Latest CVE Feed
-
3.1
LOWCVE-2022-36117
An issue was discovered in Blue Prism Enterprise 6.0 through 7.01. In a misconfigured environment that exposes the Blue Prism Application server, it is possible for an authenticated user to reverse engineer the Blue Prism software and circumvent access co... Read more
Affected Products : blue_prism- Published: Aug. 25, 2022
- Modified: Nov. 21, 2024
-
3.1
LOWCVE-2016-3428
Unspecified vulnerability in the Oracle Agile Engineering Data Management component in Oracle Supply Chain Products Suite 6.1.3.0 and 6.2.0.0 allows remote attackers to affect availability via vectors related to Engineering Communication Interface.... Read more
- Published: Apr. 21, 2016
- Modified: Apr. 12, 2025
-
3.1
LOWCVE-2023-22128
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Filesystem). Supported versions that are affected are 10 and 11. Difficult to exploit vulnerability allows unauthenticated attacker with network access via rquota to compromise Or... Read more
- Published: Oct. 17, 2023
- Modified: Nov. 21, 2024
-
3.1
LOWCVE-2025-46720
Keystone is a content management system for Node.js. Prior to version 6.5.0, `{field}.isFilterable` access control can be bypassed in `update` and `delete` mutations by adding additional unique filters. These filters can be used as an oracle to probe the ... Read more
Affected Products : keystone- Published: May. 05, 2025
- Modified: May. 05, 2025
- Vuln Type: Authorization
-
3.1
LOWCVE-2025-2349
A vulnerability was found in IROAD Dash Cam FX2 up to 20250308. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /etc/passwd of the component Password Hash Handler. The manipulation leads to passw... Read more
Affected Products :- Published: Mar. 16, 2025
- Modified: Mar. 16, 2025
- Vuln Type: Authentication
-
3.1
LOWCVE-2025-2341
A vulnerability was found in IROAD Dash Cam X5 up to 20250203. It has been rated as problematic. This issue affects some unknown processing of the component SSID. The manipulation leads to use of default credentials. The attack needs to be initiated withi... Read more
Affected Products :- Published: Mar. 16, 2025
- Modified: Mar. 16, 2025
- Vuln Type: Authentication
-
3.1
LOWCVE-2016-7199
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to bypass the Same Origin Policy and obtain sensitive window-state information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."... Read more
- Published: Nov. 10, 2016
- Modified: Apr. 12, 2025
-
3.1
LOWCVE-2016-9697
An unspecified vulnerability in IBM Rhapsody DM 4.0, 5.0, and 6.0 could allow an attacker to perform a JSON Hijacking Attack. A JSON Hijacking Attack may expose to an attacker information passed between the server and the browser. IBM Reference #: 1999960... Read more
Affected Products : rational_rhapsody_design_manager- Published: Mar. 20, 2017
- Modified: Apr. 20, 2025
-
3.1
LOWCVE-2025-48463
Successful exploitation of the vulnerability could allow an attacker to intercept data and conduct session hijacking on the exposed data as the vulnerable product uses unencrypted HTTP communication, potentially leading to unauthorised access or data tamp... Read more
Affected Products : wise-4060lan_firmware wise-4060lan wise-4050lan_firmware wise-4050lan wise-4010lan_firmware wise-4010lan- Published: Jun. 24, 2025
- Modified: Jul. 09, 2025
- Vuln Type: Cryptography
-
3.1
LOWCVE-2025-30197
Jenkins Zoho QEngine Plugin 1.0.29.vfa_cc23396502 and earlier does not mask the QEngine API Key form field, increasing the potential for attackers to observe and capture it.... Read more
Affected Products :- Published: Mar. 19, 2025
- Modified: Mar. 21, 2025
- Vuln Type: Information Disclosure
-
3.1
LOWCVE-2018-3139
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181. Difficult to exploit vulnerability allows unauthe... Read more
- Published: Oct. 17, 2018
- Modified: Nov. 21, 2024
-
3.1
LOWCVE-2019-2422
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u201, 8u192 and 11.0.1; Java SE Embedded: 8u191. Difficult to exploit vulnerability allows unauthenticated attacker with... Read more
- Published: Jan. 16, 2019
- Modified: Nov. 21, 2024
-
3.1
LOWCVE-2019-2493
Vulnerability in the PeopleSoft Enterprise CS Campus Community component of Oracle PeopleSoft Products (subcomponent: Frameworks). Supported versions that are affected are 9.0 and 9.2. Difficult to exploit vulnerability allows unauthenticated attacker wit... Read more
- Published: Jan. 16, 2019
- Modified: Nov. 21, 2024
-
3.1
LOWCVE-2020-14796
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthentica... Read more
Affected Products : debian_linux leap active_iq_unified_manager hci_management_node solidfire oncommand_insight oncommand_unified_manager jdk jre e-series_santricity_os_controller +8 more products- Published: Oct. 21, 2020
- Modified: May. 27, 2025
-
3.1
LOWCVE-2017-11791
ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Serve... Read more
- Published: Nov. 15, 2017
- Modified: Apr. 20, 2025
-
3.1
LOWCVE-2018-0878
Windows Remote Assistance in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an infor... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016- Published: Mar. 14, 2018
- Modified: Apr. 04, 2025
-
3.1
LOWCVE-2023-22006
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise ... Read more
- Published: Jul. 18, 2023
- Modified: Nov. 21, 2024
-
3.1
LOWCVE-2017-10345
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploi... Read more
- Published: Oct. 19, 2017
- Modified: Apr. 20, 2025
-
3.1
LOWCVE-2017-11833
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to determine the origin of all webpages in the affected browser, due to how Microsoft Edge handles cross-origin re... Read more
- Published: Nov. 15, 2017
- Modified: Apr. 20, 2025
-
3.1
LOWCVE-2016-3274
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to conduct content-spoofing attacks via a crafted URL, aka "Microsoft Browser Spoofing Vulnerability."... Read more
- Published: Jul. 13, 2016
- Modified: Apr. 12, 2025