Latest CVE Feed
-
3.1
LOWCVE-2025-7882
A vulnerability was found in Mercusys MW301R 1.0.2 Build 190726 Rel.59423n. It has been rated as problematic. This issue affects some unknown processing of the component Login. The manipulation leads to improper restriction of excessive authentication att... Read more
Affected Products :- Published: Jul. 20, 2025
- Modified: Jul. 22, 2025
- Vuln Type: Authentication
-
3.1
LOWCVE-2017-11791
ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Serve... Read more
- EPSS Score: %15.44
- Published: Nov. 15, 2017
- Modified: Apr. 20, 2025
-
3.1
LOWCVE-2025-47279
Undici is an HTTP/1.1 client for Node.js. Prior to versions 5.29.0, 6.21.2, and 7.5.0, applications that use undici to implement a webhook-like system are vulnerable. If the attacker set up a server with an invalid certificate, and they can force the appl... Read more
Affected Products : undici- Published: May. 15, 2025
- Modified: May. 16, 2025
- Vuln Type: Memory Corruption
-
3.1
LOWCVE-2017-10345
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploi... Read more
- EPSS Score: %0.52
- Published: Oct. 19, 2017
- Modified: Apr. 20, 2025
-
3.1
LOWCVE-2017-15352
Huawei OceanStor 2800 V3, V300R003C00, V300R003C20, OceanStor 5300 V3, V300R003C00, V300R003C10, V300R003C20, OceanStor 5500 V3, V300R003C00, V300R003C10, V300R003C20, OceanStor 5600 V3, V300R003C00, V300R003C10, V300R003C20, OceanStor 5800 V3, V300R003C0... Read more
- EPSS Score: %0.03
- Published: Feb. 15, 2018
- Modified: Nov. 21, 2024
-
3.1
LOWCVE-2023-22006
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise ... Read more
- EPSS Score: %0.12
- Published: Jul. 18, 2023
- Modified: Nov. 21, 2024
-
3.1
LOWCVE-2024-13293
Cross-Site Request Forgery (CSRF) vulnerability in Drupal POST File allows Cross Site Request Forgery.This issue affects POST File: from 0.0.0 before 1.0.2.... Read more
Affected Products :- Published: Jan. 09, 2025
- Modified: Jan. 10, 2025
- Vuln Type: Cross-Site Request Forgery
-
3.1
LOWCVE-2023-22048
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Pluggable Auth). Supported versions that are affected are 8.0.33 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple p... Read more
Affected Products : fedora active_iq_unified_manager mysql oncommand_insight oncommand_workflow_automation snapcenter mysql_server- EPSS Score: %0.12
- Published: Jul. 18, 2023
- Modified: Nov. 21, 2024
-
3.1
LOWCVE-2020-3894
A race condition was addressed with additional validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. An application may be able to read restrict... Read more
- EPSS Score: %0.64
- Published: Apr. 01, 2020
- Modified: Nov. 21, 2024
-
3.1
LOWCVE-2020-15005
In MediaWiki before 1.31.8, 1.32.x and 1.33.x before 1.33.4, and 1.34.x before 1.34.2, private wikis behind a caching server using the img_auth.php image authorization security feature may have had their files cached publicly, so any unauthorized user cou... Read more
- EPSS Score: %0.88
- Published: Jun. 24, 2020
- Modified: Nov. 21, 2024
-
3.1
LOWCVE-2017-17282
SCCP (Signalling Connection Control Part) module in Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006... Read more
Affected Products : dp300_firmware te60_firmware rp200_firmware te30_firmware te40_firmware te50_firmware te30 te40 te50 te60 +2 more products- EPSS Score: %0.05
- Published: Mar. 09, 2018
- Modified: Nov. 21, 2024
-
3.1
LOWCVE-2017-3539
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121. Difficult to exploit vulnerability allows unauthenticat... Read more
Affected Products : debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation enterprise_linux_server_aus enterprise_linux_server_eus enterprise_linux_server_tus jdk jre satellite +1 more products- EPSS Score: %0.50
- Published: Apr. 24, 2017
- Modified: Apr. 20, 2025
-
3.1
LOWCVE-2016-0125
Microsoft Edge mishandles the Referer policy, which allows remote attackers to obtain sensitive browser-history and request information via a crafted HTTPS web site, aka "Microsoft Edge Information Disclosure Vulnerability."... Read more
Affected Products : edge- EPSS Score: %4.49
- Published: Mar. 09, 2016
- Modified: Apr. 12, 2025
-
3.1
LOWCVE-2016-7204
Microsoft Edge allows remote attackers to access arbitrary "My Documents" files via a crafted web site, aka "Microsoft Edge Information Disclosure Vulnerability."... Read more
Affected Products : edge- EPSS Score: %18.60
- Published: Nov. 10, 2016
- Modified: Apr. 12, 2025
-
3.1
LOWCVE-2022-30629
Non-random values for ticket_age_add in session tickets in crypto/tls before Go 1.17.11 and Go 1.18.3 allow an attacker that can observe TLS handshakes to correlate successive connections by comparing ticket ages during session resumption.... Read more
Affected Products : go- EPSS Score: %0.07
- Published: Aug. 10, 2022
- Modified: Nov. 21, 2024
-
3.1
LOWCVE-2021-24000
A race condition with requestPointerLock() and setTimeout() could have resulted in a user interacting with one tab when they believed they were on a separate tab. In conjunction with certain elements (such as <input type="file">) this could have led... Read more
Affected Products : firefox- EPSS Score: %0.23
- Published: Jun. 24, 2021
- Modified: Nov. 21, 2024
-
3.1
LOWCVE-2020-14798
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthentica... Read more
Affected Products : debian_linux leap active_iq_unified_manager hci_management_node solidfire oncommand_insight oncommand_unified_manager jdk jre e-series_santricity_os_controller +8 more products- EPSS Score: %0.25
- Published: Oct. 21, 2020
- Modified: May. 27, 2025
-
3.1
LOWCVE-2025-1400
Out-of-bounds Read vulnerability in unpack_response (conn.c) in libplctag from 2.0 through 2.6.3 allows Overread Buffers via network.... Read more
Affected Products :- Published: May. 07, 2025
- Modified: May. 07, 2025
- Vuln Type: Memory Corruption
-
3.1
LOWCVE-2025-32787
SoftEtherVPN is a an open-source cross-platform multi-protocol VPN Program. Versions 5.02.5184 to 5.02.5187 are vulnerable to NULL dereference in `DeleteIPv6DefaultRouterInRA` called by `StorePacket`. Before dereferencing, `DeleteIPv6DefaultRouterInRA` do... Read more
Affected Products :- Published: Apr. 16, 2025
- Modified: Apr. 17, 2025
- Vuln Type: Denial of Service
-
3.1
LOWCVE-2017-10193
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Difficult to exploit vulnerability allows unauthenticat... Read more
- EPSS Score: %0.38
- Published: Aug. 08, 2017
- Modified: Apr. 20, 2025