Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2018-12155

    Data leakage in cryptographic libraries for Intel IPP before 2019 update1 release may allow an authenticated user to potentially enable information disclosure via local access.... Read more

    Affected Products : integrated_performance_primitives
    • Published: Dec. 05, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-12154

    Denial of Service in Unified Shader Compiler in Intel Graphics Drivers before 10.18.x.5056 (aka 15.33.x.5056), 10.18.x.5057 (aka 15.36.x.5057) and 20.19.x.5058 (aka 15.40.x.5058) may allow an unprivileged user to potentially create an infinite loop and cr... Read more

    Affected Products : graphics_driver graphics_driver
    • Published: Oct. 15, 2018
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2018-12153

    Denial of Service in Unified Shader Compiler in Intel Graphics Drivers before 10.18.x.5056 (aka 15.33.x.5056), 10.18.x.5057 (aka 15.36.x.5057) and 20.19.x.5058 (aka 15.40.x.5058) may allow an unprivileged user from a virtual machine guest to potentially c... Read more

    Affected Products : graphics_driver
    • Published: Oct. 10, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2018-12152

    Pointer corruption in Unified Shader Compiler in Intel Graphics Drivers before 10.18.x.5056 (aka 15.33.x.5056), 10.18.x.5057 (aka 15.36.x.5057) and 20.19.x.5058 (aka 15.40.x.5058) may allow an unauthenticated remote user to potentially execute arbitrary W... Read more

    Affected Products : graphics_driver
    • Published: Oct. 10, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-12151

    Buffer overflow in installer for Intel Extreme Tuning Utility before 6.4.1.21 may allow an authenticated user to potentially cause a buffer overflow potentially leading to a denial of service via local access.... Read more

    Affected Products : extreme_tuning_utility
    • Published: Sep. 12, 2018
    • Modified: Nov. 21, 2024

  • 6.7

    MEDIUM
    CVE-2018-12150

    Escalation of privilege in Installer for Intel Extreme Tuning Utility before 6.4.1.21 may allow an authenticated user to potentially execute code or disclose information as administrator via local access.... Read more

    Affected Products : extreme_tuning_utility
    • Published: Sep. 12, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-12149

    Buffer overflow in input handling in Intel Extreme Tuning Utility before 6.4.1.21 may allow an authenticated user to potentially deny service to the application via local access.... Read more

    Affected Products : extreme_tuning_utility
    • Published: Sep. 12, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2018-12148

    Privilege escalation in file permissions in Intel Driver and Support Assistant before 3.5.0.1 may allow an authenticated user to potentially execute code as administrator via local access.... Read more

    Affected Products : driver_\&_support_assistant
    • Published: Sep. 12, 2018
    • Modified: Nov. 21, 2024

  • 7.2

    HIGH
    CVE-2018-12147

    Insufficient input validation in HECI subsystem in Intel(R) CSME before version 11.21.55, Intel® Server Platform Services before version 4.0 and Intel® Trusted Execution Engine Firmware before version 3.1.55 may allow a privileged user to potentially enab... Read more

    • Published: Jun. 13, 2019
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2018-12131

    Permissions in the driver pack installers for Intel NVMe before version 4.0.0.1007 and Intel RSTe before version 4.7.0.2083 may allow an authenticated user to potentially escalate privilege via local access.... Read more

    • Published: Oct. 10, 2018
    • Modified: Nov. 21, 2024

  • 5.6

    MEDIUM
    CVE-2018-12130

    Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacte... Read more

    • Published: May. 30, 2019
    • Modified: Nov. 21, 2024

  • 5.6

    MEDIUM
    CVE-2018-12127

    Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted pr... Read more

    • Published: May. 30, 2019
    • Modified: Nov. 21, 2024

  • 5.6

    MEDIUM
    CVE-2018-12126

    Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impac... Read more

    • Published: May. 30, 2019
    • Modified: Nov. 21, 2024

  • 8.1

    HIGH
    CVE-2018-12120

    Node.js: All versions prior to Node.js 6.15.0: Debugger port 5858 listens on any interface by default: When the debugger is enabled with `node --debug` or `node debug`, it listens to port 5858 on all interfaces by default. This may allow remote computers ... Read more

    Affected Products : node.js
    • Published: Nov. 28, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2018-12116

    Node.js: All versions prior to Node.js 6.15.0 and 8.14.0: HTTP request splitting: If Node.js can be convinced to use unsanitized user-provided Unicode data for the `path` option of an HTTP request, then data can be provided which will trigger a second, un... Read more

    • Published: Nov. 28, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2018-12115

    In all versions of Node.js prior to 6.14.4, 8.11.4 and 10.9.0 when used with UCS-2 encoding (recognized by Node.js under the names `'ucs2'`, `'ucs-2'`, `'utf16le'` and `'utf-16le'`), `Buffer#write()` can be abused to write outside of the bounds of a singl... Read more

    • Published: Aug. 21, 2018
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2018-12114

    Maccms 10 allows CSRF via admin.php/admin/admin/info.html to add user accounts.... Read more

    Affected Products : maccms
    • Published: Jun. 14, 2018
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2018-12113

    Core FTP LE version 2.2 Build 1921 is prone to a buffer overflow vulnerability that may result in a DoS or remote code execution via a PASV response.... Read more

    Affected Products : core_ftp
    • Published: Jul. 05, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2018-12112

    md_build_attribute in md4c.c in md4c 0.2.6 allows remote attackers to cause a denial of service (Segmentation fault and application crash) or possibly have unspecified other impact via a crafted file.... Read more

    Affected Products : md4c
    • Published: Jun. 11, 2018
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2018-12111

    Cross-site scripting (XSS) vulnerability in the Canon PrintMe EFI webinterface allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the /wt3/mydocs.php URI.... Read more

    Affected Products : efi_printme
    • Published: Jun. 11, 2018
    • Modified: Nov. 21, 2024
Showing 20 of 294071 Results