Latest CVE Feed
-
5.5
MEDIUMCVE-2021-40562
A Segmentation fault caused by a floating point exception exists in Gpac through 1.0.1 using mp4box via the naludmx_enqueue_or_dispatch function in reframe_nalu.c, which causes a denial of service.... Read more
Affected Products : gpac- EPSS Score: %0.08
- Published: Jan. 12, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2021-40559
A null pointer deference vulnerability exists in gpac through 1.0.1 via the naludmx_parse_nal_avc function in reframe_nalu, which allows a denail of service.... Read more
Affected Products : gpac- EPSS Score: %0.07
- Published: Jan. 12, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2019-1282
An information disclosure exists in the Windows Common Log File System (CLFS) driver when it fails to properly handle sandbox checks, aka 'Windows Common Log File System Driver Information Disclosure Vulnerability'.... Read more
- EPSS Score: %0.57
- Published: Sep. 11, 2019
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2019-1263
An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka 'Microsoft Excel Information Disclosure Vulnerability'.... Read more
- EPSS Score: %13.77
- Published: Sep. 11, 2019
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2015-3149
The Hotspot component in OpenJDK8 as packaged in Red Hat Enterprise Linux 6 and 7 allows local users to write to arbitrary files via a symlink attack.... Read more
- EPSS Score: %0.07
- Published: Jul. 25, 2017
- Modified: Apr. 20, 2025
-
5.5
MEDIUMCVE-2022-47336
In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service.... Read more
- EPSS Score: %0.02
- Published: Apr. 11, 2023
- Modified: Feb. 10, 2025
-
5.5
MEDIUMCVE-2015-2672
The xsave/xrstor implementation in arch/x86/include/asm/xsave.h in the Linux kernel before 3.19.2 creates certain .altinstr_replacement pointers and consequently does not provide any protection against instruction faulting, which allows local users to cau... Read more
Affected Products : linux_kernel- EPSS Score: %0.04
- Published: May. 02, 2016
- Modified: Apr. 12, 2025
-
5.5
MEDIUMCVE-2019-1163
A security feature bypass exists when Windows incorrectly validates CAB file signatures. An attacker who successfully exploited this vulnerability could inject code into a CAB file without invalidating the file's signature. To exploit the vulnerability, a... Read more
- EPSS Score: %2.24
- Published: Aug. 14, 2019
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2019-1158
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user’s system. There a... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +7 more products- EPSS Score: %0.90
- Published: Aug. 14, 2019
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2019-1142
An elevation of privilege vulnerability exists when the .NET Framework common language runtime (CLR) allows file creation in arbitrary locations, aka '.NET Framework Elevation of Privilege Vulnerability'.... Read more
- EPSS Score: %0.46
- Published: Sep. 11, 2019
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2018-5295
In PoDoFo 0.9.5, there is an integer overflow in the PdfXRefStreamParserObject::ParseStream function (base/PdfXRefStreamParserObject.cpp). Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted pdf file.... Read more
Affected Products : podofo- EPSS Score: %0.37
- Published: Jan. 08, 2018
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2015-1931
IBM Java Security Components in IBM SDK, Java Technology Edition 8 before SR1 FP10, 7 R1 before SR3 FP10, 7 before SR9 FP10, 6 R1 before SR8 FP7, 6 before SR16 FP7, and 5.0 before SR16 FP13 stores plaintext information in memory dumps, which allows local ... Read more
- EPSS Score: %0.04
- Published: Sep. 29, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2019-1093
An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory, aka 'DirectWrite Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1097.... Read more
- EPSS Score: %1.43
- Published: Jul. 15, 2019
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2019-1091
An information disclosure vulnerability exists when Unistore.dll fails to properly handle objects in memory, aka 'Microsoft unistore.dll Information Disclosure Vulnerability'.... Read more
- EPSS Score: %0.93
- Published: Jul. 15, 2019
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2019-1010302
jhead 3.03 is affected by: Incorrect Access Control. The impact is: Denial of service. The component is: iptc.c Line 122 show_IPTC(). The attack vector is: the victim must open a specially crafted JPEG file.... Read more
- EPSS Score: %0.09
- Published: Jul. 15, 2019
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2019-1010301
jhead 3.03 is affected by: Buffer Overflow. The impact is: Denial of service. The component is: gpsinfo.c Line 151 ProcessGpsInfo(). The attack vector is: Open a specially crafted JPEG file.... Read more
- EPSS Score: %0.13
- Published: Jul. 15, 2019
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2019-10018
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec at Function.cc for the psOpIdiv case.... Read more
- EPSS Score: %0.49
- Published: Mar. 25, 2019
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2014-9892
The snd_compr_tstamp function in sound/core/compress_offload.c in the Linux kernel through 4.7, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not properly initialize a timestamp data structure, which allows attackers to obtain... Read more
- EPSS Score: %0.16
- Published: Aug. 06, 2016
- Modified: Apr. 12, 2025
-
5.5
MEDIUMCVE-2019-0848
An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0814.... Read more
- EPSS Score: %1.00
- Published: Apr. 09, 2019
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2019-0844
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0840.... Read more
- EPSS Score: %0.98
- Published: Apr. 09, 2019
- Modified: Nov. 21, 2024