Latest CVE Feed
-
5.5
MEDIUMCVE-2020-12458
An information-disclosure flaw was found in Grafana through 6.7.3. The database directory /var/lib/grafana and database file /var/lib/grafana/grafana.db are world readable. This can result in exposure of sensitive information (e.g., cleartext or encrypted... Read more
- Published: Apr. 29, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-1361
An information disclosure vulnerability exists in the way that the WalletService handles memory.To exploit the vulnerability, an attacker would first need code execution on a victim system, aka 'Windows WalletService Information Disclosure Vulnerability'.... Read more
Affected Products : windows_10 windows_server_2016 windows_server_2019 windows_server windows windows_11_23h2- Published: Jul. 14, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-12475
TP-Link Omada Controller Software 3.2.6 allows Directory Traversal for reading arbitrary files via com.tp_link.eap.web.portal.PortalController.getAdvertiseFile in /opt/tplink/EAPController/lib/eap-web-3.2.6.jar.... Read more
- Published: May. 04, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-12365
Untrusted pointer dereference in some Intel(R) Graphics Drivers before versions 15.33.51.5146, 15.45.32.5145, 15.36.39.5144 and 15.40.46.5143 may allow an authenticated user to potentially denial of service via local access.... Read more
Affected Products : graphics_drivers- Published: Feb. 17, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-12372
Unchecked return value in some Intel(R) Graphics Drivers before version 26.20.100.8141 may allow a privileged user to potentially enable a denial of service via local access.... Read more
Affected Products : graphics_drivers- Published: Feb. 17, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-12364
Null pointer reference in some Intel(R) Graphics Drivers for Windows* before version 26.20.100.7212 and before version Linux kernel version 5.5 may allow a privileged user to potentially enable a denial of service via local access.... Read more
- Published: Feb. 17, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-12295
Improper input validation in some Intel(R) Thunderbolt(TM) controllers may allow an authenticated user to potentially enable denial of service via local access.... Read more
Affected Products : jhl6240_thunderbolt_3_firmware jhl6340_thunderbolt_3_firmware jhl6540_thunderbolt_3_firmware jhl7040_thunderbolt_3_retimer_firmware jhl7340_thunderbolt_3_firmware jhl7440_thunderbolt_3_firmware jhl7540_thunderbolt_3_firmware jhl8010r_usb_retimer_firmware dsl5320_thunderbolt_2_firmware dsl5520_thunderbolt_2_firmware +16 more products- Published: Jun. 09, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-12292
Improper conditions check in some Intel(R) Thunderbolt(TM) controllers may allow an authenticated user to potentially enable denial of service via local access.... Read more
Affected Products : jhl6240_thunderbolt_3_firmware jhl6340_thunderbolt_3_firmware jhl6540_thunderbolt_3_firmware jhl7040_thunderbolt_3_retimer_firmware jhl7340_thunderbolt_3_firmware jhl7440_thunderbolt_3_firmware jhl7540_thunderbolt_3_firmware jhl8010r_usb_retimer_firmware dsl5320_thunderbolt_2_firmware dsl5520_thunderbolt_2_firmware +16 more products- Published: Jun. 09, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-12291
Uncontrolled resource consumption in some Intel(R) Thunderbolt(TM) controllers may allow an authenticated user to potentially enable denial of service via local access.... Read more
Affected Products : jhl6240_thunderbolt_3_firmware jhl6340_thunderbolt_3_firmware jhl6540_thunderbolt_3_firmware jhl7040_thunderbolt_3_retimer_firmware jhl7340_thunderbolt_3_firmware jhl7440_thunderbolt_3_firmware jhl7540_thunderbolt_3_firmware jhl8010r_usb_retimer_firmware dsl5320_thunderbolt_2_firmware dsl5520_thunderbolt_2_firmware +16 more products- Published: Jun. 09, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-12289
Out-of-bounds write in some Intel(R) Thunderbolt(TM) controllers may allow an authenticated user to potentially enable denial of service via local access.... Read more
Affected Products : jhl6240_thunderbolt_3_firmware jhl6340_thunderbolt_3_firmware jhl6540_thunderbolt_3_firmware jhl7040_thunderbolt_3_retimer_firmware jhl7340_thunderbolt_3_firmware jhl7440_thunderbolt_3_firmware jhl7540_thunderbolt_3_firmware jhl8010r_usb_retimer_firmware dsl5320_thunderbolt_2_firmware dsl5520_thunderbolt_2_firmware +16 more products- Published: Jun. 09, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-12038
Products that use EDS Subsystem: Version 28.0.1 and prior (FactoryTalk Linx software (Previously called RSLinx Enterprise): Versions 6.00, 6.10, and 6.11, RSLinx Classic: Version 4.11.00 and prior, RSNetWorx software: Version 28.00.00 and prior, Studio 50... Read more
- Published: May. 19, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-11937
In whoopsie, parse_report() from whoopsie.c allows a local attacker to cause a denial of service via a crafted file. The DoS is caused by resource exhaustion due to a memory leak. Fixed in 0.2.52.5ubuntu0.5, 0.2.62ubuntu0.5 and 0.2.69ubuntu0.1.... Read more
- Published: Aug. 06, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-11924
An issue was discovered in WiZ Colors A60 1.14.0. Wi-Fi credentials are stored in cleartext in flash memory, which presents an information-disclosure risk for a discarded or resold device.... Read more
- Published: Apr. 02, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-11863
libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows denial of service (issue 1 of 2).... Read more
- Published: May. 11, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-11833
In /SM8250_Q_Master/android/vendor/oppo_charger/oppo/charger_ic/oppo_mp2650.c, the function mp2650_data_log_write in mp2650_data_log_write does not check the parameter len which causes a vulnerability.... Read more
- Published: Dec. 31, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-11923
An issue was discovered in WiZ Colors A60 1.14.0. API credentials are locally logged.... Read more
- Published: Apr. 02, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-11832
In functions charging_limit_current_write and charging_limit_time_write in /SM8250_Q_Master/android/vendor/oppo_charger/oppo/oppo_charger.c have not checked the parameters, which causes a vulnerability.... Read more
- Published: Dec. 31, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2019-0074
A path traversal vulnerability in NFX150 Series and QFX10K Series, EX9200 Series, MX Series and PTX Series devices with Next-Generation Routing Engine (NG-RE) allows a local authenticated user to read sensitive system files. This issue only affects NFX150... Read more
- Published: Oct. 09, 2019
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-11762
An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read and write in DwaCompressor::uncompress in ImfDwaCompressor.cpp when handling the UNKNOWN compression case.... Read more
Affected Products : ubuntu_linux fedora debian_linux leap openexr itunes mac_os_x iphone_os tvos watchos +2 more products- Published: Apr. 14, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-11760
An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read during RLE uncompression in rleUncompress in ImfRle.cpp.... Read more
Affected Products : ubuntu_linux fedora debian_linux leap openexr itunes mac_os_x iphone_os tvos watchos +2 more products- Published: Apr. 14, 2020
- Modified: Nov. 21, 2024