Latest CVE Feed
-
3.3
LOWCVE-2016-10772
cPanel before 60.0.25 does not enforce feature-list restrictions when calling the multilang adminbin (SEC-168).... Read more
Affected Products : cpanel- EPSS Score: %0.07
- Published: Aug. 05, 2019
- Modified: Nov. 21, 2024
-
3.3
LOWCVE-2019-15339
The Lava Z60s Android device with a build fingerprint of LAVA/Z60s/Z60s:8.1.0/O11019/1530331229:user/release-keys contains a pre-installed app with a package name of com.android.lava.powersave app (versionCode=400, versionName=v4.0.27) that allows any app... Read more
- EPSS Score: %0.11
- Published: Nov. 14, 2019
- Modified: Nov. 21, 2024
-
3.3
LOWCVE-2024-27332
PDF-XChange Editor JPG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to expl... Read more
- Published: Apr. 01, 2024
- Modified: Jul. 07, 2025
-
3.3
LOWCVE-2013-1444
A certain Debian patch for txt2man 1.5.5, as used in txt2man 1.5.5-2, 1.5.5-4, and others, allows local users to overwrite arbitrary files via a symlink attack on /tmp/2222.... Read more
- EPSS Score: %0.05
- Published: Sep. 30, 2013
- Modified: Apr. 11, 2025
-
3.3
LOWCVE-2016-4645
CFNetwork in Apple OS X before 10.11.6 uses weak permissions for web-browser cookies, which allows local users to obtain sensitive information via unspecified vectors.... Read more
- EPSS Score: %0.10
- Published: Jul. 22, 2016
- Modified: Apr. 12, 2025
-
3.3
LOWCVE-2016-5615
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability via vectors related to Lynx.... Read more
Affected Products : solaris- EPSS Score: %0.06
- Published: Oct. 25, 2016
- Modified: Apr. 12, 2025
-
3.3
LOWCVE-2015-8034
The state.sls function in Salt before 2015.8.3 uses weak permissions on the cache data, which allows local users to obtain sensitive information by reading the file.... Read more
Affected Products : salt- EPSS Score: %0.04
- Published: Jan. 30, 2017
- Modified: Apr. 20, 2025
-
3.3
LOWCVE-2024-50057
In the Linux kernel, the following vulnerability has been resolved: usb: typec: tipd: Free IRQ only if it was requested before In polling mode, if no IRQ was requested there is no need to free it. Call devm_free_irq() only if client->irq is set. This fi... Read more
Affected Products : linux_kernel- Published: Oct. 21, 2024
- Modified: Oct. 24, 2024
-
3.3
LOWCVE-2017-1381
IBM WebSphere Application Server Proxy Server or On-demand-router (ODR) 7.0, 8.0, 8.5, 9.0 and could allow a local attacker to obtain sensitive information, caused by stale data being cached and then served. IBM X-Force ID: 127152.... Read more
Affected Products : websphere_application_server- EPSS Score: %0.06
- Published: Jul. 21, 2017
- Modified: Apr. 20, 2025
-
3.3
LOWCVE-2015-8801
Race condition in the client in Symantec Endpoint Protection (SEP) 12.1 before RU6 MP5 allows local users to bypass intended restrictions on USB file transfer by conducting filesystem operations before the SEP device manager recognizes a new USB device.... Read more
Affected Products : endpoint_protection_manager- EPSS Score: %0.06
- Published: Jun. 30, 2016
- Modified: Apr. 12, 2025
-
3.3
LOWCVE-2015-9543
An issue was discovered in OpenStack Nova before 18.2.4, 19.x before 19.1.0, and 20.x before 20.1.0. It can leak consoleauth tokens into log files. An attacker with read access to the service's logs may obtain tokens used for console access. All Nova setu... Read more
Affected Products : nova- EPSS Score: %0.13
- Published: Feb. 19, 2020
- Modified: Nov. 21, 2024
-
3.3
LOWCVE-2024-50044
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change rfcomm_sk_state_change attempts to use sock_lock so it must never be called with it locked but rfcomm_sock_ioctl alway... Read more
Affected Products : linux_kernel- Published: Oct. 21, 2024
- Modified: Nov. 08, 2024
-
3.3
LOWCVE-2017-3301
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). The supported version that is affected is 11.3. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Sol... Read more
Affected Products : solaris- EPSS Score: %0.46
- Published: Jan. 27, 2017
- Modified: Apr. 20, 2025
-
3.3
LOWCVE-2013-2102
The default configuration of Red Hat JBoss Portal before 6.1.0 enables the JGroups diagnostics service with no authentication when a JGroups channel is started, which allows remote attackers to obtain sensitive information (diagnostics) by accessing the s... Read more
- EPSS Score: %0.16
- Published: Oct. 28, 2013
- Modified: Apr. 11, 2025
-
3.3
LOWCVE-2016-4749
Printing UIKit in Apple iOS before 10 mishandles environment variables, which allows local users to discover cleartext AirPrint preview content by reading a temporary file.... Read more
Affected Products : iphone_os- EPSS Score: %0.06
- Published: Sep. 18, 2016
- Modified: Apr. 12, 2025
-
3.3
LOWCVE-2023-6728
Nokia SR OS bof.cfg file encryption is vulnerable to a brute force attack. This weakness allows an attacker in possession of the encrypted file to decrypt the bof.cfg file and obtain the BOF configuration content.... Read more
Affected Products :- Published: Oct. 17, 2024
- Modified: Nov. 05, 2024
-
3.3
LOWCVE-2020-9203
There is a resource management errors vulnerability in Huawei P30. Local attackers construct broadcast message for some application, causing this application to send this broadcast message and impact the customer's use experience.... Read more
- EPSS Score: %0.02
- Published: Jan. 13, 2021
- Modified: Nov. 21, 2024
-
3.3
LOWCVE-2025-24336
SXF Common Library handles input data improperly. If a product using the library reads a crafted file, the product may be crashed.... Read more
Affected Products :- Published: Jan. 31, 2025
- Modified: Jan. 31, 2025
- Vuln Type: Denial of Service
-
3.3
LOWCVE-2024-5198
OpenVPN ovpn-dco for Windows version 1.1.1 allows an unprivileged local attacker to send I/O control messages with invalid data to the driver resulting in a NULL pointer dereference leading to a system halt.... Read more
- Published: Jan. 15, 2025
- Modified: Jun. 10, 2025
- Vuln Type: Denial of Service
-
3.3
LOWCVE-2020-24003
Microsoft Skype through 8.59.0.77 on macOS has the disable-library-validation entitlement, which allows a local process (with the user's privileges) to obtain unprompted microphone and camera access by loading a crafted library and thereby inheriting Skyp... Read more
Affected Products : skype- EPSS Score: %0.80
- Published: Jan. 11, 2021
- Modified: Nov. 21, 2024