Latest CVE Feed
-
5.5
MEDIUMCVE-2015-8924
The archive_read_format_tar_read_header function in archive_read_support_format_tar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tar file.... Read more
- Published: Sep. 20, 2016
- Modified: Apr. 12, 2025
-
5.5
MEDIUMCVE-2020-0427
In create_pinctrl of core.c, there is a possible out of bounds read due to a use after free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVe... Read more
- Published: Sep. 17, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-0756
An information disclosure vulnerability exists in the Cryptography Next Generation (CNG) service when it fails to properly handle objects in memory.To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially c... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows +1 more products- Published: Feb. 11, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2019-3971
Comodo Antivirus versions up to 12.0.0.6810 are vulnerable to a local Denial of Service affecting CmdVirth.exe via its LPC port "cmdvrtLPCServerPort". A low privileged local process can connect to this port and send an LPC_DATAGRAM, which triggers an Acce... Read more
Affected Products : antivirus- Published: Jul. 17, 2019
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2019-5489
The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects... Read more
Affected Products : linux_kernel active_iq_performance_analytics_services element_software_management_node- Published: Jan. 07, 2019
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-12867
A NULL pointer dereference in sanei_epson_net_read in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, aka GHSL-2020-075.... Read more
- Published: Jun. 01, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2019-7665
In elfutils 0.175, a heap-based buffer over-read was discovered in the function elf32_xlatetom in elf32_xlatetom.c in libelf. A crafted ELF input can cause a segmentation fault leading to denial of service (program crash) because ebl_core_note does not re... Read more
- Published: Feb. 09, 2019
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-13867
Open-iSCSI targetcli-fb through 2.1.52 has weak permissions for /etc/target (and for the backup directory and backup files).... Read more
- Published: Jun. 05, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-7251
Improper access control vulnerability in Configuration Tool in McAfee Mcafee Endpoint Security (ENS) Prior to 10.6.1 February 2020 Update allows local users to disable security features via unauthorised use of the configuration tool from older versions of... Read more
Affected Products : endpoint_security- Published: Feb. 14, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-14150
GNU Bison before 3.5.4 allows attackers to cause a denial of service (application crash). NOTE: there is a risk only if Bison is used with untrusted input, and an observed bug happens to cause unsafe behavior with a specific compiler/architecture. The bug... Read more
Affected Products : bison- Published: Jun. 15, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2024-13263
Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection') vulnerability in Drupal Opigno group manager allows PHP Local File Inclusion.This issue affects Opigno group manager: from 0.0.0 before 3.1.1.... Read more
Affected Products : group_manager- Published: Jan. 09, 2025
- Modified: Aug. 27, 2025
- Vuln Type: Injection
-
5.5
MEDIUMCVE-2024-13248
Incorrect Privilege Assignment vulnerability in Drupal Private content allows Target Influence via Framing.This issue affects Private content: from 0.0.0 before 2.1.0.... Read more
Affected Products : private_content- Published: Jan. 09, 2025
- Modified: Jun. 04, 2025
- Vuln Type: Authorization
-
5.5
MEDIUMCVE-2016-0666
Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to Security:... Read more
- Published: Apr. 21, 2016
- Modified: Apr. 12, 2025
-
5.5
MEDIUMCVE-2020-0676
An information disclosure vulnerability exists in the Cryptography Next Generation (CNG) service when it fails to properly handle objects in memory.To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially c... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows +1 more products- Published: Feb. 11, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2018-15321
When BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, or 11.2.1-11.5.6, BIG-IQ Centralized Management 5.0.0-5.4.0 or 4.6.0, BIG-IQ Cloud and Orchestration 1.0.0, iWorkflow 2.1.0-2.3.0, or Enterprise Manager 3.1.1 is licensed for ... Read more
Affected Products : big-ip_access_policy_manager big-ip_advanced_firewall_manager big-ip_analytics big-ip_application_acceleration_manager big-ip_domain_name_system big-ip_fraud_protection_service big-ip_global_traffic_manager big-ip_link_controller big-ip_local_traffic_manager big-ip_policy_enforcement_manager +7 more products- Published: Oct. 31, 2018
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2019-19555
read_textobject in read.c in Xfig fig2dev 3.2.7b has a stack-based buffer overflow because of an incorrect sscanf.... Read more
Affected Products : xfig- Published: Dec. 04, 2019
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2021-47032
In the Linux kernel, the following vulnerability has been resolved: mt76: mt7915: fix tx skb dma unmap The first pointer in the txp needs to be unmapped as well, otherwise it will leak DMA mapping entries... Read more
Affected Products : linux_kernel- Published: Feb. 28, 2024
- Modified: Dec. 12, 2024
-
5.5
MEDIUMCVE-2020-1072
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'.... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows +1 more products- Published: May. 21, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2021-47537
In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Fix a memleak bug in rvu_mbox_init() In rvu_mbox_init(), mbox_regions is not freed or passed out under the switch-default region, which could lead to a memory leak. Fix t... Read more
Affected Products : linux_kernel- Published: May. 24, 2024
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2021-47612
In the Linux kernel, the following vulnerability has been resolved: nfc: fix segfault in nfc_genl_dump_devices_done When kmalloc in nfc_genl_dump_devices() fails then nfc_genl_dump_devices_done() segfaults as below KASAN: null-ptr-deref in range [0x000... Read more
Affected Products : linux_kernel- Published: Jun. 19, 2024
- Modified: Nov. 21, 2024