Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2020-13253

    sd_wp_addr in hw/sd/sd.c in QEMU 4.2.0 uses an unvalidated address, which leads to an out-of-bounds read during sdhci_write() operations. A guest OS user can crash the QEMU process.... Read more

    Affected Products : ubuntu_linux debian_linux qemu
    • Published: May. 27, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-13240

    The DMS/ECM module in Dolibarr 11.0.4 allows users with the 'Setup documents directories' permission to rename uploaded files to have insecure file extensions. This bypasses the .noexe protection mechanism against XSS.... Read more

    Affected Products : dolibarr_erp\/crm
    • Published: May. 20, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-13179

    Broker Protocol messages in Teradici PCoIP Standard Agent for Windows and Graphics Agent for Windows prior to 20.04.1 are not cleaned up in server memory, which may allow an attacker to read confidential information from a memory dump via forcing a crashi... Read more

    Affected Products : pcoip_standard_agent graphics_agent
    • Published: Aug. 11, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2006-4342

    The kernel in Red Hat Enterprise Linux 3, when running on SMP systems, allows local users to cause a denial of service (deadlock) by running the shmat function on an shm at the same time that shmctl is removing that shm (IPC_RMID), which prevents a spinlo... Read more

    Affected Products : enterprise_linux
    • Published: Oct. 17, 2006
    • Modified: Apr. 09, 2025

  • 5.5

    MEDIUM
    CVE-2022-1222

    Inf loop in GitHub repository gpac/gpac prior to 2.1.0-DEV.... Read more

    Affected Products : gpac
    • Published: Apr. 04, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-13152

    A remote user can create a specially crafted M3U file, media playlist file that when loaded by the target user, will trigger a memory leak, whereby Amarok 2.8.0 continue to waste resources over time, eventually allows attackers to cause a denial of servic... Read more

    Affected Products : amarok
    • Published: May. 20, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-12987

    A heap information leak/kernel pool address disclosure vulnerability in the AMD Graphics Driver for Windows 10 may lead to KASLR bypass.... Read more

    • Published: Jun. 11, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-44962

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btnxpuart: Shutdown timer and prevent rearming when driver unloading When unload the btnxpuart driver, its associated timer will be deleted. If the timer happens to be modifi... Read more

    Affected Products : linux_kernel
    • Published: Sep. 04, 2024
    • Modified: Oct. 04, 2024

  • 5.5

    MEDIUM
    CVE-2020-12960

    AMD Graphics Driver for Windows 10, amdfender.sys may improperly handle input validation on InputBuffer which may result in a denial of service (DoS).... Read more

    Affected Products : windows_10 radeon_software
    • Published: Nov. 15, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-12966

    AMD EPYC™ Processors contain an information disclosure vulnerability in the Secure Encrypted Virtualization with Encrypted State (SEV-ES) and Secure Encrypted Virtualization with Secure Nested Paging (SEV-SNP). A local authenticated attacker could potenti... Read more

    • Published: Feb. 04, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-12920

    A potential denial of service issue exists in the AMD Display driver Escape 0x130007 Call handler. An attacker with low privilege could potentially induce a Windows BugCheck.... Read more

    Affected Products : radeon_software
    • Published: Nov. 15, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-12880

    An issue was discovered in Pulse Policy Secure (PPS) and Pulse Connect Secure (PCS) Virtual Appliance before 9.1R8. By manipulating a certain kernel boot parameter, it can be tricked into dropping into a root shell in a pre-install phase where the entire ... Read more

    • Published: Jul. 27, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-12901

    Arbitrary Free After Use in AMD Graphics Driver for Windows 10 may lead to KASLR bypass or information disclosure.... Read more

    Affected Products : windows_10 radeon_software
    • Published: Nov. 15, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-12872

    yaws_config.erl in Yaws through 2.0.2 and/or 2.0.7 loads obsolete TLS ciphers, as demonstrated by ones that allow Sweet32 attacks, if running on an Erlang/OTP virtual machine with a version less than 21.0.... Read more

    Affected Products : yaws
    • Published: May. 15, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2006-3720

    Unspecified vulnerability in Enterprise Config Management for Oracle Enterprise Manager 10.1.0.3 has unknown impact and attack vectors, aka Oracle Vuln# EM02.... Read more

    Affected Products : enterprise_manager
    • Published: Jul. 21, 2006
    • Modified: Apr. 03, 2025

  • 5.5

    MEDIUM
    CVE-2020-12771

    An issue was discovered in the Linux kernel through 5.6.11. btree_gc_coalesce in drivers/md/bcache/btree.c has a deadlock if a coalescing operation fails.... Read more

    • Published: May. 09, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-12767

    exif_entry_get_value in exif-entry.c in libexif 0.6.21 has a divide-by-zero error.... Read more

    Affected Products : ubuntu_linux debian_linux leap libexif
    • Published: May. 09, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-12769

    An issue was discovered in the Linux kernel before 5.4.17. drivers/spi/spi-dw.c allows attackers to cause a panic via concurrent calls to dw_spi_irq and dw_spi_transfer_one, aka CID-19b61392c5a8.... Read more

    • Published: May. 09, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-12680

    Avira Free Antivirus through 15.0.2005.1866 allows local users to discover user credentials. The functions of the executable file Avira.PWM.NativeMessaging.exe are aimed at collecting credentials stored in Chrome, Firefox, Opera, and Edge. The executable ... Read more

    Affected Products : free_antivirus
    • Published: May. 08, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-12656

    gss_mech_free in net/sunrpc/auth_gss/gss_mech_switch.c in the rpcsec_gss_krb5 implementation in the Linux kernel through 5.6.10 lacks certain domain_release calls, leading to a memory leak. Note: This was disputed with the assertion that the issue does no... Read more

    Affected Products : linux_kernel ubuntu_linux leap
    • Published: May. 05, 2020
    • Modified: Nov. 21, 2024
Showing 20 of 293284 Results