Latest CVE Feed
-
5.5
MEDIUMCVE-2020-25266
AppImage appimaged before 1.0.3 does not properly check whether a downloaded file is a valid appimage. For example, it will accept a crafted mp3 file that contains an appimage, and install it.... Read more
Affected Products : appimaged- Published: Dec. 02, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-25203
The Framer Preview application 12 for Android exposes com.framer.viewer.FramerViewActivity to other applications. By calling the intent with the action set to android.intent.action.VIEW, any other application is able to load any website/web content into t... Read more
Affected Products : framer_preview- Published: Sep. 25, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-25047
An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (released in China and India) software. The S Secure application does not enforce the intended password requirement for a locked application. The Samsung IDs are SVE-2020-16746, SVE... Read more
Affected Products : android- Published: Aug. 31, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-25046
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. The USB driver leaks address information via kernel logging. The Samsung IDs are SVE-2020-17602, SVE-2020-17603, SVE-2020-17604 (August 2020).... Read more
Affected Products : android- Published: Aug. 31, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-24863
A memory corruption vulnerability was found in the kernel function kern_getfsstat in MidnightBSD before 1.2.7 and 1.3 through 2020-08-19, and FreeBSD through 11.4, that allows an attacker to trigger an invalid free and crash the system via a crafted size ... Read more
- Published: Sep. 03, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2011-5321
The tty_open function in drivers/tty/tty_io.c in the Linux kernel before 3.1.1 mishandles a driver-lookup failure, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact ... Read more
Affected Products : linux_kernel- Published: May. 02, 2016
- Modified: Apr. 12, 2025
-
5.5
MEDIUMCVE-2020-24824
A global buffer overflow issue in the dwarf::line_table::line_table function of Libelfin v0.3 allows attackers to cause a denial of service (DOS).... Read more
Affected Products : libelfin- Published: Aug. 04, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-24827
A vulnerability in the dwarf::cursor::skip_form function of Libelfin v0.3 allows attackers to cause a denial of service (DOS) through a segmentation fault via a crafted ELF file.... Read more
Affected Products : libelfin- Published: Aug. 04, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-24829
An issue was discovered in GPAC from v0.5.2 to v0.8.0, as demonstrated by MP4Box. It contains a heap-based buffer overflow in gf_m2ts_section_complete in media_tools/mpegts.c that can cause a denial of service (DOS) via a crafted MP4 file.... Read more
Affected Products : gpac- Published: Aug. 04, 2021
- Modified: Mar. 05, 2025
-
5.5
MEDIUMCVE-2020-24736
Buffer Overflow vulnerability found in SQLite3 v.3.27.1 and before allows a local attacker to cause a denial of service via a crafted script.... Read more
Affected Products : sqlite3- Published: Apr. 11, 2023
- Modified: Feb. 11, 2025
-
5.5
MEDIUMCVE-2013-1053
In crypt.c of remote-login-service, the cryptographic algorithm used to cache usernames and passwords is insecure. An attacker could use this vulnerability to recover usernames and passwords from the file. This issue affects version 1.0.0-0ubuntu3 and pri... Read more
Affected Products : remote-login-service- Published: Jan. 13, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2013-1033
Screen Lock in Apple Mac OS X before 10.8.5 does not properly track sessions, which allows remote authenticated users to bypass locking by leveraging screen-sharing access.... Read more
- Published: Sep. 16, 2013
- Modified: Apr. 11, 2025
-
5.5
MEDIUMCVE-2016-4569
The snd_timer_user_params function in sound/core/timer.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer inte... Read more
Affected Products : linux_kernel ubuntu_linux suse_linux_enterprise_desktop suse_linux_enterprise_server suse_linux_enterprise_software_development_kit suse_linux_enterprise_real_time_extension suse_linux_enterprise_debuginfo suse_linux_enterprise_live_patching suse_linux_enterprise_module_for_public_cloud suse_linux_enterprise_workstation_extension- Published: May. 23, 2016
- Modified: Apr. 12, 2025
-
5.5
MEDIUMCVE-2016-5403
The virtqueue_pop function in hw/virtio/virtio.c in QEMU allows local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) by submitting requests without waiting for completion.... Read more
- Published: Aug. 02, 2016
- Modified: Apr. 12, 2025
-
5.5
MEDIUMCVE-2020-24565
An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensitive information to an unprivileged account on vulnerable installations of the product. An attacker must first obtain the abil... Read more
- Published: Sep. 29, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2016-7474
In some cases the MCPD binary cache in F5 BIG-IP devices may allow a user with Advanced Shell access, or privileges to generate a qkview, to temporarily obtain normally unrecoverable information.... Read more
Affected Products : big-ip_access_policy_manager big-ip_advanced_firewall_manager big-ip_analytics big-ip_application_acceleration_manager big-ip_application_security_manager big-ip_domain_name_system big-ip_global_traffic_manager big-ip_link_controller big-ip_local_traffic_manager big-ip_policy_enforcement_manager +4 more products- Published: Mar. 27, 2017
- Modified: Apr. 20, 2025
-
5.5
MEDIUMCVE-2020-24503
Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers for Linux before version 1.0.4 may allow an authenticated user to potentially enable information disclosure via local access.... Read more
Affected Products : ethernet_network_adapter_e810_firmware ethernet_network_adapter_e810-cqda1 ethernet_network_adapter_e810-cqda1_for_ocp ethernet_network_adapter_e810-cqda1_for_ocp_3.0 ethernet_network_adapter_e810-cqda2 ethernet_network_adapter_e810-cqda2_for_ocp_3.0 ethernet_network_adapter_e810-xxvda2 ethernet_network_adapter_e810-xxvda2_for_ocp ethernet_network_adapter_e810-xxvda2_for_ocp_3.0 ethernet_network_adapter_e810-xxvda4- Published: Feb. 17, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-24502
Improper input validation in some Intel(R) Ethernet E810 Adapter drivers for Linux before version 1.0.4 and before version 1.4.29.0 for Windows*, may allow an authenticated user to potentially enable a denial of service via local access.... Read more
Affected Products : ethernet_network_adapter_e810_firmware ethernet_network_adapter_e810-cqda1 ethernet_network_adapter_e810-cqda1_for_ocp ethernet_network_adapter_e810-cqda1_for_ocp_3.0 ethernet_network_adapter_e810-cqda2 ethernet_network_adapter_e810-cqda2_for_ocp_3.0 ethernet_network_adapter_e810-xxvda2 ethernet_network_adapter_e810-xxvda2_for_ocp ethernet_network_adapter_e810-xxvda2_for_ocp_3.0 ethernet_network_adapter_e810-xxvda4- Published: Feb. 17, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2016-8645
The TCP stack in the Linux kernel before 4.8.10 mishandles skb truncation, which allows local users to cause a denial of service (system crash) via a crafted application that makes sendto system calls, related to net/ipv4/tcp_ipv4.c and net/ipv6/tcp_ipv6.... Read more
Affected Products : linux_kernel- Published: Nov. 28, 2016
- Modified: Apr. 12, 2025
-
5.5
MEDIUMCVE-2016-8696
The bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted BMP image, a different vulnerability than CVE-2016-8694 and CVE-2016-8695.... Read more
- Published: Jan. 31, 2017
- Modified: Apr. 20, 2025