Latest CVE Feed
-
5.5
MEDIUMCVE-2024-35992
In the Linux kernel, the following vulnerability has been resolved: phy: marvell: a3700-comphy: Fix out of bounds read There is an out of bounds read access of 'gbe_phy_init_fix[fix_idx].addr' every iteration after 'fix_idx' reaches 'ARRAY_SIZE(gbe_phy_... Read more
Affected Products : linux_kernel- Published: May. 20, 2024
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2014-1496
Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 might allow local users to gain privileges by modifying the extracted Mar contents during an update.... Read more
- Published: Mar. 19, 2014
- Modified: Apr. 12, 2025
-
5.5
MEDIUMCVE-2020-9391
An issue was discovered in the Linux kernel 5.4 and 5.5 through 5.5.6 on the AArch64 architecture. It ignores the top byte in the address passed to the brk system call, potentially moving the memory break downwards when the application expects it to move ... Read more
- Published: Feb. 25, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-9243
HUAWEI Mate 30 with versions earlier than 10.1.0.150(C00E136R5P3) have a denial of service vulnerability. The system does not properly limit the depth of recursion, an attacker should trick the user installing and execute a malicious application. Successf... Read more
- Published: Aug. 10, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2013-5890
Unspecified vulnerability in the Oracle Payroll component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.1, 12.1.2, 12.1.3, and 12.2.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Exception R... Read more
Affected Products : e-business_suite- Published: Jan. 15, 2014
- Modified: Apr. 11, 2025
-
5.5
MEDIUMCVE-2020-9235
Huawei smartphones HONOR 20 PRO Versions earlier than 10.1.0.230(C432E9R5P1),Versions earlier than 10.1.0.231(C10E3R3P2),Versions earlier than 10.1.0.231(C185E3R5P1),Versions earlier than 10.1.0.231(C636E3R3P1);Versions earlier than 10.1.0.212(C432E10R3P4... Read more
- Published: Sep. 03, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-9093
There is a use after free vulnerability in Taurus-AL00A versions 10.0.0.1(C00E1R1P1). A module does not deal with specific message properly, which makes a function refer to memory after it has been freed. Attackers can exploit this vulnerability by runnin... Read more
- Published: Dec. 29, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-9091
Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have an out-of-bounds read and write vulnerability. Some functions do not verify inputs sufficiently. Attackers can exploit this vulnerability by sending specific request. This could compromise no... Read more
- Published: Oct. 12, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-8992
ext4_protect_reserved_inode in fs/ext4/block_validity.c in the Linux kernel through 5.5.3 allows attackers to cause a denial of service (soft lockup) via a crafted journal size.... Read more
Affected Products : linux_kernel ubuntu_linux leap active_iq_unified_manager h410c_firmware cloud_backup hci_management_node solidfire steelstore_cloud_integrated_storage data_availability_services +1 more products- Published: Feb. 14, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-8936
An arbitrary memory overwrite vulnerability in Asylo versions up to 0.6.0 allows an attacker to make a host call to UntrustedCall. UntrustedCall failed to validate the buffer range within sgx_params and allowed the host to return a pointer that was an add... Read more
Affected Products : asylo- Published: Dec. 15, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2015-6591
Directory traversal vulnerability in application/templates/amelia/loadjs.php in Free Reprintables ArticleFR 3.0.7 and earlier allows local users to read arbitrary files via the s parameter.... Read more
Affected Products : articlefr- Published: Jan. 15, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-8832
The fix for the Linux kernel in Ubuntu 18.04 LTS for CVE-2019-14615 ("The Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors.") was discovered to be incomplete, meaning that in versions of the ker... Read more
- Published: Apr. 10, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-8698
Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.... Read more
- Published: Nov. 12, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-8696
Improper removal of sensitive information before storage or transfer in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.... Read more
Affected Products : fedora debian_linux clustered_data_ontap hci_storage_node xeon_e-2124 xeon_e-2124g xeon_e-2126g xeon_e-2134 xeon_e-2136 xeon_e-2144g +492 more products- Published: Nov. 12, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-8682
Out of bounds read in system driver for some Intel(R) Graphics Drivers before version 15.33.50.5129 may allow an authenticated user to potentially enable denial of service via local access.... Read more
Affected Products : graphics_drivers- Published: Aug. 13, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2012-0038
Integer overflow in the xfs_acl_from_disk function in fs/xfs/xfs_acl.c in the Linux kernel before 3.1.9 allows local users to cause a denial of service (panic) via a filesystem with a malformed ACL, leading to a heap-based buffer overflow.... Read more
Affected Products : linux_kernel- Published: May. 17, 2012
- Modified: Apr. 11, 2025
-
5.5
MEDIUMCVE-2020-8632
In cloud-init through 19.4, rand_user_password in cloudinit/config/cc_set_passwords.py has a small default pwlen value, which makes it easier for attackers to guess passwords.... Read more
- Published: Feb. 05, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2015-6470
Resource Data Management Data Manager before 2.2 allows remote authenticated users to modify arbitrary passwords via unspecified vectors.... Read more
Affected Products : data_manager- Published: Sep. 26, 2015
- Modified: Apr. 12, 2025
-
5.5
MEDIUMCVE-2024-35975
In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Fix transmit scheduler resource leak Inorder to support shaping and scheduling, Upon class creation Netdev driver allocates trasmit schedulers. The previous patch which a... Read more
Affected Products : linux_kernel- Published: May. 20, 2024
- Modified: Jan. 14, 2025
-
5.5
MEDIUMCVE-2015-6461
Remote file inclusion allows an attacker to craft a specific URL referencing the Schneider Electric Modicon BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H, BMXNOR0200H, BMXP342020, BMXP342020H, BMXP342030, BMXP3420302, BMXP3420302H, or BMXP342030H PLC we... Read more
Affected Products : bmxnoe0100_firmware bmxnoe0110_firmware bmxnor0200h_firmware bmxnoc0401_firmware bmxnoe0110h_firmware modicon_m340_bmxp342020_firmware modicon_m340_bmxp342030_firmware modicon_m340_bmxp342020h_firmware modicon_m340_bmxp3420302_firmware modicon_m340_bmxp3420302h_firmware +12 more products- Published: Mar. 21, 2019
- Modified: Nov. 21, 2024