Latest CVE Feed
-
5.5
MEDIUMCVE-2020-10768
A flaw was found in the Linux Kernel before 5.8-rc1 in the prctl() function, where it can be used to enable indirect branch speculation after it has been disabled. This call incorrectly reports it as being 'force disabled' when it is not and opens the sys... Read more
Affected Products : linux_kernel- EPSS Score: %0.03
- Published: Sep. 16, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2022-3107
An issue was discovered in the Linux kernel through 5.16-rc6. netvsc_get_ethtool_stats in drivers/net/hyperv/netvsc_drv.c lacks check of the return value of kvmalloc_array() and will cause the null pointer dereference.... Read more
Affected Products : linux_kernel- EPSS Score: %0.02
- Published: Dec. 14, 2022
- Modified: Apr. 22, 2025
-
5.5
MEDIUMCVE-2021-33782
Windows Authenticode Spoofing Vulnerability... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +9 more products- EPSS Score: %1.23
- Published: Jul. 14, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2022-31030
containerd is an open source container runtime. A bug was found in the containerd's CRI implementation where programs inside a container can cause the containerd daemon to consume memory without bound during invocation of the `ExecSync` API. This can caus... Read more
- EPSS Score: %0.11
- Published: Jun. 09, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2022-38449
Adobe Acrobat Reader versions 22.002.20212 (and earlier) and 20.005.30381 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigati... Read more
- EPSS Score: %0.07
- Published: Oct. 14, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2021-32276
An issue was discovered in faad2 through 2.10.0. A NULL pointer dereference exists in the function get_sample() located in output.c. It allows an attacker to cause Denial of Service.... Read more
- EPSS Score: %0.10
- Published: Sep. 20, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2022-27114
There is a vulnerability in htmldoc 1.9.16. In image_load_jpeg function image.cxx when it calls malloc,'img->width' and 'img->height' they are large enough to cause an integer overflow. So, the malloc function may return a heap blosmaller than the expecte... Read more
- EPSS Score: %0.10
- Published: May. 09, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2022-27146
GPAC mp4box 1.1.0-DEV-rev1759-geb2d1e6dd-has a heap-buffer-overflow vulnerability in function gf_isom_apple_enum_tag.... Read more
Affected Products : gpac- EPSS Score: %0.10
- Published: Apr. 08, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2024-46823
In the Linux kernel, the following vulnerability has been resolved: kunit/overflow: Fix UB in overflow_allocation_test The 'device_name' array doesn't exist out of the 'overflow_allocation_test' function scope. However, it is being used as a driver name... Read more
Affected Products : linux_kernel- Published: Sep. 27, 2024
- Modified: Apr. 10, 2025
-
5.5
MEDIUMCVE-2010-0207
In xpdf, the xref table contains an infinite loop which allows remote attackers to cause a denial of service (application crash) in xpdf-based PDF viewers.... Read more
- EPSS Score: %0.44
- Published: Oct. 30, 2019
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2023-21599
Adobe InCopy versions 18.0 (and earlier), 17.4 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitat... Read more
- EPSS Score: %0.03
- Published: Jan. 13, 2023
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2021-45948
Open Asset Import Library (aka assimp) 5.1.0 and 5.1.1 has a heap-based buffer overflow in _m3d_safestr (called from m3d_load and Assimp::M3DWrapper::M3DWrapper).... Read more
Affected Products : assimp- EPSS Score: %0.11
- Published: Jan. 01, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2018-8627
An information disclosure vulnerability exists when Microsoft Excel software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka "Microsoft Excel Information Disclosure Vulnerability." This affects ... Read more
Affected Products : office excel_viewer office_365_proplus sharepoint_server excel office_compatibility_pack- EPSS Score: %19.88
- Published: Dec. 12, 2018
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-9885
An issue existed in the handling of iMessage tapbacks. The issue was resolved with additional verification. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. A user that is removed from an iMessage group ... Read more
- EPSS Score: %0.11
- Published: Oct. 16, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2022-30197
Windows Kernel Information Disclosure Vulnerability... Read more
Affected Products : windows_10 windows_server_2016 windows_server_2019 windows_10_1809 windows_10_20h2 windows_10_21h2 windows_server_2022 windows_11_21h2 windows_11 windows +2 more products- EPSS Score: %0.95
- Published: Aug. 09, 2022
- Modified: Jun. 24, 2025
-
5.5
MEDIUMCVE-2024-21408
Windows Hyper-V Denial of Service Vulnerability... Read more
Affected Products : windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_21h2 windows_11_22h2 windows_10_1507 +4 more products- Published: Mar. 12, 2024
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2022-21425
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to c... Read more
Affected Products : active_iq_unified_manager mysql oncommand_insight oncommand_workflow_automation snapcenter mysql_server- EPSS Score: %0.14
- Published: Apr. 19, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-0748
An information disclosure vulnerability exists in the Cryptography Next Generation (CNG) service when it fails to properly handle objects in memory.To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially c... Read more
- EPSS Score: %0.54
- Published: Feb. 11, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2024-28900
Windows Remote Access Connection Manager Information Disclosure Vulnerability... Read more
Affected Products : windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_21h2 windows_11_22h2 +6 more products- Published: Apr. 09, 2024
- Modified: Jan. 08, 2025
-
5.5
MEDIUMCVE-2022-28388
usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c in the Linux kernel through 5.17.1 has a double free.... Read more
Affected Products : linux_kernel fedora debian_linux h410c_firmware h300s_firmware h500s_firmware h700s_firmware h410s_firmware h300s h410s +9 more products- EPSS Score: %0.01
- Published: Apr. 03, 2022
- Modified: May. 05, 2025