD SEV Signing Key (ASK) in the SEND_START command in the SEV Firmware may allow a local authenticated attacker to perform a denial of service of the PSP... Read more
Affected Products : epyc_7h12_firmware epyc_7f72_firmware epyc_7f52_firmware epyc_7f32_firmware epyc_7742_firmware epyc_7702p_firmware epyc_7702_firmware epyc_7662_firmware epyc_7642_firmware epyc_7552_firmware +104 more products- Published: Nov. 16, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2021-46505
Jsish v3.5.0 was discovered to contain a stack overflow via /usr/lib/x86_64-linux-gnu/libasan.so.4+0x5b1e5.... Read more
Affected Products : jsish- Published: Jan. 27, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2021-46791
Insufficient input validation during parsing of the System Management Mode (SMM) binary may allow a maliciously crafted SMM executable binary to corrupt Dynamic Root of Trust for Measurement (DRTM) user application memory that may result in a potential de... Read more
- Published: Jan. 11, 2023
- Modified: Apr. 09, 2025
-
5.5
MEDIUMCVE-2016-1789
Apple iBooks Author before 2.4.1 allows remote attackers to read arbitrary files via an iBooks Author file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.... Read more
Affected Products : ibooks_author- Published: Apr. 05, 2016
- Modified: Apr. 12, 2025
-
5.5
MEDIUMCVE-2021-28100
Priam uses File.createTempFile, which gives the permissions on that file -rw-r--r--. An attacker with read access to the local filesystem can read anything written there by the Priam process.... Read more
Affected Products : priam- Published: Mar. 23, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2018-15730
An issue was discovered in STOPzilla AntiMalware 6.5.2.59. The driver file szkg64.sys contains a Denial of Service vulnerability due to not validating the output buffer address value from IOCtl 0x80002067.... Read more
Affected Products : antimalware- Published: Jun. 21, 2019
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2021-22152
A Denial of Service due to Improper Input Validation vulnerability in the Management Console component of BlackBerry UEM version(s) 12.13.1 QF2 and earlier and 12.12.1a QF6 and earlier could allow an attacker to potentially to prevent any new user connect... Read more
- Published: May. 13, 2021
- Modified: Nov. 21, 2024