Latest CVE Feed
-
5.5
MEDIUMCVE-2015-8932
The compress_bidder_init function in archive_read_support_filter_compress.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted tar file, which triggers an invalid left shift.... Read more
- Published: Sep. 20, 2016
- Modified: Apr. 12, 2025
-
5.5
MEDIUMCVE-2015-8934
The copy_from_lzss_window function in archive_read_support_format_rar.c in libarchive 3.2.0 and earlier allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted rar file.... Read more
- Published: Sep. 20, 2016
- Modified: Apr. 12, 2025
-
5.5
MEDIUMCVE-2015-8944
The ioresources_init function in kernel/resource.c in the Linux kernel through 4.7, as used in Android before 2016-08-05 on Nexus 6 and 7 (2013) devices, uses weak permissions for /proc/iomem, which allows local users to obtain sensitive information by re... Read more
- Published: Aug. 06, 2016
- Modified: Apr. 12, 2025
-
5.5
MEDIUMCVE-2024-1062
A heap overflow flaw was found in 389-ds-base. This issue leads to a denial of service when writing a value larger than 256 chars in log_entry_attr.... Read more
Affected Products : enterprise_linux fedora enterprise_linux_server_aus enterprise_linux_server_tus enterprise_linux_eus 389_directory_server enterprise_linux_for_ibm_z_systems_eus enterprise_linux_for_power_little_endian_eus enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions directory_server +3 more products- Published: Feb. 12, 2024
- Modified: Feb. 18, 2025
-
5.5
MEDIUMCVE-2020-16304
A buffer overflow vulnerability in image_render_color_thresh() in base/gxicolor.c of Artifex Software GhostScript v9.18 to v9.50 allows a remote attacker to escalate privileges via a crafted eps file. This is fixed in v9.51.... Read more
- Published: Aug. 13, 2020
- Modified: Mar. 14, 2025
-
5.5
MEDIUMCVE-2020-17521
Apache Groovy provides extension methods to aid with creating temporary directories. Prior to this fix, Groovy's implementation of those extension methods was using a now superseded Java JDK method call that is potentially not secure on some operating sys... Read more
- Published: Dec. 07, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2010-5328
include/linux/init_task.h in the Linux kernel before 2.6.35 does not prevent signals with a process group ID of zero from reaching the swapper process, which allows local users to cause a denial of service (system crash) by leveraging access to this proce... Read more
Affected Products : linux_kernel- Published: Feb. 06, 2017
- Modified: Apr. 20, 2025
-
5.5
MEDIUMCVE-2011-2906
Integer signedness error in the pmcraid_ioctl_passthrough function in drivers/scsi/pmcraid.c in the Linux kernel before 3.1 might allow local users to cause a denial of service (memory consumption or memory corruption) via a negative size value in an ioct... Read more
Affected Products : linux_kernel- Published: May. 24, 2012
- Modified: Apr. 11, 2025
-
5.5
MEDIUMCVE-2017-2626
It was discovered that libICE before 1.0.9-8 used a weak entropy to generate keys. A local attacker could potentially use this flaw for session hijacking using the information available from the process list.... Read more
- Published: Jul. 27, 2018
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2019-20170
An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is an invalid pointer dereference in the function GF_IPMPX_AUTH_Delete() in odf/ipmpx_code.c.... Read more
- Published: Dec. 31, 2019
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2016-0665
Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.10 and earlier allows local users to affect availability via vectors related to Security: Encryption.... Read more
- Published: Apr. 21, 2016
- Modified: Apr. 12, 2025
-
5.5
MEDIUMCVE-2018-18458
The function DCTStream::decodeImage in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted pdf file, as demonstrated by pdftoppm.... Read more
Affected Products : xpdf- Published: Oct. 18, 2018
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2011-2684
foo2zjs before 20110722dfsg-3ubuntu1 as packaged in Ubuntu, 20110722dfsg-1 as packaged in Debian unstable, and 20090908dfsg-5.1+squeeze0 as packaged in Debian squeeze create temporary files insecurely, which allows local users to write over arbitrary file... Read more
Affected Products : foo2zjs- Published: Oct. 23, 2017
- Modified: Apr. 20, 2025
-
5.5
MEDIUMCVE-2020-17113
Windows Camera Codec Information Disclosure Vulnerability... Read more
Affected Products : windows_10 windows_10_1607 windows_10_1809 windows_10_20h2 windows_10_1507 windows_10_1803 windows_10_1909- Published: Nov. 11, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-17102
WebP Image Extensions Information Disclosure Vulnerability... Read more
Affected Products : webp_image_extension- Published: Nov. 11, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-17029
Windows Canonical Display Driver Information Disclosure Vulnerability... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +10 more products- Published: Nov. 11, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-17046
Windows Error Reporting Denial of Service Vulnerability... Read more
Affected Products : windows_10 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_20h2 windows_10_1507 windows_10_1803 windows_10_1909 windows_server_20h2 +3 more products- Published: Nov. 11, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-17013
Win32k Information Disclosure Vulnerability... Read more
Affected Products : windows_10 windows_server_2016 windows_server_2019 windows_10_1809 windows_10_20h2 windows_10_1803 windows_10_1909 windows_server_20h2 windows_server_1903 windows_server_1909 +1 more products- Published: Nov. 11, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-17000
Remote Desktop Protocol Client Information Disclosure Vulnerability... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +6 more products- Published: Nov. 11, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-17004
Windows Graphics Component Information Disclosure Vulnerability... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +11 more products- Published: Nov. 11, 2020
- Modified: Nov. 21, 2024