Latest CVE Feed
-
3.1
LOWCVE-2025-1400
Out-of-bounds Read vulnerability in unpack_response (conn.c) in libplctag from 2.0 through 2.6.3 allows Overread Buffers via network.... Read more
Affected Products :- Published: May. 07, 2025
- Modified: May. 07, 2025
- Vuln Type: Memory Corruption
-
3.1
LOWCVE-2024-45120
Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could lead to a security feature bypass. An attacker could exploit this vulnerability to alt... Read more
- Published: Oct. 10, 2024
- Modified: Dec. 12, 2024
-
3.1
LOWCVE-2025-32787
SoftEtherVPN is a an open-source cross-platform multi-protocol VPN Program. Versions 5.02.5184 to 5.02.5187 are vulnerable to NULL dereference in `DeleteIPv6DefaultRouterInRA` called by `StorePacket`. Before dereferencing, `DeleteIPv6DefaultRouterInRA` do... Read more
Affected Products :- Published: Apr. 16, 2025
- Modified: Apr. 17, 2025
- Vuln Type: Denial of Service
-
3.1
LOWCVE-2017-10193
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Difficult to exploit vulnerability allows unauthenticat... Read more
- EPSS Score: %0.38
- Published: Aug. 08, 2017
- Modified: Apr. 20, 2025
-
3.1
LOWCVE-2020-14798
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthentica... Read more
Affected Products : debian_linux leap active_iq_unified_manager hci_management_node solidfire oncommand_insight oncommand_unified_manager jdk jre e-series_santricity_os_controller +8 more products- EPSS Score: %0.25
- Published: Oct. 21, 2020
- Modified: May. 27, 2025
-
3.1
LOWCVE-2017-17282
SCCP (Signalling Connection Control Part) module in Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006... Read more
Affected Products : dp300_firmware te60_firmware rp200_firmware te30_firmware te40_firmware te50_firmware te30 te40 te50 te60 +2 more products- EPSS Score: %0.05
- Published: Mar. 09, 2018
- Modified: Nov. 21, 2024
-
3.1
LOWCVE-2024-39458
When Jenkins Structs Plugin 337.v1b_04ea_4df7c8 and earlier fails to configure a build step, it logs a warning message containing diagnostic information that may contain secrets passed as step parameters, potentially resulting in accidental exposure of se... Read more
Affected Products :- Published: Jun. 26, 2024
- Modified: Nov. 21, 2024
-
3.1
LOWCVE-2024-43411
CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A theoretical vulnerability has been identified in CKEditor 4.22 (and above). In a highly unlikely scenario where an attacker gains control over the https://cke4.ckeditor.com domain, th... Read more
Affected Products : ckeditor- Published: Aug. 21, 2024
- Modified: Aug. 21, 2024
-
3.1
LOWCVE-2025-30197
Jenkins Zoho QEngine Plugin 1.0.29.vfa_cc23396502 and earlier does not mask the QEngine API Key form field, increasing the potential for attackers to observe and capture it.... Read more
Affected Products :- Published: Mar. 19, 2025
- Modified: Mar. 21, 2025
- Vuln Type: Information Disclosure
-
3.1
LOWCVE-2024-21003
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JavaFX). Supported versions that are affected are Oracle Java SE: 8u401; Oracle GraalVM Enterprise Edition: 20.3.13 and 21.3.9. Difficult to exp... Read more
- Published: Apr. 16, 2024
- Modified: Mar. 29, 2025
-
3.1
LOWCVE-2024-21005
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JavaFX). Supported versions that are affected are Oracle Java SE: 8u401; Oracle GraalVM Enterprise Edition: 20.3.13 and 21.3.9. Difficult to exp... Read more
- Published: Apr. 16, 2024
- Modified: Dec. 05, 2024
-
3.1
LOWCVE-2024-21231
Vulnerability in the MySQL Server product of Oracle MySQL (component: Client programs). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Difficult to exploit vulnerability allows low privileged attacker wit... Read more
- Published: Oct. 15, 2024
- Modified: Mar. 13, 2025
-
3.1
LOWCVE-2018-8862
In ATI Systems Emergency Mass Notification Systems (HPSS16, HPSS32, MHPSS, and ALERT4000) devices, an improper authentication vulnerability caused by specially crafted malicious radio transmissions may allow an attacker to remotely trigger false alarms.... Read more
Affected Products : hpss16_firmware hpss32_firmware mhpss_firmware alert4000_firmware hpss16 hpss32 mhpss alert4000- EPSS Score: %0.20
- Published: May. 25, 2018
- Modified: Nov. 21, 2024
-
3.1
LOWCVE-2023-22048
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Pluggable Auth). Supported versions that are affected are 8.0.33 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple p... Read more
Affected Products : fedora active_iq_unified_manager mysql oncommand_insight oncommand_workflow_automation snapcenter mysql_server- EPSS Score: %0.12
- Published: Jul. 18, 2023
- Modified: Nov. 21, 2024
-
3.1
LOWCVE-2017-3539
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121. Difficult to exploit vulnerability allows unauthenticat... Read more
Affected Products : debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation enterprise_linux_server_aus enterprise_linux_server_eus enterprise_linux_server_tus jdk jre satellite +1 more products- EPSS Score: %0.50
- Published: Apr. 24, 2017
- Modified: Apr. 20, 2025
-
3.1
LOWCVE-2023-4579
Search queries in the default search engine could appear to have been the currently navigated URL if the search query itself was a well formed URL. This could have led to a site spoofing another if it had been maliciously set as the default search engine.... Read more
Affected Products : firefox- EPSS Score: %0.17
- Published: Sep. 11, 2023
- Modified: Nov. 21, 2024
-
3.1
LOWCVE-2018-8366
An information disclosure vulnerability exists when the Microsoft Edge Fetch API incorrectly handles a filtered response type, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge.... Read more
- EPSS Score: %2.06
- Published: Sep. 13, 2018
- Modified: Nov. 21, 2024
-
3.1
LOWCVE-2016-3325
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."... Read more
- EPSS Score: %37.46
- Published: Sep. 14, 2016
- Modified: Apr. 12, 2025
-
3.1
LOWCVE-2019-2449
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). The supported version that is affected is Java SE: 8u192. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to... Read more
Affected Products : enterprise_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation enterprise_linux_eus oncommand_unified_manager oncommand_workflow_automation jdk jre snapmanager +1 more products- EPSS Score: %2.94
- Published: Jan. 16, 2019
- Modified: Nov. 21, 2024
-
3.1
LOWCVE-2018-8482
An information disclosure vulnerability exists when Windows Media Player improperly discloses file information, aka "Windows Media Player Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server... Read more
- EPSS Score: %2.46
- Published: Oct. 10, 2018
- Modified: Nov. 21, 2024