Latest CVE Feed
-
3.3
LOWCVE-2024-56810
IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system.... Read more
- Published: Feb. 27, 2025
- Modified: Jul. 07, 2025
- Vuln Type: Information Disclosure
-
3.3
LOWCVE-2024-56493
IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system.... Read more
- Published: Feb. 27, 2025
- Modified: Jul. 07, 2025
- Vuln Type: Information Disclosure
-
3.3
LOWCVE-2024-56811
IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system.... Read more
- Published: Feb. 27, 2025
- Modified: Jul. 07, 2025
- Vuln Type: Information Disclosure
-
3.3
LOWCVE-2025-21851
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix softlockup in arena_map_free on 64k page kernel On an aarch64 kernel with CONFIG_PAGE_SIZE_64KB=y, arena_htab tests cause a segmentation fault and soft lockup. The same failure... Read more
Affected Products : linux_kernel- Published: Mar. 12, 2025
- Modified: Mar. 13, 2025
- Vuln Type: Misconfiguration
-
3.3
LOWCVE-2025-0759
IBM EntireX 11.1 could allow a local user to unintentionally modify data timestamp integrity due to improper shared resource synchronization.... Read more
- Published: Feb. 27, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Race Condition
-
3.3
LOWCVE-2025-46718
sudo-rs is a memory safe implementation of sudo and su written in Rust. Prior to version 0.2.6, users with limited sudo privileges (e.g. execution of a single command) can list sudo privileges of other users using the `-U` flag. This vulnerability allows ... Read more
Affected Products : sudo- Published: May. 12, 2025
- Modified: Jul. 09, 2025
- Vuln Type: Authorization
-
3.3
LOWCVE-2023-34406
An issue was discovered on Mercedes Benz NTG 6. A possible integer overflow exists in the user data import/export function of NTG (New Telematics Generation) 6 head units. To perform this attack, local access to USB interface of the car is needed. With pr... Read more
Affected Products : headunit_ntg6_mercedes-benz_user_experience- Published: Feb. 13, 2025
- Modified: Jun. 27, 2025
- Vuln Type: Denial of Service
-
3.3
LOWCVE-2025-27496
Snowflake, a platform for using artificial intelligence in the context of cloud computing, has a vulnerability in the Snowflake JDBC driver ("Driver") in versions 3.0.13 through 3.23.0 of the driver. When the logging level was set to DEBUG, the Driver wou... Read more
Affected Products : snowflake_jdbc- Published: Mar. 13, 2025
- Modified: Aug. 22, 2025
- Vuln Type: Information Disclosure
-
3.3
LOWCVE-2024-56495
IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system.... Read more
- Published: Feb. 27, 2025
- Modified: Jul. 07, 2025
- Vuln Type: Information Disclosure
-
3.3
LOWCVE-2020-4629
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a local user with specialized access to obtain sensitive information from a detailed technical error message. This information could be used in further attacks against the system. IBM X-F... Read more
- EPSS Score: %0.09
- Published: Sep. 30, 2020
- Modified: Nov. 21, 2024
-
3.3
LOWCVE-2011-1681
vmware-hgfsmounter in VMware Open Virtual Machine Tools (aka open-vm-tools) 8.4.2-261024 and earlier attempts to append to the /etc/mtab file without first checking whether resource limits would interfere, which allows local users to trigger corruption of... Read more
Affected Products : open-vm-tools- EPSS Score: %0.09
- Published: Apr. 10, 2011
- Modified: Apr. 11, 2025
-
3.3
LOWCVE-2016-3711
HAproxy in Red Hat OpenShift Enterprise 3.2 and OpenShift Origin allows local users to obtain the internal IP address of a pod by reading the "OPENSHIFT_[namespace]_SERVERID" cookie.... Read more
- EPSS Score: %0.05
- Published: Jun. 08, 2016
- Modified: Apr. 12, 2025
-
3.3
LOWCVE-2017-18196
Leptonica 1.74.4 constructs unintended pathnames (containing duplicated path components) when operating on files in /tmp subdirectories, which might allow local users to bypass intended file restrictions by leveraging access to a directory located deeper ... Read more
Affected Products : leptonica- EPSS Score: %0.04
- Published: Feb. 23, 2018
- Modified: Nov. 21, 2024
-
3.3
LOWCVE-2023-46051
TeX Live 944e257 allows a NULL pointer dereference in texk/web2c/pdftexdir/tounicode.c. NOTE: this is disputed because it should be categorized as a usability problem.... Read more
Affected Products :- Published: Mar. 27, 2024
- Modified: Nov. 29, 2024
-
3.3
LOWCVE-2012-1174
The rm_rf_children function in util.c in the systemd-logind login manager in systemd before 44, when logging out, allows local users to delete arbitrary files via a symlink attack on unspecified files, related to "particular records related with user sess... Read more
- EPSS Score: %0.12
- Published: Jul. 12, 2012
- Modified: Apr. 11, 2025
-
3.3
LOWCVE-2009-5082
The (1) configure and (2) config.guess scripts in GNU troff (aka groff) 1.20.1 on Openwall GNU/*/Linux (aka Owl) improperly create temporary files upon a failure of the mktemp function, which makes it easier for local users to overwrite arbitrary files vi... Read more
- EPSS Score: %0.03
- Published: Jun. 30, 2011
- Modified: Apr. 11, 2025
-
3.3
LOWCVE-2019-8730
The contents of locked notes sometimes appeared in search results. This issue was addressed with improved data cleanup. This issue is fixed in macOS Catalina 10.15. A local user may be able to view a user’s locked notes.... Read more
- EPSS Score: %0.12
- Published: Dec. 18, 2019
- Modified: Nov. 21, 2024
-
3.3
LOWCVE-2014-0249
The System Security Services Daemon (SSSD) 1.11.6 does not properly identify group membership when a non-POSIX group is in a group membership chain, which allows local users to bypass access restrictions via unspecified vectors.... Read more
- EPSS Score: %0.06
- Published: Jun. 11, 2014
- Modified: Apr. 12, 2025
-
3.3
LOWCVE-2010-0118
Bournal before 1.4.1 allows local users to overwrite arbitrary files via a symlink attack on unspecified temporary files associated with a --hack_the_gibson update check.... Read more
Affected Products : bournal- EPSS Score: %0.04
- Published: Feb. 25, 2010
- Modified: Apr. 11, 2025
-
3.3
LOWCVE-2011-0012
The SPICE Firefox plug-in (spice-xpi) 2.4, 2.3, 2.2, and possibly other versions allows local users to overwrite arbitrary files via a symlink attack on the usbrdrctl log file, which has a predictable name.... Read more
- EPSS Score: %0.03
- Published: Apr. 18, 2011
- Modified: Apr. 11, 2025