Latest CVE Feed
-
5.5
MEDIUMCVE-2022-21265
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocol... Read more
Affected Products : fedora active_iq_unified_manager mysql oncommand_insight oncommand_workflow_automation snapcenter mysql_server- Published: Jan. 19, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2022-21180
Improper input validation for some Intel(R) Processors may allow an authenticated user to potentially cause a denial of service via local access.... Read more
- Published: Jun. 15, 2022
- Modified: May. 05, 2025
-
5.5
MEDIUMCVE-2022-21230
This affects all versions of package org.nanohttpd:nanohttpd. Whenever an HTTP Session is parsing the body of an HTTP request, the body of the request is written to a RandomAccessFile when the it is larger than 1024 bytes. This file is created with insecu... Read more
Affected Products : nanohttpd- Published: May. 01, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2022-21157
Improper access control in the Intel(R) Smart Campus Android application before version 6.1 may allow authenticated user to potentially enable information disclosure via local access.... Read more
Affected Products : smart_campus- Published: Feb. 09, 2022
- Modified: May. 05, 2025
-
5.5
MEDIUMCVE-2020-15569
PlayerGeneric.cpp in MilkyTracker through 1.02.00 has a use-after-free in the PlayerGeneric destructor.... Read more
- Published: Jul. 06, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2022-21156
Access of uninitialized pointer in the Intel(R) Trace Analyzer and Collector before version 2021.5 may allow an authenticated user to potentially enable denial of service via local access.... Read more
Affected Products : trace_analyzer_and_collector- Published: Feb. 09, 2022
- Modified: May. 05, 2025
-
5.5
MEDIUMCVE-2024-53006
Substance3D - Modeler versions 1.14.1 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of... Read more
Affected Products : substance_3d_modeler- Published: Dec. 10, 2024
- Modified: Dec. 13, 2024
-
5.5
MEDIUMCVE-2022-21151
Processor optimization removal or modification of security-critical code for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.... Read more
- Published: May. 12, 2022
- Modified: May. 05, 2025
-
5.5
MEDIUMCVE-2022-21166
Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.... Read more
- Published: Jun. 15, 2022
- Modified: May. 05, 2025
-
5.5
MEDIUMCVE-2022-21127
Incomplete cleanup in specific special register read operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.... Read more
- Published: Jun. 15, 2022
- Modified: May. 05, 2025
-
5.5
MEDIUMCVE-2022-21152
Improper access control in the Intel(R) Edge Insights for Industrial software before version 2.6.1 may allow an authenticated user to potentially enable information disclosure via local access.... Read more
Affected Products : edge_insights_for_industrial- Published: Aug. 18, 2022
- Modified: May. 05, 2025
-
5.5
MEDIUMCVE-2022-21131
Improper access control for some Intel(R) Xeon(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.... Read more
Affected Products : xeon_platinum_8253_firmware xeon_platinum_8256_firmware xeon_platinum_8260_firmware xeon_platinum_8276_firmware xeon_platinum_8276l_firmware xeon_platinum_8280l_firmware xeon_platinum_8260l_firmware xeon_platinum_8280_firmware xeon_platinum_8260y_firmware xeon_platinum_8268_firmware +282 more products- Published: May. 12, 2022
- Modified: May. 05, 2025
-
5.5
MEDIUMCVE-2022-21168
The affected product is vulnerable due to an invalid pointer initialization, which may lead to information disclosure.... Read more
- Published: Apr. 12, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2022-21125
Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.... Read more
- Published: Jun. 15, 2022
- Modified: May. 05, 2025
-
5.5
MEDIUMCVE-2022-21147
An out of bounds read vulnerability exists in the malware scan functionality of ESTsoft Alyac 2.5.7.7. A specially-crafted PE file can trigger this vulnerability to cause denial of service and termination of malware scan. An attacker can provide a malicio... Read more
Affected Products : alyac- Published: May. 12, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2022-21133
Out-of-bounds read in the Intel(R) Trace Analyzer and Collector before version 2021.5 may allow an authenticated user to potentially enable denial of service via local access.... Read more
Affected Products : trace_analyzer_and_collector- Published: Feb. 09, 2022
- Modified: May. 05, 2025
-
5.5
MEDIUMCVE-2022-20953
Multiple vulnerabilities in Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an attacker to conduct path traversal attacks, view sensitive data, or write arbitrary files on an affected device. For more informat... Read more
- Published: Oct. 26, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2012-1860
Microsoft Office SharePoint Server 2007 SP2 and SP3, SharePoint Server 2010 Gold and SP1, and Office Web Apps 2010 Gold and SP1 do not properly check permissions for search scopes, which allows remote authenticated users to obtain sensitive information or... Read more
- Published: Jul. 10, 2012
- Modified: Apr. 11, 2025
-
5.5
MEDIUMCVE-2022-20725
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating s... Read more
Affected Products : ios_xe ios 861_integrated_services_router 867_integrated_services_router 880_3g_integrated_services_router 881_integrated_services_router 886_integrated_services_router 886va-w_integrated_services_router 886va_integrated_services_router 887_integrated_services_router +58 more products- Published: Apr. 15, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2022-20717
A vulnerability in the NETCONF process of Cisco SD-WAN vEdge Routers could allow an authenticated, local attacker to cause an affected device to run out of memory, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient... Read more
- Published: Apr. 15, 2022
- Modified: Nov. 21, 2024