Latest CVE Feed
-
5.5
MEDIUMCVE-2013-1033
Screen Lock in Apple Mac OS X before 10.8.5 does not properly track sessions, which allows remote authenticated users to bypass locking by leveraging screen-sharing access.... Read more
- Published: Sep. 16, 2013
- Modified: Apr. 11, 2025
-
5.5
MEDIUMCVE-2016-4569
The snd_timer_user_params function in sound/core/timer.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer inte... Read more
Affected Products : linux_kernel ubuntu_linux suse_linux_enterprise_desktop suse_linux_enterprise_server suse_linux_enterprise_software_development_kit suse_linux_enterprise_real_time_extension suse_linux_enterprise_debuginfo suse_linux_enterprise_live_patching suse_linux_enterprise_module_for_public_cloud suse_linux_enterprise_workstation_extension- Published: May. 23, 2016
- Modified: Apr. 12, 2025
-
5.5
MEDIUMCVE-2016-5403
The virtqueue_pop function in hw/virtio/virtio.c in QEMU allows local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) by submitting requests without waiting for completion.... Read more
- Published: Aug. 02, 2016
- Modified: Apr. 12, 2025
-
5.5
MEDIUMCVE-2020-24565
An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensitive information to an unprivileged account on vulnerable installations of the product. An attacker must first obtain the abil... Read more
- Published: Sep. 29, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2016-7474
In some cases the MCPD binary cache in F5 BIG-IP devices may allow a user with Advanced Shell access, or privileges to generate a qkview, to temporarily obtain normally unrecoverable information.... Read more
Affected Products : big-ip_access_policy_manager big-ip_advanced_firewall_manager big-ip_analytics big-ip_application_acceleration_manager big-ip_application_security_manager big-ip_domain_name_system big-ip_global_traffic_manager big-ip_link_controller big-ip_local_traffic_manager big-ip_policy_enforcement_manager +4 more products- Published: Mar. 27, 2017
- Modified: Apr. 20, 2025
-
5.5
MEDIUMCVE-2020-24503
Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers for Linux before version 1.0.4 may allow an authenticated user to potentially enable information disclosure via local access.... Read more
Affected Products : ethernet_network_adapter_e810_firmware ethernet_network_adapter_e810-cqda1 ethernet_network_adapter_e810-cqda1_for_ocp ethernet_network_adapter_e810-cqda1_for_ocp_3.0 ethernet_network_adapter_e810-cqda2 ethernet_network_adapter_e810-cqda2_for_ocp_3.0 ethernet_network_adapter_e810-xxvda2 ethernet_network_adapter_e810-xxvda2_for_ocp ethernet_network_adapter_e810-xxvda2_for_ocp_3.0 ethernet_network_adapter_e810-xxvda4- Published: Feb. 17, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-24502
Improper input validation in some Intel(R) Ethernet E810 Adapter drivers for Linux before version 1.0.4 and before version 1.4.29.0 for Windows*, may allow an authenticated user to potentially enable a denial of service via local access.... Read more
Affected Products : ethernet_network_adapter_e810_firmware ethernet_network_adapter_e810-cqda1 ethernet_network_adapter_e810-cqda1_for_ocp ethernet_network_adapter_e810-cqda1_for_ocp_3.0 ethernet_network_adapter_e810-cqda2 ethernet_network_adapter_e810-cqda2_for_ocp_3.0 ethernet_network_adapter_e810-xxvda2 ethernet_network_adapter_e810-xxvda2_for_ocp ethernet_network_adapter_e810-xxvda2_for_ocp_3.0 ethernet_network_adapter_e810-xxvda4- Published: Feb. 17, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2016-8645
The TCP stack in the Linux kernel before 4.8.10 mishandles skb truncation, which allows local users to cause a denial of service (system crash) via a crafted application that makes sendto system calls, related to net/ipv4/tcp_ipv4.c and net/ipv6/tcp_ipv6.... Read more
Affected Products : linux_kernel- Published: Nov. 28, 2016
- Modified: Apr. 12, 2025
-
5.5
MEDIUMCVE-2016-8696
The bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted BMP image, a different vulnerability than CVE-2016-8694 and CVE-2016-8695.... Read more
- Published: Jan. 31, 2017
- Modified: Apr. 20, 2025
-
5.5
MEDIUMCVE-2020-24475
Improper initialization in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.48.ce3e3bd2 may allow an authenticated user to potentially enable denial of service via local access.... Read more
- Published: Jun. 09, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2016-8887
The jp2_colr_destroy function in libjasper/jp2/jp2_cod.c in JasPer before 1.900.10 allows remote attackers to cause a denial of service (NULL pointer dereference).... Read more
- Published: Mar. 23, 2017
- Modified: Apr. 20, 2025
-
5.5
MEDIUMCVE-2020-24448
Uncaught exception in some Intel(R) Graphics Drivers before version 15.33.51.5146 may allow an authenticated user to potentially enable denial of service via local access.... Read more
Affected Products : graphics_drivers- Published: Feb. 17, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-24452
Improper input validation in the Intel(R) SGX Platform Software for Windows* may allow an authenticated user to potentially enable a denial of service via local access.... Read more
Affected Products : sgx_platform- Published: Feb. 17, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2016-9265
The printMP3Headers function in listmp3.c in Libming 0.4.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted mp3 file.... Read more
Affected Products : libming- Published: Mar. 23, 2017
- Modified: Apr. 20, 2025
-
5.5
MEDIUMCVE-2016-9591
JasPer before version 2.0.12 is vulnerable to a use-after-free in the way it decodes certain JPEG 2000 image files resulting in a crash on the application using JasPer.... Read more
- Published: Mar. 09, 2018
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2015-4178
The fs_pin implementation in the Linux kernel before 4.0.5 does not ensure the internal consistency of a certain list data structure, which allows local users to cause a denial of service (system crash) by leveraging user-namespace root access for an MNT_... Read more
Affected Products : linux_kernel- Published: May. 02, 2016
- Modified: Apr. 12, 2025
-
5.5
MEDIUMCVE-2016-9922
The cirrus_do_copy function in hw/display/cirrus_vga.c in QEMU (aka Quick Emulator), when cirrus graphics mode is VGA, allows local guest OS privileged users to cause a denial of service (divide-by-zero error and QEMU process crash) via vectors involving ... Read more
Affected Products : qemu- Published: Mar. 27, 2017
- Modified: Apr. 20, 2025
-
5.5
MEDIUMCVE-2017-11728
A heap-based buffer over-read was found in the function OpCode (called from decompileSETMEMBER) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file.... Read more
Affected Products : ming- Published: Jul. 29, 2017
- Modified: Apr. 20, 2025
-
5.5
MEDIUMCVE-2020-24187
An issue was discovered in ecma-helpers.c in jerryscript version 2.3.0, allows local attackers to cause a denial of service (DoS) (Null Pointer Dereference).... Read more
Affected Products : jerryscript- Published: Aug. 11, 2023
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2015-8728
The Mobile Identity parser in (1) epan/dissectors/packet-ansi_a.c in the ANSI A dissector and (2) epan/dissectors/packet-gsm_a_common.c in the GSM A dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 improperly uses the tvb_bcd_dig_to_wmem... Read more
Affected Products : wireshark- Published: Jan. 04, 2016
- Modified: Apr. 12, 2025