Latest CVE Feed
-
5.5
MEDIUMCVE-2016-10040
Stack-based buffer overflow in QXmlSimpleReader in Qt 4.8.5 allows remote attackers to cause a denial of service (application crash) via a xml file with multiple nested open tags.... Read more
Affected Products : qxmlsimplereader- EPSS Score: %1.53
- Published: Mar. 07, 2017
- Modified: Apr. 20, 2025
-
5.5
MEDIUMCVE-2016-10071
coders/mat.c in ImageMagick before 6.9.4-0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted mat file.... Read more
Affected Products : imagemagick- EPSS Score: %0.50
- Published: Mar. 02, 2017
- Modified: Apr. 20, 2025
-
5.5
MEDIUMCVE-2022-28258
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memo... Read more
- EPSS Score: %0.86
- Published: May. 11, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2016-10029
The virtio_gpu_set_scanout function in QEMU (aka Quick Emulator) built with Virtio GPU Device emulator support allows local guest OS users to cause a denial of service (out-of-bounds read and process crash) via a scanout id in a VIRTIO_GPU_CMD_SET_SCANOUT... Read more
Affected Products : qemu- EPSS Score: %0.07
- Published: Feb. 27, 2017
- Modified: Apr. 20, 2025
-
5.5
MEDIUMCVE-2022-28255
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memo... Read more
- EPSS Score: %0.93
- Published: May. 11, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-14537
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Packaging Scripts). The supported version that is affected is 11. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle Sola... Read more
- EPSS Score: %0.08
- Published: Jul. 15, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2024-38151
Windows Kernel Information Disclosure Vulnerability... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_21h2 +10 more products- Published: Aug. 13, 2024
- Modified: Aug. 14, 2024
-
5.5
MEDIUMCVE-2020-1386
An information vulnerability exists when Windows Connected User Experiences and Telemetry Service improperly discloses file information, aka 'Connected User Experiences and Telemetry Service Information Disclosure Vulnerability'.... Read more
- EPSS Score: %0.65
- Published: Jul. 14, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-12655
An issue was discovered in xfs_agf_verify in fs/xfs/libxfs/xfs_alloc.c in the Linux kernel through 5.6.10. Attackers may trigger a sync of excessive duration via an XFS v5 image with crafted metadata, aka CID-d0c7feaf8767.... Read more
Affected Products : linux_kernel- EPSS Score: %0.03
- Published: May. 05, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-1224
<p>An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the user’s computer or data.</p> <p>To exploit the ... Read more
Affected Products : sharepoint_enterprise_server office sharepoint_server 365_apps office_web_apps excel office_online_server- EPSS Score: %21.88
- Published: Sep. 11, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2022-28245
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memo... Read more
- EPSS Score: %0.93
- Published: May. 11, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-11049
In FreeRDP after 1.1 and before 2.0.0, there is an out-of-bound read of client memory that is then passed on to the protocol parser. This has been patched in 2.0.0.... Read more
- EPSS Score: %0.15
- Published: May. 07, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2024-38055
Microsoft Windows Codecs Library Information Disclosure Vulnerability... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_21h2 +9 more products- Published: Jul. 09, 2024
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-10040
A vulnerability has been identified in SICAM MMU (All versions < V2.05), SICAM SGU (All versions), SICAM T (All versions < V2.18). An attacker with local access to the device might be able to retrieve some passwords in clear text.... Read more
Affected Products : sicam_mmu_firmware sicam_sgu_firmware sicam_t_firmware sicam_mmu sicam_sgu sicam_t- EPSS Score: %0.02
- Published: Jul. 14, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2024-44131
This issue was addressed with improved validation of symlinks. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15. An app may be able to access sensitive user data.... Read more
- Published: Sep. 17, 2024
- Modified: Mar. 25, 2025
-
5.5
MEDIUMCVE-2020-0941
<p>An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.</p> <p>To exploi... Read more
Affected Products : windows_10 windows_8.1 windows_rt_8.1 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_1507 windows_10_1803 +5 more products- EPSS Score: %1.06
- Published: Sep. 11, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-0914
<p>An information disclosure vulnerability exists when the Windows State Repository Service improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.</... Read more
Affected Products : windows_10 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_1507 windows_10_1803 windows_10_1909 windows_server_1903 windows_server_1909 +1 more products- EPSS Score: %1.08
- Published: Sep. 11, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2016-0882
EMC Documentum xCP 2.1 before patch 23 and 2.2 before patch 11 allows remote authenticated users to read arbitrary files via a POST request containing an XML external entity declaration in conjunction with an entity reference, related to an XML External E... Read more
Affected Products : documentum_xcp- EPSS Score: %0.48
- Published: Feb. 12, 2016
- Modified: Apr. 12, 2025
-
5.5
MEDIUMCVE-2024-38017
Microsoft Message Queuing Information Disclosure Vulnerability... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_21h2 +9 more products- Published: Jul. 09, 2024
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-0643
An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface Plus (GDI+) handles objects in memory, allowing an attacker to retrieve information from a targeted system, aka 'Windows GDI+ Information Disclosure Vulne... Read more
- EPSS Score: %0.98
- Published: Jan. 14, 2020
- Modified: Nov. 21, 2024