Latest CVE Feed
-
5.5
MEDIUMCVE-2020-26164
In kdeconnect-kde (aka KDE Connect) before 20.08.2, an attacker on the local network could send crafted packets that trigger use of large amounts of CPU, memory, or network connection slots, aka a Denial of Service attack.... Read more
- EPSS Score: %0.08
- Published: Oct. 07, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-24890
libraw 20.0 has a null pointer dereference vulnerability in parse_tiff_ifd in src/metadata/tiff.cpp, which may result in context-dependent arbitrary code execution. Note: this vulnerability occurs only if you compile the software in a certain way... Read more
Affected Products : libraw- EPSS Score: %0.43
- Published: Sep. 16, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-19609
Artifex MuPDF before 1.18.0 has a heap based buffer over-write in tiff_expand_colormap() function when parsing TIFF files allowing attackers to cause a denial of service.... Read more
- EPSS Score: %0.45
- Published: Jul. 21, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-17036
Windows Function Discovery SSDP Provider Information Disclosure Vulnerability... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +11 more products- EPSS Score: %0.32
- Published: Nov. 11, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-17030
Windows MSCTF Server Information Disclosure Vulnerability... Read more
Affected Products : windows_10 windows_server_2016 windows_server_2019 windows_10_1809 windows_10_20h2 windows_10_1803 windows_10_1909 windows_server_20h2 windows_server_1903 windows_server_1909 +1 more products- EPSS Score: %0.45
- Published: Nov. 11, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-17029
Windows Canonical Display Driver Information Disclosure Vulnerability... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +10 more products- EPSS Score: %0.45
- Published: Nov. 11, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-16919
<p>An information disclosure vulnerability exists when the Windows Enterprise App Management Service improperly handles certain file operations. An attacker who successfully exploited this vulnerability could read arbitrary files.</p> <p>An attacker with ... Read more
Affected Products : windows_10 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_1507 windows_10_1803 windows_10_1909 windows_server_1903 windows_server_1909 +1 more products- EPSS Score: %0.46
- Published: Oct. 16, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2022-37386
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.2.53575. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a ma... Read more
- EPSS Score: %0.86
- Published: Mar. 29, 2023
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-16879
<p>An information disclosure vulnerability exists when a Windows Projected Filesystem improperly handles file redirections. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's system</p> <p>T... Read more
- EPSS Score: %1.04
- Published: Sep. 11, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-16269
radare2 4.5.0 misparses DWARF information in executable files, causing a segmentation fault in parse_typedef in type_dwarf.c via a malformed DW_AT_name in the .debug_info section.... Read more
- EPSS Score: %0.34
- Published: Aug. 03, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-1599
Windows Spoofing Vulnerability... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +11 more products- EPSS Score: %5.73
- Published: Nov. 11, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-15989
Uninitialized data in PDFium in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file.... Read more
- EPSS Score: %0.44
- Published: Nov. 03, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-15945
Lua 5.4.0 (fixed in 5.4.1) has a segmentation fault in changedline in ldebug.c (e.g., when called by luaG_traceexec) because it incorrectly expects that an oldpc value is always updated upon a return of the flow of control to a function.... Read more
Affected Products : lua- EPSS Score: %0.12
- Published: Jul. 24, 2020
- Modified: Feb. 19, 2025
-
5.5
MEDIUMCVE-2020-15709
Versions of add-apt-repository before 0.98.9.2, 0.96.24.32.14, 0.96.20.10, and 0.92.37.8ubuntu0.1~esm1, printed a PPA (personal package archive) description to the terminal as-is, which allowed PPA owners to provide ANSI terminal escapes to modify termina... Read more
Affected Products : add-apt-repository- EPSS Score: %0.05
- Published: Sep. 05, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2022-37379
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a ma... Read more
- EPSS Score: %0.86
- Published: Mar. 29, 2023
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-1502
An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the user’s computer or data. To exploit the vulnerabili... Read more
- EPSS Score: %22.52
- Published: Aug. 17, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-1499
A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request ... Read more
- EPSS Score: %1.72
- Published: Aug. 17, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-14892
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.16. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where... Read more
Affected Products : vm_virtualbox- EPSS Score: %0.06
- Published: Oct. 21, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-14391
A flaw was found in the GNOME Control Center in Red Hat Enterprise Linux 8 versions prior to 8.2, where it improperly uses Red Hat Customer Portal credentials when a user registers a system through the GNOME Settings User Interface. This flaw allows a loc... Read more
Affected Products : enterprise_linux enterprise_linux_eus enterprise_linux_aus enterprise_linux_tus control_center- EPSS Score: %0.17
- Published: Feb. 08, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-1391
An information disclosure vulnerability exists when the Windows Agent Activation Runtime (AarSvc) fails to properly handle objects in memory, aka 'Windows Agent Activation Runtime Information Disclosure Vulnerability'.... Read more
- EPSS Score: %0.95
- Published: Jul. 14, 2020
- Modified: Nov. 21, 2024