Latest CVE Feed
-
5.5
MEDIUMCVE-2022-28855
Adobe InDesign versions 16.4.2 (and earlier) and 17.3 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Ex... Read more
- EPSS Score: %0.03
- Published: Sep. 16, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2022-28191
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (nvidia.ko), where uncontrolled resource consumption can be triggered by an unprivileged regular user, which may lead to denial of service.... Read more
Affected Products : virtual_gpu- EPSS Score: %0.07
- Published: May. 17, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2022-28190
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where improper input validation can cause denial of service.... Read more
Affected Products : gpu_display_driver- EPSS Score: %0.12
- Published: May. 17, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2022-28189
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where a NULL pointer dereference may lead to a system crash.... Read more
Affected Products : gpu_display_driver- EPSS Score: %0.12
- Published: May. 17, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2022-28187
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys), where the memory management software does not release a resource after its effective lifetime has ended, which may lead to denial of service.... Read more
Affected Products : gpu_display_driver- EPSS Score: %0.04
- Published: May. 17, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2022-27938
stb_image.h (aka the stb image loader) 2.19, as used in libsixel and other products, has a reachable assertion in stbi__create_png_image_raw.... Read more
Affected Products : libsixel- EPSS Score: %0.13
- Published: Mar. 26, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2022-27636
On F5 BIG-IP APM 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all versions of 12.1.x and 11.6.x, as well as F5 BIG-IP APM Clients 7.x versions prior to 7.2.1.... Read more
- EPSS Score: %0.23
- Published: May. 05, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-15104
In Envoy before versions 1.12.6, 1.13.4, 1.14.4, and 1.15.0 when validating TLS certificates, Envoy would incorrectly allow a wildcard DNS Subject Alternative Name apply to multiple subdomains. For example, with a SAN of *.example.com, Envoy would incorre... Read more
Affected Products : envoy- EPSS Score: %0.12
- Published: Jul. 14, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2022-27148
GPAC mp4box 1.1.0-DEV-rev1663-g881c6a94a-master is vulnerable to Integer Overflow.... Read more
Affected Products : gpac- EPSS Score: %0.10
- Published: Apr. 08, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2022-27135
xpdf 4.03 has heap buffer overflow in the function readXRefTable located in XRef.cc. An attacker can exploit this bug to cause a Denial of Service (Segmentation fault) or other unspecified effects by sending a crafted PDF file to the pdftoppm binary.... Read more
Affected Products : xpdf- EPSS Score: %0.15
- Published: Apr. 25, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-1505
An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To expl... Read more
- EPSS Score: %1.17
- Published: Aug. 17, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-1500
A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request ... Read more
- EPSS Score: %1.96
- Published: Aug. 17, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2022-26878
drivers/bluetooth/virtio_bt.c in the Linux kernel before 5.16.3 has a memory leak (socket buffers have memory allocated but not freed).... Read more
Affected Products : linux_kernel- EPSS Score: %0.08
- Published: Mar. 11, 2022
- Modified: May. 05, 2025
-
5.5
MEDIUMCVE-2022-26724
An authentication issue was addressed with improved state management. This issue is fixed in tvOS 15.5. A local user may be able to enable iCloud Photos without authentication.... Read more
Affected Products : tvos- EPSS Score: %0.04
- Published: May. 26, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-1485
An information disclosure vulnerability exists when the Windows Image Acquisition (WIA) Service improperly discloses contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +9 more products- EPSS Score: %0.49
- Published: Aug. 17, 2020
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2022-26712
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to modify protected parts of the file system.... Read more
Affected Products : macos- EPSS Score: %0.39
- Published: May. 26, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2022-26102
Due to missing authorization check, SAP NetWeaver Application Server for ABAP - versions 700, 701, 702, 731, allows an authenticated attacker, to access content on the start screen of any transaction that is available with in the same SAP system even if h... Read more
Affected Products : netweaver_application_server_abap- EPSS Score: %0.18
- Published: Mar. 10, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2017-6961
An issue was discovered in apng2gif 1.7. There is improper sanitization of user input causing huge memory allocations, resulting in a crash. This is related to the read_chunk function using the pChunk->size value (within the PNG file) to determine the amo... Read more
Affected Products : apng2gif- EPSS Score: %0.14
- Published: Mar. 17, 2017
- Modified: Apr. 20, 2025
-
5.5
MEDIUMCVE-2022-25484
tcpprep v4.4.1 has a reachable assertion (assert(l2len > 0)) in packet2tree() at tree.c in tcpprep v4.4.1.... Read more
Affected Products : tcpreplay- EPSS Score: %0.13
- Published: Mar. 22, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2022-25327
The PAM module for fscrypt doesn't adequately validate fscrypt metadata files, allowing users to create malicious metadata files that prevent other users from logging in. A local user can cause a denial of service by creating a fscrypt metadata file that ... Read more
Affected Products : fscrypt- EPSS Score: %0.04
- Published: Feb. 25, 2022
- Modified: Nov. 21, 2024