Latest CVE Feed
-
5.5
MEDIUMCVE-2020-15569
PlayerGeneric.cpp in MilkyTracker through 1.02.00 has a use-after-free in the PlayerGeneric destructor.... Read more
- Published: Jul. 06, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2022-21156
Access of uninitialized pointer in the Intel(R) Trace Analyzer and Collector before version 2021.5 may allow an authenticated user to potentially enable denial of service via local access.... Read more
Affected Products : trace_analyzer_and_collector- Published: Feb. 09, 2022
- Modified: May. 05, 2025
-
5.5
MEDIUMCVE-2024-53006
Substance3D - Modeler versions 1.14.1 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of... Read more
Affected Products : substance_3d_modeler- Published: Dec. 10, 2024
- Modified: Dec. 13, 2024
-
5.5
MEDIUMCVE-2022-21151
Processor optimization removal or modification of security-critical code for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.... Read more
- Published: May. 12, 2022
- Modified: May. 05, 2025
-
5.5
MEDIUMCVE-2022-21166
Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.... Read more
- Published: Jun. 15, 2022
- Modified: May. 05, 2025
-
5.5
MEDIUMCVE-2022-21127
Incomplete cleanup in specific special register read operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.... Read more
- Published: Jun. 15, 2022
- Modified: May. 05, 2025
-
5.5
MEDIUMCVE-2022-21152
Improper access control in the Intel(R) Edge Insights for Industrial software before version 2.6.1 may allow an authenticated user to potentially enable information disclosure via local access.... Read more
Affected Products : edge_insights_for_industrial- Published: Aug. 18, 2022
- Modified: May. 05, 2025
-
5.5
MEDIUMCVE-2022-21131
Improper access control for some Intel(R) Xeon(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.... Read more
Affected Products : xeon_platinum_8253_firmware xeon_platinum_8256_firmware xeon_platinum_8260_firmware xeon_platinum_8276_firmware xeon_platinum_8276l_firmware xeon_platinum_8280l_firmware xeon_platinum_8260l_firmware xeon_platinum_8280_firmware xeon_platinum_8260y_firmware xeon_platinum_8268_firmware +282 more products- Published: May. 12, 2022
- Modified: May. 05, 2025
-
5.5
MEDIUMCVE-2022-21168
The affected product is vulnerable due to an invalid pointer initialization, which may lead to information disclosure.... Read more
- Published: Apr. 12, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2022-21125
Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.... Read more
- Published: Jun. 15, 2022
- Modified: May. 05, 2025
-
5.5
MEDIUMCVE-2022-21147
An out of bounds read vulnerability exists in the malware scan functionality of ESTsoft Alyac 2.5.7.7. A specially-crafted PE file can trigger this vulnerability to cause denial of service and termination of malware scan. An attacker can provide a malicio... Read more
Affected Products : alyac- Published: May. 12, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2022-21133
Out-of-bounds read in the Intel(R) Trace Analyzer and Collector before version 2021.5 may allow an authenticated user to potentially enable denial of service via local access.... Read more
Affected Products : trace_analyzer_and_collector- Published: Feb. 09, 2022
- Modified: May. 05, 2025
-
5.5
MEDIUMCVE-2022-20953
Multiple vulnerabilities in Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an attacker to conduct path traversal attacks, view sensitive data, or write arbitrary files on an affected device. For more informat... Read more
- Published: Oct. 26, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2012-1860
Microsoft Office SharePoint Server 2007 SP2 and SP3, SharePoint Server 2010 Gold and SP1, and Office Web Apps 2010 Gold and SP1 do not properly check permissions for search scopes, which allows remote authenticated users to obtain sensitive information or... Read more
- Published: Jul. 10, 2012
- Modified: Apr. 11, 2025
-
5.5
MEDIUMCVE-2022-20725
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating s... Read more
Affected Products : ios_xe ios 861_integrated_services_router 867_integrated_services_router 880_3g_integrated_services_router 881_integrated_services_router 886_integrated_services_router 886va-w_integrated_services_router 886va_integrated_services_router 887_integrated_services_router +58 more products- Published: Apr. 15, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2022-20717
A vulnerability in the NETCONF process of Cisco SD-WAN vEdge Routers could allow an authenticated, local attacker to cause an affected device to run out of memory, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient... Read more
- Published: Apr. 15, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2022-20626
A vulnerability in the web-based management interface of Cisco Prime Access Registrar Appliance could allow an authenticated, remote attacker to conduct a cross-site scripting attack against a user of the interface. The attacker would require valid c... Read more
Affected Products : prime_access_registrar- Published: Nov. 15, 2024
- Modified: Aug. 07, 2025
-
5.5
MEDIUMCVE-2022-20575
In read_ppmpu_info of drm_fw.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Produc... Read more
Affected Products : android- Published: Dec. 16, 2022
- Modified: Apr. 18, 2025
-
5.5
MEDIUMCVE-2022-20538
In getSmsRoleHolder of RoleService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution ... Read more
Affected Products : android- Published: Dec. 16, 2022
- Modified: Apr. 18, 2025
-
5.5
MEDIUMCVE-2022-20517
In getMessagesByPhoneNumber of MmsSmsProvider.java, there is a possible access to restricted tables due to SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for ex... Read more
Affected Products : android- Published: Dec. 16, 2022
- Modified: Apr. 18, 2025