Latest CVE Feed
-
3.3
LOWCVE-2017-1422
IBM MaaS360 DTM all versions up to 3.81 does not perform proper verification for user rights of certain applications which could disclose sensitive information. IBM X-Force ID: 127412.... Read more
Affected Products : maas360_dtm- EPSS Score: %0.13
- Published: Aug. 22, 2017
- Modified: Apr. 20, 2025
-
3.3
LOWCVE-2022-22426
IBM Spectrum Copy Data Management Admin 2.2.0.0 through 2.2.15.0 could allow a local attacker to bypass authentication restrictions, caused by the lack of proper session management. An attacker could exploit this vulnerability to bypass authentication and... Read more
- EPSS Score: %0.04
- Published: Jun. 10, 2022
- Modified: Nov. 21, 2024
-
3.3
LOWCVE-2018-20897
cPanel before 71.9980.37 allows arbitrary file-unlink operations via the cPAddons moderation system (SEC-395).... Read more
Affected Products : cpanel- EPSS Score: %0.07
- Published: Aug. 01, 2019
- Modified: Nov. 21, 2024
-
3.3
LOWCVE-2016-0380
IBM Sterling Connect:Direct for Unix 4.1.0 before 4.1.0.4 iFix073 and 4.2.0 before 4.2.0.4 iFix003 uses default file permissions of 0664, which allows local users to obtain sensitive information via standard filesystem operations.... Read more
Affected Products : sterling_connect\- EPSS Score: %0.04
- Published: Aug. 08, 2016
- Modified: Apr. 12, 2025
-
3.3
LOWCVE-2007-5981
Lantronix SCS3200 does not properly handle public-key requests, which allows remote attackers to cause a denial of service (unresponsive device) via unspecified keyscan requests. NOTE: the provenance of this information is unknown; the details are obtain... Read more
Affected Products : scs3200- EPSS Score: %0.22
- Published: Nov. 15, 2007
- Modified: Apr. 09, 2025
-
3.3
LOWCVE-2019-14412
Maketext in cPanel before 78.0.2 allows format-string injection in the DCV check_domains_via_dns UAPI (SEC-474).... Read more
Affected Products : cpanel- EPSS Score: %0.07
- Published: Jul. 30, 2019
- Modified: Nov. 21, 2024
-
3.3
LOWCVE-2012-0300
Brightmail Control Center in Symantec Message Filter 6.3 does not properly restrict establishment of sessions to the listening port, which allows remote attackers to obtain potentially sensitive version information via unspecified vectors.... Read more
Affected Products : message_filter- EPSS Score: %0.43
- Published: Jul. 05, 2012
- Modified: Apr. 11, 2025
-
3.3
LOWCVE-2012-1593
epan/dissectors/packet-ansi_a.c in the ANSI A dissector in Wireshark 1.4.x before 1.4.12 and 1.6.x before 1.6.6 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed packet.... Read more
Affected Products : wireshark- EPSS Score: %1.77
- Published: Apr. 11, 2012
- Modified: Apr. 11, 2025
-
3.3
LOWCVE-2012-2393
epan/dissectors/packet-diameter.c in the DIAMETER dissector in Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 does not properly construct certain array data structures, which allows remote attackers to cause a denial of service (application crash) v... Read more
Affected Products : wireshark- EPSS Score: %1.40
- Published: Jun. 30, 2012
- Modified: Apr. 11, 2025
-
3.3
LOWCVE-2022-37394
An issue was discovered in OpenStack Nova before 23.2.2, 24.x before 24.1.2, and 25.x before 25.0.2. By creating a neutron port with the direct vnic_type, creating an instance bound to that port, and then changing the vnic_type of the bound port to macvta... Read more
Affected Products : nova- EPSS Score: %0.05
- Published: Aug. 03, 2022
- Modified: Nov. 21, 2024
-
3.3
LOWCVE-2022-48852
In the Linux kernel, the following vulnerability has been resolved: drm/vc4: hdmi: Unregister codec device on unbind On bind we will register the HDMI codec device but we don't unregister it on unbind, leading to a device leakage. Unregister our device ... Read more
Affected Products : linux_kernel- Published: Jul. 16, 2024
- Modified: Nov. 21, 2024
-
3.3
LOWCVE-2023-34321
Arm provides multiple helpers to clean & invalidate the cache for a given region. This is, for instance, used when allocating guest memory to ensure any writes (such as the ones during scrubbing) have reached memory before handing over the page to a gues... Read more
Affected Products : xen- EPSS Score: %0.06
- Published: Jan. 05, 2024
- Modified: Apr. 17, 2025
-
3.3
LOWCVE-2020-14354
A possible use-after-free and double-free in c-ares lib version 1.16.0 if ares_destroy() is called prior to ares_getaddrinfo() completing. This flaw possibly allows an attacker to crash the service that uses c-ares lib. The highest threat from this vulner... Read more
- EPSS Score: %0.19
- Published: May. 13, 2021
- Modified: Nov. 21, 2024
-
3.3
LOWCVE-2021-46971
In the Linux kernel, the following vulnerability has been resolved: perf/core: Fix unconditional security_locked_down() call Currently, the lockdown state is queried unconditionally, even though its result is used only if the PERF_SAMPLE_REGS_INTR bit i... Read more
Affected Products : linux_kernel- Published: Feb. 27, 2024
- Modified: Jan. 08, 2025
-
3.3
LOWCVE-2024-53870
NVIDIA CUDA toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a user could cause an out-of-bounds read by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability might lead to a partial denial ... Read more
Affected Products : cuda_toolkit- Published: Feb. 25, 2025
- Modified: Feb. 25, 2025
- Vuln Type: Denial of Service
-
3.3
LOWCVE-2024-53872
NVIDIA CUDA toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a user could cause an out-of-bounds read by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability might lead to a partial denial ... Read more
Affected Products : cuda_toolkit- Published: Feb. 25, 2025
- Modified: Feb. 25, 2025
- Vuln Type: Denial of Service
-
3.3
LOWCVE-2023-38605
This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Ventura 13.5. An app may be able to determine a user’s current location.... Read more
- EPSS Score: %0.08
- Published: Sep. 06, 2023
- Modified: Nov. 21, 2024
-
3.3
LOWCVE-2012-4293
plugins/ethercat/packet-ecatmb.c in the EtherCAT Mailbox dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 does not properly handle certain integer fields, which allows remote attackers to cause a denial of service (a... Read more
- EPSS Score: %0.97
- Published: Aug. 16, 2012
- Modified: Apr. 11, 2025
-
3.3
LOWCVE-2020-11869
An integer overflow was found in QEMU 4.0.1 through 4.2.0 in the way it implemented ATI VGA emulation. This flaw occurs in the ati_2d_blt() routine in hw/display/ati-2d.c while handling MMIO write operations through the ati_mm_write() callback. A maliciou... Read more
Affected Products : qemu- EPSS Score: %0.09
- Published: Apr. 27, 2020
- Modified: Nov. 21, 2024
-
3.3
LOWCVE-2013-2105
The Show In Browser (show_in_browser) gem 0.0.3 for Ruby allows local users to inject arbitrary web script or HTML via a symlink attack on /tmp/browser.html.... Read more
Affected Products : show_in_browser- EPSS Score: %0.06
- Published: Apr. 22, 2014
- Modified: Apr. 12, 2025