Latest CVE Feed
-
5.5
MEDIUMCVE-2021-0110
Improper access control in some Intel(R) Thunderbolt(TM) Windows DCH Drivers before version 1.41.1054.0 may allow unauthenticated user to potentially enable denial of service via local access.... Read more
Affected Products : core_i3-10100y core_i3-10110u core_i3-10110y core_i3-1110g4 core_i3-1115g4 core_i3-1120g4 core_i3-1125g4 core_i5-10210u core_i5-10210y core_i5-10310u +20 more products- Published: Nov. 17, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2021-0072
Improper input validation in firmware for some Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and some Killer(TM) Wi-Fi in Windows 10 and 11 may allow a privileged user to potentially enable information disclosure via local access.... Read more
- Published: Feb. 09, 2022
- Modified: May. 05, 2025
-
5.5
MEDIUMCVE-2021-0076
Improper Validation of Specified Index, Position, or Offset in Input in firmware for some Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and some Killer(TM) Wi-Fi in Windows 10 and 11 may allow a privileged user to potentially enable denial ... Read more
- Published: Feb. 09, 2022
- Modified: May. 05, 2025
-
5.5
MEDIUMCVE-2015-5158
Stack-based buffer overflow in hw/scsi/scsi-bus.c in QEMU, when built with SCSI-device emulation support, allows guest OS users with CAP_SYS_RAWIO permissions to cause a denial of service (instance crash) via an invalid opcode in a SCSI command descriptor... Read more
Affected Products : qemu- Published: Apr. 12, 2016
- Modified: Apr. 12, 2025
-
5.5
MEDIUMCVE-2020-9944
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.0, tvOS 14.0, iOS 14.0 and iPadOS 14.0. An application may be able to read restricted memory.... Read more
- Published: Dec. 08, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2015-4316
The Mobile and Remote Access (MRA) endpoint-validation feature in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 improperly validates the phone line used for registration, which allows remote authenticated users to conduct impersona... Read more
Affected Products : telepresence_video_communication_server_software- Published: Aug. 20, 2015
- Modified: Apr. 12, 2025
-
5.5
MEDIUMCVE-2020-9913
This issue was addressed with improved data protection. This issue is fixed in macOS Catalina 10.15.6. A local user may be able to leak sensitive user information.... Read more
- Published: Oct. 16, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-9851
An access issue was addressed with improved access restrictions. This issue is fixed in macOS Catalina 10.15.5. A malicious application may be able to modify protected parts of the file system.... Read more
- Published: Jun. 09, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-9649
Adobe Media Encoder versions 14.2 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.... Read more
Affected Products : media_encoder- Published: Jul. 17, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2014-8562
DCM decode in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read).... Read more
Affected Products : imagemagick- Published: Apr. 11, 2017
- Modified: Apr. 20, 2025
-
5.5
MEDIUMCVE-2020-9595
Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.30166 and earlier, and 2015.006.30518 and earlier have an invalid memory access vulnerability. Successful exploitation could lead to information disclosure.... Read more
- Published: Jun. 25, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-9479
When loading a UDF, a specially crafted zip file could allow files to be placed outside of the UDF deployment directory. This issue affected Apache AsterixDB unreleased builds between commits 580b81aa5e8888b8e1b0620521a1c9680e54df73 and 28c0ee84f1387ab5d0... Read more
Affected Products : asterixdb- Published: Mar. 01, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2014-8559
The d_walk function in fs/dcache.c in the Linux kernel through 3.17.2 does not properly maintain the semantics of rename_lock, which allows local users to cause a denial of service (deadlock and system hang) via a crafted application.... Read more
- Published: Nov. 10, 2014
- Modified: Apr. 12, 2025
-
5.5
MEDIUMCVE-2020-9453
In Epson iProjection v2.30, the driver file EMP_MPAU.sys allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9C402406 and IOCtl 0x9C40240A. (0x9C402402 has on... Read more
Affected Products : iprojection- Published: Feb. 05, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2024-35992
In the Linux kernel, the following vulnerability has been resolved: phy: marvell: a3700-comphy: Fix out of bounds read There is an out of bounds read access of 'gbe_phy_init_fix[fix_idx].addr' every iteration after 'fix_idx' reaches 'ARRAY_SIZE(gbe_phy_... Read more
Affected Products : linux_kernel- Published: May. 20, 2024
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2014-1496
Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 might allow local users to gain privileges by modifying the extracted Mar contents during an update.... Read more
- Published: Mar. 19, 2014
- Modified: Apr. 12, 2025
-
5.5
MEDIUMCVE-2020-9391
An issue was discovered in the Linux kernel 5.4 and 5.5 through 5.5.6 on the AArch64 architecture. It ignores the top byte in the address passed to the brk system call, potentially moving the memory break downwards when the application expects it to move ... Read more
- Published: Feb. 25, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-9243
HUAWEI Mate 30 with versions earlier than 10.1.0.150(C00E136R5P3) have a denial of service vulnerability. The system does not properly limit the depth of recursion, an attacker should trick the user installing and execute a malicious application. Successf... Read more
- Published: Aug. 10, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2013-5890
Unspecified vulnerability in the Oracle Payroll component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.1, 12.1.2, 12.1.3, and 12.2.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Exception R... Read more
Affected Products : e-business_suite- Published: Jan. 15, 2014
- Modified: Apr. 11, 2025
-
5.5
MEDIUMCVE-2020-9235
Huawei smartphones HONOR 20 PRO Versions earlier than 10.1.0.230(C432E9R5P1),Versions earlier than 10.1.0.231(C10E3R3P2),Versions earlier than 10.1.0.231(C185E3R5P1),Versions earlier than 10.1.0.231(C636E3R3P1);Versions earlier than 10.1.0.212(C432E10R3P4... Read more
- Published: Sep. 03, 2020
- Modified: Nov. 21, 2024