Latest CVE Feed
-
3.3
LOWCVE-2023-21232
In multiple locations, there is a possible way to retrieve sensor data without permissions due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for expl... Read more
Affected Products : android- Published: Aug. 14, 2023
- Modified: Nov. 21, 2024
-
3.3
LOWCVE-2023-21246
In ShortcutInfo of ShortcutInfo.java, there is a possible way for an app to retain notification listening access due to an uncaught exception. This could lead to local escalation of privilege with no additional execution privileges needed. User interactio... Read more
Affected Products : android- Published: Jul. 13, 2023
- Modified: Nov. 21, 2024
-
3.3
LOWCVE-2024-27332
PDF-XChange Editor JPG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to expl... Read more
- Published: Apr. 01, 2024
- Modified: Jul. 07, 2025
-
3.3
LOWCVE-2020-9250
There is an insufficient authentication vulnerability in some Huawei smart phone. An unauthenticated, local attacker can crafts software package to exploit this vulnerability. Due to insufficient verification, successful exploitation may impact the servic... Read more
- Published: Dec. 20, 2024
- Modified: Jul. 11, 2025
-
3.3
LOWCVE-2015-5853
AirScan in Apple OS X before 10.11 allows man-in-the-middle attackers to obtain eSCL packet payload data via unspecified vectors.... Read more
- Published: Oct. 09, 2015
- Modified: Apr. 12, 2025
-
3.3
LOWCVE-2011-1676
mount in util-linux 2.19 and earlier does not remove the /etc/mtab.tmp file after a failed attempt to add a mount entry, which allows local users to trigger corruption of the /etc/mtab file via multiple invocations.... Read more
- Published: Apr. 10, 2011
- Modified: Apr. 11, 2025
-
3.3
LOWCVE-2016-0175
The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow local users to obtain sensitive information about k... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_vista- Published: May. 11, 2016
- Modified: Apr. 12, 2025
-
3.3
LOWCVE-2015-0858
Cool Projects TarDiff allows local users to write to arbitrary files via a symlink attack on a pathname in a /tmp/tardiff-$$ temporary directory.... Read more
- Published: May. 06, 2016
- Modified: Apr. 12, 2025
-
3.3
LOWCVE-2018-18386
drivers/tty/n_tty.c in the Linux kernel before 4.14.11 allows local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ.... Read more
- Published: Oct. 17, 2018
- Modified: Nov. 21, 2024
-
3.3
LOWCVE-2024-43841
In the Linux kernel, the following vulnerability has been resolved: wifi: virt_wifi: avoid reporting connection success with wrong SSID When user issues a connection with a different SSID than the one virt_wifi has advertised, the __cfg80211_connect_res... Read more
Affected Products : linux_kernel- Published: Aug. 17, 2024
- Modified: Oct. 29, 2024
-
3.3
LOWCVE-2023-21452
Improper usage of implicit intent in Bluetooth prior to SMR Mar-2023 Release 1 allows attacker to get MAC address of connected device.... Read more
- Published: Mar. 16, 2023
- Modified: Nov. 21, 2024
-
3.3
LOWCVE-2017-1000242
Jenkins Git Client Plugin 2.4.2 and earlier creates temporary file with insecure permissions resulting in information disclosure... Read more
Affected Products : git_client- Published: Nov. 01, 2017
- Modified: Apr. 20, 2025
-
3.3
LOWCVE-2022-35798
Azure Arc Jumpstart Information Disclosure Vulnerability... Read more
Affected Products : azure_arc_jumpstart- Published: May. 18, 2023
- Modified: Nov. 21, 2024
-
3.3
LOWCVE-2023-30618
Kitchen-Terraform provides a set of Test Kitchen plugins which enable the use of Test Kitchen to converge a Terraform configuration and verify the resulting infrastructure systems with InSpec controls. Kitchen-Terraform v7.0.0 introduced a regression whic... Read more
Affected Products : kitchen-terraform- Published: Apr. 21, 2023
- Modified: Nov. 21, 2024
-
3.3
LOWCVE-2023-34117
Relative path traversal in the Zoom Client SDK before version 5.15.0 may allow an unauthorized user to enable information disclosure via local access.... Read more
Affected Products : zoom_software_development_kit- Published: Jul. 11, 2023
- Modified: Nov. 21, 2024
-
3.3
LOWCVE-2022-39074
There is an unauthorized access vulnerability in some ZTE mobile phones. If a malicious application is installed on the phone, it could start a non-public interface of an application without user permission.... Read more
- Published: May. 30, 2023
- Modified: Jan. 13, 2025
-
3.3
LOWCVE-2017-1270
IBM Security Guardium 10.0 does not renew a session variable after a successful authentication which could lead to session fixation/hijacking vulnerability. This could force a user to utilize a cookie that may be known to an attacker. IBM X-Force ID: 1247... Read more
Affected Products : security_guardium- Published: Dec. 20, 2017
- Modified: Apr. 20, 2025
-
3.3
LOWCVE-2023-3669
A missing Brute-Force protection in CODESYS Development System prior to 3.5.19.20 allows a local attacker to have unlimited attempts of guessing the password within an import dialog.... Read more
Affected Products : development_system- Published: Aug. 03, 2023
- Modified: Nov. 21, 2024
-
3.3
LOWCVE-2018-5693
The LinuxMagic MagicSpam extension before 2.0.14-1 for Plesk allows local users to discover mailbox names by reading /var/log/magicspam/mslog.... Read more
Affected Products : magicspam- Published: Jan. 14, 2018
- Modified: Nov. 21, 2024
-
3.3
LOWCVE-2024-20810
Implicit intent hijacking vulnerability in Smart Suggestions prior to SMR Feb-2024 Release 1 allows local attackers to get sensitive information.... Read more
- Published: Feb. 06, 2024
- Modified: Nov. 21, 2024