Latest CVE Feed
-
5.5
MEDIUMCVE-2012-4573
The v1 API in OpenStack Glance Grizzly, Folsom (2012.2), and Essex (2012.1) allows remote authenticated users to delete arbitrary non-protected images via an image deletion request, a different vulnerability than CVE-2012-5482.... Read more
- EPSS Score: %0.99
- Published: Nov. 11, 2012
- Modified: Apr. 11, 2025
-
5.5
MEDIUMCVE-2019-1010250
The Linux Foundation ONOS 2.0.0 and earlier is affected by: Poor Input-validation. The impact is: A network administrator (or attacker) can install unintended flow rules in the switch by mistake. The component is: createFlow() and createFlows() functions ... Read more
Affected Products : open_network_operating_system- EPSS Score: %0.19
- Published: Jul. 18, 2019
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2019-1010315
WavPack 5.1 and earlier is affected by: CWE 369: Divide by Zero. The impact is: Divide by zero can lead to sudden crash of a software/service that tries to parse a .wav file. The component is: ParseDsdiffHeaderConfig (dsdiff.c:282). The attack vector is: ... Read more
- EPSS Score: %0.62
- Published: Jul. 11, 2019
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2012-4408
course/reset.php in Moodle 2.1.x before 2.1.8, 2.2.x before 2.2.5, and 2.3.x before 2.3.2 checks an update capability instead of a reset capability, which allows remote authenticated users to bypass intended access restrictions via a reset operation.... Read more
Affected Products : moodle- EPSS Score: %0.17
- Published: Sep. 19, 2012
- Modified: Apr. 11, 2025
-
5.5
MEDIUMCVE-2023-23456
A heap-based buffer overflow issue was discovered in UPX in PackTmt::pack() in p_tmt.cpp file. The flow allows an attacker to cause a denial of service (abort) via a crafted file.... Read more
- EPSS Score: %0.01
- Published: Jan. 12, 2023
- Modified: Apr. 11, 2025
-
5.5
MEDIUMCVE-2012-3360
Directory traversal vulnerability in virt/disk/api.py in OpenStack Compute (Nova) Folsom (2012.2) and Essex (2012.1), when used over libvirt-based hypervisors, allows remote authenticated users to write arbitrary files to the disk image via a .. (dot dot)... Read more
- EPSS Score: %2.56
- Published: Jul. 22, 2012
- Modified: Apr. 11, 2025
-
5.5
MEDIUMCVE-2023-23409
Client Server Run-Time Subsystem (CSRSS) Information Disclosure Vulnerability... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_20h2 windows_10_21h2 windows_10_22h2 windows_server_2022 +7 more products- EPSS Score: %1.02
- Published: Mar. 14, 2023
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2012-2402
wp-admin/plugins.php in WordPress before 3.3.2 allows remote authenticated site administrators to bypass intended access restrictions and deactivate network-wide plugins via unspecified vectors.... Read more
Affected Products : wordpress- EPSS Score: %1.00
- Published: Apr. 21, 2012
- Modified: Apr. 11, 2025
-
5.5
MEDIUMCVE-2019-15704
A clear text storage of sensitive information vulnerability in FortiClient for Mac may allow a local attacker to read sensitive information logged in the console window when the user connects to an SSL VPN Gateway.... Read more
Affected Products : forticlient- EPSS Score: %0.02
- Published: Nov. 21, 2019
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2019-0942
An elevation of privilege vulnerability exists in the Unified Write Filter (UWF) feature for Windows 10 when it improperly restricts access to the registry, aka 'Unified Write Filter Elevation of Privilege Vulnerability'.... Read more
Affected Products : windows_10 windows_server_2016 windows_server_2019 windows_server windows windows_11_23h2- EPSS Score: %0.35
- Published: May. 16, 2019
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2012-1105
An Information Disclosure vulnerability exists in the Jasig Project php-pear-CAS 1.2.2 package in the /tmp directory. The Central Authentication Service client library archives the debug logging file in an insecure manner.... Read more
- EPSS Score: %0.15
- Published: Dec. 05, 2019
- Modified: Nov. 21, 2024
-
5.5
MEDIUM- EPSS Score: %0.15
- Published: Nov. 19, 2019
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2019-0864
A denial of service vulnerability exists when .NET Framework improperly handles objects in heap memory, aka '.NET Framework Denial of Service Vulnerability'.... Read more
- EPSS Score: %0.13
- Published: May. 16, 2019
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2019-0848
An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0814.... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows +1 more products- EPSS Score: %1.00
- Published: Apr. 09, 2019
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2019-0767
An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory.To exploit this vulnerability, an authenticated attacker could run a specially crafted application, aka 'Windows Kernel Information Disclosure ... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows +1 more products- EPSS Score: %0.91
- Published: Apr. 09, 2019
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2019-0755
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0702, CVE-2019-0767, CVE-2019-0775, CVE-2019-0782.... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows +1 more products- EPSS Score: %0.60
- Published: Apr. 09, 2019
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2023-0838
An issue has been discovered in GitLab affecting versions starting from 15.1 before 15.8.5, 15.9 before 15.9.4, and 15.10 before 15.10.1. A maintainer could modify a webhook URL to leak masked webhook secrets by adding a new parameter to the url. This add... Read more
Affected Products : gitlab- EPSS Score: %0.53
- Published: Apr. 05, 2023
- Modified: Feb. 10, 2025
-
5.5
MEDIUMCVE-2021-45292
The gf_isom_hint_rtp_read function in GPAC 1.0.1 allows attackers to cause a denial of service (Invalid memory address dereference) via a crafted file in the MP4Box command.... Read more
Affected Products : gpac- EPSS Score: %0.07
- Published: Dec. 21, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2019-0759
An information disclosure vulnerability exists when the Windows Print Spooler does not properly handle objects in memory, aka 'Windows Print Spooler Information Disclosure Vulnerability'.... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows +1 more products- EPSS Score: %0.40
- Published: Apr. 09, 2019
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2021-26321
Insufficient ID command validation in the SEV Firmware may allow a local authenticated attacker to perform a denial of service of the PSP.... Read more
Affected Products : epyc_7h12_firmware epyc_7f72_firmware epyc_7f52_firmware epyc_7f32_firmware epyc_7742_firmware epyc_7702p_firmware epyc_7702_firmware epyc_7662_firmware epyc_7642_firmware epyc_7552_firmware +104 more products- EPSS Score: %0.15
- Published: Nov. 16, 2021
- Modified: Nov. 21, 2024