Latest CVE Feed
-
3.4
LOWCVE-2022-41597
The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service.... Read more
- EPSS Score: %0.01
- Published: Oct. 14, 2022
- Modified: May. 14, 2025
-
3.4
LOWCVE-2022-41592
The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service.... Read more
- EPSS Score: %0.01
- Published: Oct. 14, 2022
- Modified: May. 14, 2025
-
3.4
LOWCVE-2024-20038
In pq, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08495932; Issue ID: ALP... Read more
- Published: Mar. 04, 2024
- Modified: Apr. 22, 2025
-
3.4
LOWCVE-2025-48979
An Improper Input Validation in UISP Application could allow a Command Injection by a malicious actor with High Privileges and local access.... Read more
Affected Products :- Published: Aug. 29, 2025
- Modified: Aug. 29, 2025
- Vuln Type: Injection
-
3.4
LOWCVE-2025-52889
Incus is a system container and virtual machine manager. When using an ACL on a device connected to a bridge, Incus version 6.12 and 6.13 generates nftables rules for local services (DHCP, DNS...) that partially bypass security options `security.mac_filte... Read more
Affected Products :- Published: Jun. 25, 2025
- Modified: Jun. 26, 2025
- Vuln Type: Misconfiguration
-
3.4
LOWCVE-2025-25983
An issue in Macro-video Technologies Co.,Ltd V380 Pro android application 2.1.44 and V380 Pro android application 2.1.64 allows an attacker to obtain sensitive information via the QE code based sharing component.... Read more
Affected Products : v380_pro- Published: Apr. 18, 2025
- Modified: Jun. 25, 2025
- Vuln Type: Information Disclosure
-
3.4
LOWCVE-2025-0167
When asked to use a `.netrc` file for credentials **and** to follow HTTP redirects, curl could leak the password used for the first host to the followed-to host under certain circumstances. This flaw only manifests itself if the netrc file has a `default... Read more
- Published: Feb. 05, 2025
- Modified: Jul. 30, 2025
- Vuln Type: Information Disclosure
-
3.4
LOWCVE-2022-41600
The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service.... Read more
- EPSS Score: %0.01
- Published: Oct. 14, 2022
- Modified: May. 14, 2025
-
3.4
LOWCVE-2023-46294
An issue was discovered in Teledyne FLIR M300 2.00-19. User account passwords are encrypted locally, and can be decrypted to cleartext passwords using the utility umSetup. This utility requires root permissions to execute.... Read more
Affected Products :- Published: May. 01, 2024
- Modified: Nov. 21, 2024
-
3.4
LOWCVE-2025-7339
on-headers is a node.js middleware for listening to when a response writes headers. A bug in on-headers versions `<1.1.0` may result in response headers being inadvertently modified when an array is passed to `response.writeHead()`. Users should upgrade t... Read more
Affected Products :- Published: Jul. 17, 2025
- Modified: Jul. 17, 2025
- Vuln Type: Misconfiguration
-
3.4
LOWCVE-2024-54010
A vulnerability in the firewall component of HPE Aruba Networking CX 10000 Series Switches exists. It could allow an unauthenticated adjacent attacker to conduct a packet forwarding attack against the ICMP and UDP protocol. For this attack to be success... Read more
Affected Products :- Published: Jan. 08, 2025
- Modified: Jan. 31, 2025
- Vuln Type: Misconfiguration
-
3.4
LOWCVE-2016-3484
Unspecified vulnerability in the Database Vault component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect confidentiality and integrity via unknown vectors.... Read more
- EPSS Score: %0.12
- Published: Jul. 21, 2016
- Modified: Apr. 12, 2025
-
3.4
LOWCVE-2024-3568
The huggingface/transformers library is vulnerable to arbitrary code execution through deserialization of untrusted data within the `load_repo_checkpoint()` function of the `TFPreTrainedModel()` class. Attackers can execute arbitrary code and commands by ... Read more
Affected Products : transformers- Published: Apr. 10, 2024
- Modified: Nov. 21, 2024
-
3.4
LOWCVE-2019-2786
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Difficult to exploit vulnerability allows unauthentic... Read more
Affected Products : ubuntu_linux enterprise_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation leap enterprise_linux_eus jdk jre satellite +1 more products- EPSS Score: %0.21
- Published: Jul. 23, 2019
- Modified: Nov. 21, 2024
-
3.4
LOWCVE-2022-41601
The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service.... Read more
- EPSS Score: %0.01
- Published: Oct. 14, 2022
- Modified: May. 14, 2025
-
3.4
LOWCVE-2025-30163
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Node based network policies (`fromNodes` and `toNodes`) will incorrectly permit traffic to/from non-node endpoints that share the labels specified in `fromNodes` an... Read more
Affected Products : cilium- Published: Mar. 24, 2025
- Modified: Mar. 27, 2025
- Vuln Type: Authorization
-
3.4
LOWCVE-2023-38301
An issue was discovered in a third-party component related to vendor.gsm.serial, shipped on devices from multiple device manufacturers. Various software builds for the BLU View 2, Boost Mobile Celero 5G, Sharp Rouvo V, Motorola Moto G Pure, Motorola Moto ... Read more
Affected Products :- Published: Apr. 22, 2024
- Modified: Nov. 21, 2024
-
3.4
LOWCVE-2023-0657
A flaw was found in Keycloak. This issue occurs due to improperly enforcing token types when validating signatures locally. This could allow an authenticated attacker to exchange a logout token for an access token and possibly gain access to data outside ... Read more
- Published: Nov. 17, 2024
- Modified: Nov. 18, 2024
-
3.4
LOWCVE-2022-41595
The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service.... Read more
- EPSS Score: %0.01
- Published: Oct. 14, 2022
- Modified: May. 14, 2025
-
3.4
LOWCVE-2022-41603
The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service.... Read more
- EPSS Score: %0.01
- Published: Oct. 14, 2022
- Modified: May. 14, 2025