Latest CVE Feed
-
5.5
MEDIUMCVE-2015-2672
The xsave/xrstor implementation in arch/x86/include/asm/xsave.h in the Linux kernel before 3.19.2 creates certain .altinstr_replacement pointers and consequently does not provide any protection against instruction faulting, which allows local users to cau... Read more
Affected Products : linux_kernel- EPSS Score: %0.04
- Published: May. 02, 2016
- Modified: Apr. 12, 2025
-
5.5
MEDIUMCVE-2019-1163
A security feature bypass exists when Windows incorrectly validates CAB file signatures. An attacker who successfully exploited this vulnerability could inject code into a CAB file without invalidating the file's signature. To exploit the vulnerability, a... Read more
- EPSS Score: %2.24
- Published: Aug. 14, 2019
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2019-1158
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user’s system. There a... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +7 more products- EPSS Score: %0.90
- Published: Aug. 14, 2019
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2019-1142
An elevation of privilege vulnerability exists when the .NET Framework common language runtime (CLR) allows file creation in arbitrary locations, aka '.NET Framework Elevation of Privilege Vulnerability'.... Read more
- EPSS Score: %0.46
- Published: Sep. 11, 2019
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2018-5295
In PoDoFo 0.9.5, there is an integer overflow in the PdfXRefStreamParserObject::ParseStream function (base/PdfXRefStreamParserObject.cpp). Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted pdf file.... Read more
Affected Products : podofo- EPSS Score: %0.37
- Published: Jan. 08, 2018
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2015-1931
IBM Java Security Components in IBM SDK, Java Technology Edition 8 before SR1 FP10, 7 R1 before SR3 FP10, 7 before SR9 FP10, 6 R1 before SR8 FP7, 6 before SR16 FP7, and 5.0 before SR16 FP13 stores plaintext information in memory dumps, which allows local ... Read more
- EPSS Score: %0.04
- Published: Sep. 29, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2019-1093
An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory, aka 'DirectWrite Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1097.... Read more
- EPSS Score: %1.43
- Published: Jul. 15, 2019
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2019-1091
An information disclosure vulnerability exists when Unistore.dll fails to properly handle objects in memory, aka 'Microsoft unistore.dll Information Disclosure Vulnerability'.... Read more
- EPSS Score: %0.93
- Published: Jul. 15, 2019
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2019-1010302
jhead 3.03 is affected by: Incorrect Access Control. The impact is: Denial of service. The component is: iptc.c Line 122 show_IPTC(). The attack vector is: the victim must open a specially crafted JPEG file.... Read more
- EPSS Score: %0.09
- Published: Jul. 15, 2019
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2019-1010301
jhead 3.03 is affected by: Buffer Overflow. The impact is: Denial of service. The component is: gpsinfo.c Line 151 ProcessGpsInfo(). The attack vector is: Open a specially crafted JPEG file.... Read more
- EPSS Score: %0.13
- Published: Jul. 15, 2019
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2019-10018
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec at Function.cc for the psOpIdiv case.... Read more
- EPSS Score: %0.49
- Published: Mar. 25, 2019
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2014-9892
The snd_compr_tstamp function in sound/core/compress_offload.c in the Linux kernel through 4.7, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not properly initialize a timestamp data structure, which allows attackers to obtain... Read more
- EPSS Score: %0.16
- Published: Aug. 06, 2016
- Modified: Apr. 12, 2025
-
5.5
MEDIUMCVE-2019-0848
An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0814.... Read more
- EPSS Score: %1.00
- Published: Apr. 09, 2019
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2019-0844
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0840.... Read more
- EPSS Score: %0.98
- Published: Apr. 09, 2019
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2019-0837
An information disclosure vulnerability exists when DirectX improperly handles objects in memory, aka 'DirectX Information Disclosure Vulnerability'.... Read more
- EPSS Score: %0.98
- Published: Apr. 09, 2019
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2019-0796
An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0730, CVE-2019-0731, CVE-2019-0805, CVE-2019-0836... Read more
- EPSS Score: %3.43
- Published: Apr. 09, 2019
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2019-0782
An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0702, CVE-2019-0755, CVE-2019-0767, CVE-20... Read more
- EPSS Score: %0.91
- Published: Apr. 09, 2019
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2019-0767
An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory.To exploit this vulnerability, an authenticated attacker could run a specially crafted application, aka 'Windows Kernel Information Disclosure ... Read more
- EPSS Score: %0.91
- Published: Apr. 09, 2019
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2019-0759
An information disclosure vulnerability exists when the Windows Print Spooler does not properly handle objects in memory, aka 'Windows Print Spooler Information Disclosure Vulnerability'.... Read more
- EPSS Score: %0.40
- Published: Apr. 09, 2019
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2024-50182
In the Linux kernel, the following vulnerability has been resolved: secretmem: disable memfd_secret() if arch cannot set direct map Return -ENOSYS from memfd_secret() syscall if !can_set_direct_map(). This is the case for example on some arm64 configur... Read more
Affected Products : linux_kernel- Published: Nov. 08, 2024
- Modified: Nov. 29, 2024