Latest CVE Feed
-
3.3
LOWCVE-2017-15530
Prior to 4.4.1.10, the Norton Family Android App can be susceptible to an Information Disclosure issue. Information disclosure is a very common issue that attackers will attempt to exploit as a first pass across the application. As they probe the applicat... Read more
Affected Products : norton_family- EPSS Score: %0.08
- Published: Dec. 13, 2017
- Modified: Apr. 20, 2025
-
3.3
LOWCVE-2011-1486
libvirtd in libvirt before 0.9.0 does not use thread-safe error reporting, which allows remote attackers to cause a denial of service (crash) by causing multiple threads to report errors at the same time.... Read more
Affected Products : libvirt- EPSS Score: %0.86
- Published: May. 31, 2011
- Modified: Apr. 11, 2025
-
3.3
LOWCVE-2016-6349
The machinectl command in oci-register-machine allows local users to list running containers and possibly obtain sensitive information by running that command.... Read more
Affected Products : oci-register-machine- EPSS Score: %0.13
- Published: Mar. 29, 2017
- Modified: Apr. 20, 2025
-
3.3
LOWCVE-2024-54475
A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sonoma 14.7.2, macOS Sequoia 15.2, macOS Ventura 13.7.2. An app may be able to determine a user’s current location.... Read more
Affected Products : macos- Published: Jan. 27, 2025
- Modified: Mar. 13, 2025
- Vuln Type: Information Disclosure
-
3.3
LOWCVE-2020-11867
Audacity through 2.3.3 saves temporary files to /var/tmp/audacity-$USER by default. After Audacity creates the temporary directory, it sets its permissions to 755. Any user on the system can read and play the temporary audio .au files located there.... Read more
- EPSS Score: %0.05
- Published: Nov. 30, 2020
- Modified: Nov. 21, 2024
-
3.3
LOWCVE-2011-1089
The addmntent function in the GNU C Library (aka glibc or libc6) 2.13 and earlier does not report an error status for failed attempts to write to the /etc/mtab file, which makes it easier for local users to trigger corruption of this file, as demonstrated... Read more
Affected Products : glibc- EPSS Score: %0.09
- Published: Apr. 10, 2011
- Modified: Apr. 11, 2025
-
3.3
LOWCVE-2011-2533
The configure script in D-Bus (aka DBus) 1.2.x before 1.2.28 allows local users to overwrite arbitrary files via a symlink attack on an unspecified file in /tmp/.... Read more
Affected Products : dbus- EPSS Score: %0.03
- Published: Jun. 22, 2011
- Modified: Apr. 11, 2025
-
3.3
LOWCVE-2019-13762
Insufficient policy enforcement in downloads in Google Chrome on Windows prior to 79.0.3945.79 allowed a local attacker to spoof downloaded files via local code.... Read more
- EPSS Score: %0.03
- Published: Dec. 10, 2019
- Modified: Nov. 21, 2024
-
3.3
LOWCVE-2019-15875
In FreeBSD 12.1-STABLE before r354734, 12.1-RELEASE before 12.1-RELEASE-p2, 12.0-RELEASE before 12.0-RELEASE-p13, 11.3-STABLE before r354735, and 11.3-RELEASE before 11.3-RELEASE-p6, due to incorrect initialization of a stack data structure, core dump fil... Read more
Affected Products : freebsd- EPSS Score: %0.12
- Published: Feb. 18, 2020
- Modified: Nov. 21, 2024
-
3.3
LOWCVE-2019-15919
An issue was discovered in the Linux kernel before 5.0.10. SMB2_write in fs/cifs/smb2pdu.c has a use-after-free.... Read more
- EPSS Score: %0.06
- Published: Sep. 04, 2019
- Modified: Nov. 21, 2024
-
3.3
LOWCVE-2014-3917
kernel/auditsc.c in the Linux kernel through 3.14.5, when CONFIG_AUDITSYSCALL is enabled with certain syscall rules, allows local users to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS) via a large va... Read more
- EPSS Score: %0.09
- Published: Jun. 05, 2014
- Modified: Apr. 12, 2025
-
3.3
LOWCVE-2022-20446
In AlwaysOnHotwordDetector of AlwaysOnHotwordDetector.java, there is a possible way to access the microphone from the background due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges ne... Read more
Affected Products : android- EPSS Score: %0.02
- Published: Nov. 08, 2022
- Modified: May. 01, 2025
-
3.3
LOWCVE-2023-51568
Kofax Power PDF OXPS File Parsing Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Kofax Power PDF. User interaction is required to exploit this ... Read more
- Published: May. 03, 2024
- Modified: Aug. 07, 2025
-
3.3
LOWCVE-2021-25404
Information Exposure vulnerability in SmartThings prior to version 1.7.64.21 allows attacker to access user information via log.... Read more
- EPSS Score: %0.06
- Published: Jun. 11, 2021
- Modified: Nov. 21, 2024
-
3.3
LOWCVE-2022-39849
Improper access control in knox_vpn_policy service prior to SMR Oct-2022 Release 1 allows allows unauthorized read of configuration data.... Read more
- EPSS Score: %0.03
- Published: Oct. 07, 2022
- Modified: Nov. 21, 2024
-
3.3
LOWCVE-2021-22365
There is an out of bounds read vulnerability in eSE620X vESS V100R001C10SPC200, V100R001C20SPC200, V200R001C00SPC300. A local attacker can exploit this vulnerability by sending specific message to the target device. Due to insufficient validation of inter... Read more
- EPSS Score: %0.02
- Published: Jun. 22, 2021
- Modified: Nov. 21, 2024
-
3.3
LOWCVE-2022-35900
An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open a JP2 file containing crafted data can force an out-of-bounds read. Exp... Read more
- EPSS Score: %0.06
- Published: Jul. 15, 2022
- Modified: Nov. 21, 2024
-
3.3
LOWCVE-2024-24973
Improper input validation for some Intel(R) Distribution for GDB software before version 2024.0.1 may allow an authenticated user to potentially enable denial of service via local access.... Read more
- Published: Aug. 14, 2024
- Modified: Aug. 31, 2024
-
3.3
LOWCVE-2021-0994
In requestRouteToHostAddress of ConnectivityService.java, there is a possible way to determine whether an app is installed, without query permissions, due to a missing permission check. This could lead to local information disclosure with no additional ex... Read more
Affected Products : android- EPSS Score: %0.01
- Published: Dec. 15, 2021
- Modified: Nov. 21, 2024
-
3.3
LOWCVE-2016-2565
Samsung SecEmailSync on SM-G920F build G920FXXU2COH2 (Galaxy S6) devices allows attackers to read sent e-mail messages, aka SVE-2015-5081.... Read more
- EPSS Score: %0.08
- Published: Apr. 13, 2017
- Modified: Apr. 20, 2025