Latest CVE Feed
-
3.3
LOWCVE-2024-23462
An Improper Validation of Integrity Check Value vulnerability in Zscaler Client Connector on MacOS allows a denial of service of the Client Connector binary and thus removing client functionality.This issue affects Client Connector on MacOS: before 3.4. ... Read more
Affected Products : client_connector- Published: May. 02, 2024
- Modified: Nov. 21, 2024
-
3.3
LOWCVE-2023-24069
Signal Desktop before 6.2.0 on Windows, Linux, and macOS allows an attacker to obtain potentially sensitive attachments sent in messages from the attachments.noindex directory. Cached attachments are not effectively cleared. In some cases, even after a se... Read more
- EPSS Score: %0.07
- Published: Jan. 23, 2023
- Modified: Nov. 21, 2024
-
3.3
LOWCVE-2024-28584
Null Pointer Dereference vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the J2KImageToFIBITMAP() function when reading images in J2K format.... Read more
Affected Products : freeimage- Published: Mar. 20, 2024
- Modified: Mar. 28, 2025
-
3.3
LOWCVE-2024-24973
Improper input validation for some Intel(R) Distribution for GDB software before version 2024.0.1 may allow an authenticated user to potentially enable denial of service via local access.... Read more
- Published: Aug. 14, 2024
- Modified: Aug. 31, 2024
-
3.3
LOWCVE-2015-4774
Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42, 11.2.5.3.28, and 12.1.6.0.35 allows local users to affect integrity and availability via unknown vectors, a different vulnerability than CVE-2015-4779 an... Read more
Affected Products : berkeley_db- EPSS Score: %0.08
- Published: Jul. 16, 2015
- Modified: Apr. 12, 2025
-
3.3
LOWCVE-2022-35903
An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open a 3DS file containing crafted data can force an out-of-bounds read. Exp... Read more
- EPSS Score: %0.06
- Published: Jul. 15, 2022
- Modified: Nov. 21, 2024
-
3.3
LOWCVE-2022-40708
An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain th... Read more
- EPSS Score: %0.07
- Published: Sep. 28, 2022
- Modified: May. 20, 2025
-
3.3
LOWCVE-2019-14671
Firefly III 4.7.17.3 is vulnerable to local file enumeration. An attacker can enumerate local files due to the lack of protocol scheme sanitization, such as for file:/// URLs. This is related to fints_url to import/job/configuration, and import/create/fin... Read more
Affected Products : firefly_iii- EPSS Score: %0.05
- Published: Aug. 05, 2019
- Modified: Nov. 21, 2024
-
3.3
LOWCVE-2021-31815
GAEN (aka Google/Apple Exposure Notifications) through 2021-04-27 on Android allows attackers to obtain sensitive information, such as a user's location history, in-person social graph, and (sometimes) COVID-19 infection status, because Rolling Proximity ... Read more
- EPSS Score: %0.01
- Published: Apr. 28, 2021
- Modified: Nov. 21, 2024
-
3.3
LOWCVE-2013-4209
Automatic Bug Reporting Tool (ABRT) before 2.1.6 allows local users to obtain sensitive information about arbitrary files via vectors related to sha1sums.... Read more
Affected Products : automatic_bug_reporting_tool- EPSS Score: %0.04
- Published: May. 01, 2018
- Modified: Nov. 21, 2024
-
3.3
LOWCVE-2019-14396
API Analytics adminbin in cPanel before 80.0.5 allows spoofed insertions of log data (SEC-495).... Read more
Affected Products : cpanel- EPSS Score: %0.07
- Published: Jul. 30, 2019
- Modified: Nov. 21, 2024
-
3.3
LOWCVE-2020-2291
Jenkins couchdb-statistics Plugin 0.3 and earlier stores its server password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system.... Read more
Affected Products : couchdb-statistics- EPSS Score: %0.01
- Published: Oct. 08, 2020
- Modified: Nov. 21, 2024
-
3.3
LOWCVE-2011-3574
Unspecified vulnerability in Oracle Communications Unified 7.0 allows local users to affect confidentiality and integrity via unknown vectors related to Calendar Server.... Read more
Affected Products : communications_unified- EPSS Score: %0.06
- Published: Jan. 18, 2012
- Modified: Apr. 11, 2025
-
3.3
LOWCVE-2017-8418
RuboCop 0.48.1 and earlier does not use /tmp in safe way, allowing local users to exploit this to tamper with cache files belonging to other users.... Read more
Affected Products : rubocop- EPSS Score: %0.06
- Published: May. 02, 2017
- Modified: Apr. 20, 2025
-
3.3
LOWCVE-2013-5636
Unlock.exe in Media Encryption EPM Explorer in Check Point Endpoint Security through E80.50 does not associate password failures with a device ID, which makes it easier for physically proximate attackers to bypass the device-locking protection mechanism b... Read more
Affected Products : endpoint_security- EPSS Score: %0.03
- Published: Nov. 30, 2013
- Modified: Apr. 11, 2025
-
3.3
LOWCVE-2015-4033
Samsung SBeam allows remote attackers to read arbitrary images by leveraging an NFC connection to access the HTTP server on port 15000.... Read more
Affected Products : s-beam- EPSS Score: %0.43
- Published: Jul. 06, 2015
- Modified: Apr. 12, 2025
-
3.3
LOWCVE-2008-4908
maps/Info/combine.pl in CrossFire crossfire-maps 1.11.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary file.... Read more
- EPSS Score: %0.03
- Published: Nov. 04, 2008
- Modified: Apr. 09, 2025
-
3.3
LOWCVE-2018-1000150
An exposure of sensitive information vulnerability exists in Jenkins Reverse Proxy Auth Plugin 1.5 and older in ReverseProxySecurityRealm#authContext that allows attackers with local file system access to obtain a list of authorities for logged in users.... Read more
Affected Products : reverse_proxy_auth- EPSS Score: %0.01
- Published: Apr. 05, 2018
- Modified: Nov. 21, 2024
-
3.3
LOWCVE-2022-20335
In Wifi Slice, there is a possible way to adjust Wi-Fi settings even when the permission has been disabled due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction... Read more
Affected Products : android- EPSS Score: %0.02
- Published: Aug. 12, 2022
- Modified: Nov. 21, 2024
-
3.3
LOWCVE-2024-45674
IBM Security Verify Bridge Directory Sync 1.0.1 through 1.0.12, IBM Security Verify Gateway for Windows Login 1.0.1 through 1.0.10, and IBM Security Verify Gateway for Radius 1.0.1 through 1.0.11 stores potentially sensitive information in log files tha... Read more
- Published: Feb. 22, 2025
- Modified: Aug. 18, 2025
- Vuln Type: Information Disclosure