Latest CVE Feed
-
3.3
LOWCVE-2020-19909
Integer overflow vulnerability in tool_operate.c in curl 7.65.2 via a large value as the retry delay. NOTE: many parties report that this has no direct security impact on the curl user; however, it may (in theory) cause a denial of service to associated s... Read more
Affected Products : curl- EPSS Score: %0.02
- Published: Aug. 22, 2023
- Modified: Nov. 21, 2024
-
3.3
LOWCVE-2016-7220
Virtual Secure Mode in Microsoft Windows 10 allows local users to obtain sensitive information via a crafted application, aka "Virtual Secure Mode Information Disclosure Vulnerability."... Read more
Affected Products : windows_10- EPSS Score: %1.46
- Published: Nov. 10, 2016
- Modified: Apr. 12, 2025
-
3.3
LOWCVE-2007-4462
lib/Locale/Po4a/Po.pm in po4a before 0.32 allows local users to overwrite arbitrary files via a symlink attack on the gettextization.failed.po temporary file.... Read more
Affected Products : po4a- EPSS Score: %0.07
- Published: Aug. 21, 2007
- Modified: Apr. 09, 2025
-
3.3
LOWCVE-2023-29383
In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \n is in the block list), it is possible... Read more
Affected Products : shadow- EPSS Score: %0.03
- Published: Apr. 14, 2023
- Modified: Feb. 06, 2025
-
3.3
LOWCVE-2014-3917
kernel/auditsc.c in the Linux kernel through 3.14.5, when CONFIG_AUDITSYSCALL is enabled with certain syscall rules, allows local users to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS) via a large va... Read more
- EPSS Score: %0.09
- Published: Jun. 05, 2014
- Modified: Apr. 12, 2025
-
3.3
LOWCVE-2011-1089
The addmntent function in the GNU C Library (aka glibc or libc6) 2.13 and earlier does not report an error status for failed attempts to write to the /etc/mtab file, which makes it easier for local users to trigger corruption of this file, as demonstrated... Read more
Affected Products : glibc- EPSS Score: %0.09
- Published: Apr. 10, 2011
- Modified: Apr. 11, 2025
-
3.3
LOWCVE-2010-2291
Unspecified vulnerability in the web interface in snom VoIP Phone firmware 8 before 8.2.35 allows remote attackers to bypass intended restrictions and modify user credentials via unknown vectors. NOTE: some of these details are obtained from third party ... Read more
Affected Products : voip_phone_firmware- EPSS Score: %0.10
- Published: Jun. 15, 2010
- Modified: Apr. 11, 2025
-
3.3
LOWCVE-2022-28162
Brocade SANnav before version SANnav 2.2.0 logs the REST API Authentication token in plain text.... Read more
Affected Products : sannav- EPSS Score: %0.02
- Published: May. 09, 2022
- Modified: Nov. 21, 2024
-
3.3
LOWCVE-2022-40707
An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain th... Read more
- EPSS Score: %0.07
- Published: Sep. 28, 2022
- Modified: Nov. 21, 2024
-
3.3
LOWCVE-2022-20251
In LocaleManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User... Read more
Affected Products : android- EPSS Score: %0.01
- Published: Aug. 11, 2022
- Modified: Nov. 21, 2024
-
3.3
LOWCVE-2022-22426
IBM Spectrum Copy Data Management Admin 2.2.0.0 through 2.2.15.0 could allow a local attacker to bypass authentication restrictions, caused by the lack of proper session management. An attacker could exploit this vulnerability to bypass authentication and... Read more
- EPSS Score: %0.04
- Published: Jun. 10, 2022
- Modified: Nov. 21, 2024
-
3.3
LOWCVE-2022-36835
Implicit Intent hijacking vulnerability in Samsung Internet Browser prior to version 17.0.7.34 allows attackers to access arbitrary files.... Read more
Affected Products : samsung_internet_browser- EPSS Score: %0.15
- Published: Aug. 05, 2022
- Modified: Nov. 21, 2024
-
3.3
LOWCVE-2017-17321
Huawei eNSP software with software of versions earlier than V100R002C00B510 has a buffer overflow vulnerability. Due to the improper validation of specific command line parameter, a local attacker could exploit this vulnerability to cause the software pro... Read more
- EPSS Score: %0.03
- Published: Mar. 09, 2018
- Modified: Nov. 21, 2024
-
3.3
LOWCVE-2016-2974
IBM Sametime Connect 8.5.2 and 9.0, after uninstalling the Sametime Rich Client, could disclose potentially sensitive information related to the Sametime environment as well as other users on the local machine of the user. IBM X-Force ID: 113934.... Read more
Affected Products : sametime- EPSS Score: %0.06
- Published: Aug. 29, 2017
- Modified: Apr. 20, 2025
-
3.3
LOWCVE-2017-17329
Huawei ViewPoint 8660 V100R008C03 have a memory leak vulnerability. The software does not release allocated memory properly when parse XML Schema data. An authenticated attacker could upload a crafted XML file, successful exploit could cause the system se... Read more
- EPSS Score: %0.03
- Published: Mar. 09, 2018
- Modified: Nov. 21, 2024
-
3.3
LOWCVE-2020-9102
There is a information leak vulnerability in some Huawei products, and it could allow a local attacker to get information. The vulnerability is due to the improper management of the username. An attacker with the ability to access the device and cause the... Read more
- EPSS Score: %0.02
- Published: Jul. 17, 2020
- Modified: Nov. 21, 2024
-
3.3
LOWCVE-2014-8610
AndroidManifest.xml in Android before 5.0.0 does not require the SEND_SMS permission for the SmsReceiver receiver, which allows attackers to send stored SMS messages, and consequently transmit arbitrary new draft SMS messages or trigger additional per-mes... Read more
Affected Products : android- EPSS Score: %0.06
- Published: Dec. 15, 2014
- Modified: Apr. 12, 2025
-
3.3
LOWCVE-2018-7957
Huawei smartphones with software Victoria-AL00 8.0.0.336a(C00) have an information leakage vulnerability. Because an interface does not verify authorization correctly, attackers can exploit an application with the authorization of phone state to obtain us... Read more
- EPSS Score: %0.02
- Published: Jul. 31, 2018
- Modified: Nov. 21, 2024
-
3.3
LOWCVE-2024-47738
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: don't use rate mask for offchannel TX either Like the commit ab9177d83c04 ("wifi: mac80211: don't use rate mask for scanning"), ignore incorrect settings to avoid no sup... Read more
Affected Products : linux_kernel- Published: Oct. 21, 2024
- Modified: Oct. 23, 2024
-
3.3
LOWCVE-2020-29371
An issue was discovered in romfs_dev_read in fs/romfs/storage.c in the Linux kernel before 5.8.4. Uninitialized memory leaks to userspace, aka CID-bcf85fcedfdd.... Read more
Affected Products : linux_kernel- EPSS Score: %0.09
- Published: Nov. 28, 2020
- Modified: Nov. 21, 2024