Latest CVE Feed
-
5.5
MEDIUMCVE-2020-25046
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. The USB driver leaks address information via kernel logging. The Samsung IDs are SVE-2020-17602, SVE-2020-17603, SVE-2020-17604 (August 2020).... Read more
Affected Products : android- Published: Aug. 31, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-24863
A memory corruption vulnerability was found in the kernel function kern_getfsstat in MidnightBSD before 1.2.7 and 1.3 through 2020-08-19, and FreeBSD through 11.4, that allows an attacker to trigger an invalid free and crash the system via a crafted size ... Read more
- Published: Sep. 03, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2011-5321
The tty_open function in drivers/tty/tty_io.c in the Linux kernel before 3.1.1 mishandles a driver-lookup failure, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact ... Read more
Affected Products : linux_kernel- Published: May. 02, 2016
- Modified: Apr. 12, 2025
-
5.5
MEDIUMCVE-2020-24824
A global buffer overflow issue in the dwarf::line_table::line_table function of Libelfin v0.3 allows attackers to cause a denial of service (DOS).... Read more
Affected Products : libelfin- Published: Aug. 04, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-24827
A vulnerability in the dwarf::cursor::skip_form function of Libelfin v0.3 allows attackers to cause a denial of service (DOS) through a segmentation fault via a crafted ELF file.... Read more
Affected Products : libelfin- Published: Aug. 04, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-24829
An issue was discovered in GPAC from v0.5.2 to v0.8.0, as demonstrated by MP4Box. It contains a heap-based buffer overflow in gf_m2ts_section_complete in media_tools/mpegts.c that can cause a denial of service (DOS) via a crafted MP4 file.... Read more
Affected Products : gpac- Published: Aug. 04, 2021
- Modified: Mar. 05, 2025
-
5.5
MEDIUMCVE-2020-24736
Buffer Overflow vulnerability found in SQLite3 v.3.27.1 and before allows a local attacker to cause a denial of service via a crafted script.... Read more
Affected Products : sqlite3- Published: Apr. 11, 2023
- Modified: Feb. 11, 2025
-
5.5
MEDIUMCVE-2013-1053
In crypt.c of remote-login-service, the cryptographic algorithm used to cache usernames and passwords is insecure. An attacker could use this vulnerability to recover usernames and passwords from the file. This issue affects version 1.0.0-0ubuntu3 and pri... Read more
Affected Products : remote-login-service- Published: Jan. 13, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2013-1033
Screen Lock in Apple Mac OS X before 10.8.5 does not properly track sessions, which allows remote authenticated users to bypass locking by leveraging screen-sharing access.... Read more
- Published: Sep. 16, 2013
- Modified: Apr. 11, 2025
-
5.5
MEDIUMCVE-2016-4569
The snd_timer_user_params function in sound/core/timer.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer inte... Read more
Affected Products : linux_kernel ubuntu_linux suse_linux_enterprise_desktop suse_linux_enterprise_server suse_linux_enterprise_software_development_kit suse_linux_enterprise_real_time_extension suse_linux_enterprise_debuginfo suse_linux_enterprise_live_patching suse_linux_enterprise_module_for_public_cloud suse_linux_enterprise_workstation_extension- Published: May. 23, 2016
- Modified: Apr. 12, 2025
-
5.5
MEDIUMCVE-2016-5403
The virtqueue_pop function in hw/virtio/virtio.c in QEMU allows local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) by submitting requests without waiting for completion.... Read more
- Published: Aug. 02, 2016
- Modified: Apr. 12, 2025
-
5.5
MEDIUMCVE-2020-24565
An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensitive information to an unprivileged account on vulnerable installations of the product. An attacker must first obtain the abil... Read more
- Published: Sep. 29, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2016-7474
In some cases the MCPD binary cache in F5 BIG-IP devices may allow a user with Advanced Shell access, or privileges to generate a qkview, to temporarily obtain normally unrecoverable information.... Read more
Affected Products : big-ip_access_policy_manager big-ip_advanced_firewall_manager big-ip_analytics big-ip_application_acceleration_manager big-ip_application_security_manager big-ip_domain_name_system big-ip_global_traffic_manager big-ip_link_controller big-ip_local_traffic_manager big-ip_policy_enforcement_manager +4 more products- Published: Mar. 27, 2017
- Modified: Apr. 20, 2025
-
5.5
MEDIUMCVE-2020-24503
Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers for Linux before version 1.0.4 may allow an authenticated user to potentially enable information disclosure via local access.... Read more
Affected Products : ethernet_network_adapter_e810_firmware ethernet_network_adapter_e810-cqda1 ethernet_network_adapter_e810-cqda1_for_ocp ethernet_network_adapter_e810-cqda1_for_ocp_3.0 ethernet_network_adapter_e810-cqda2 ethernet_network_adapter_e810-cqda2_for_ocp_3.0 ethernet_network_adapter_e810-xxvda2 ethernet_network_adapter_e810-xxvda2_for_ocp ethernet_network_adapter_e810-xxvda2_for_ocp_3.0 ethernet_network_adapter_e810-xxvda4- Published: Feb. 17, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-24502
Improper input validation in some Intel(R) Ethernet E810 Adapter drivers for Linux before version 1.0.4 and before version 1.4.29.0 for Windows*, may allow an authenticated user to potentially enable a denial of service via local access.... Read more
Affected Products : ethernet_network_adapter_e810_firmware ethernet_network_adapter_e810-cqda1 ethernet_network_adapter_e810-cqda1_for_ocp ethernet_network_adapter_e810-cqda1_for_ocp_3.0 ethernet_network_adapter_e810-cqda2 ethernet_network_adapter_e810-cqda2_for_ocp_3.0 ethernet_network_adapter_e810-xxvda2 ethernet_network_adapter_e810-xxvda2_for_ocp ethernet_network_adapter_e810-xxvda2_for_ocp_3.0 ethernet_network_adapter_e810-xxvda4- Published: Feb. 17, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2016-8645
The TCP stack in the Linux kernel before 4.8.10 mishandles skb truncation, which allows local users to cause a denial of service (system crash) via a crafted application that makes sendto system calls, related to net/ipv4/tcp_ipv4.c and net/ipv6/tcp_ipv6.... Read more
Affected Products : linux_kernel- Published: Nov. 28, 2016
- Modified: Apr. 12, 2025
-
5.5
MEDIUMCVE-2016-8696
The bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted BMP image, a different vulnerability than CVE-2016-8694 and CVE-2016-8695.... Read more
- Published: Jan. 31, 2017
- Modified: Apr. 20, 2025
-
5.5
MEDIUMCVE-2020-24475
Improper initialization in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.48.ce3e3bd2 may allow an authenticated user to potentially enable denial of service via local access.... Read more
- Published: Jun. 09, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2016-8887
The jp2_colr_destroy function in libjasper/jp2/jp2_cod.c in JasPer before 1.900.10 allows remote attackers to cause a denial of service (NULL pointer dereference).... Read more
- Published: Mar. 23, 2017
- Modified: Apr. 20, 2025
-
5.5
MEDIUMCVE-2020-24448
Uncaught exception in some Intel(R) Graphics Drivers before version 15.33.51.5146 may allow an authenticated user to potentially enable denial of service via local access.... Read more
Affected Products : graphics_drivers- Published: Feb. 17, 2021
- Modified: Nov. 21, 2024