Latest CVE Feed
-
3.1
LOWCVE-2025-2093
A vulnerability was found in PHPGurukul Online Library Management System 3.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /change-password.php. The manipulation of the argument email/phone nu... Read more
Affected Products : online_library_management_system- Published: Mar. 07, 2025
- Modified: Apr. 03, 2025
- Vuln Type: Authentication
-
3.1
LOWCVE-2025-10252
A flaw has been found in SEAT Queue Ticket Kiosk up to 20250827. This affects an unknown part of the component Java RMI Registry Handler. This manipulation causes deserialization. The attack can only be done within the local network. The attack is conside... Read more
Affected Products :- Published: Sep. 11, 2025
- Modified: Sep. 11, 2025
- Vuln Type: Information Disclosure
-
3.1
LOWCVE-2025-22233
CVE-2024-38820 ensured Locale-independent, lowercase conversion for both the configured disallowedFields patterns and for request parameter names. However, there are still cases where it is possible to bypass the disallowedFields checks. Affected Spring ... Read more
Affected Products : spring_framework- Published: May. 16, 2025
- Modified: May. 19, 2025
- Vuln Type: Authorization
-
3.1
LOWCVE-2023-38158
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability... Read more
Affected Products : edge_chromium- Published: Aug. 21, 2023
- Modified: Feb. 28, 2025
-
3.1
LOWCVE-2024-21174
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19.3-19.23, 21.3-21.14 and 23.4. Difficult to exploit vulnerability allows low privileged attacker having Create Session, Create Procedure privile... Read more
Affected Products : database_server- Published: Jul. 16, 2024
- Modified: Jun. 18, 2025
-
3.1
LOWCVE-2025-26479
Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.0, contains an out-of-bounds write vulnerability. An attacker could potentially exploit this vulnerability in NFS workflows, leading to data integrity issues.... Read more
- Published: Apr. 10, 2025
- Modified: Jul. 15, 2025
- Vuln Type: Memory Corruption
-
3.1
LOWCVE-2025-7703
Authentication vulnerability in the mobile application(tech.palm.id)may lead to the risk of information leakage.... Read more
Affected Products :- Published: Jul. 16, 2025
- Modified: Jul. 17, 2025
- Vuln Type: Authentication
-
3.1
LOWCVE-2025-0625
A vulnerability, which was classified as problematic, was found in CampCodes School Management Software 1.0. This affects an unknown part of the component Attachment Handler. The manipulation leads to improper control of resource identifiers. It is possib... Read more
Affected Products : school_management_software- Published: Jan. 22, 2025
- Modified: Mar. 28, 2025
-
3.1
LOWCVE-2023-4579
Search queries in the default search engine could appear to have been the currently navigated URL if the search query itself was a well formed URL. This could have led to a site spoofing another if it had been maliciously set as the default search engine.... Read more
Affected Products : firefox- Published: Sep. 11, 2023
- Modified: Nov. 21, 2024
-
3.1
LOWCVE-2021-22898
curl 7.7 through 7.76.1 suffers from an information disclosure when the `-t` command line option, known as `CURLOPT_TELNETOPTIONS` in libcurl, is used to send variable=content pairs to TELNET servers. Due to a flaw in the option parser for sending NEW_ENV... Read more
Affected Products : fedora debian_linux curl communications_cloud_native_core_network_slice_selection_function communications_cloud_native_core_network_repository_function sinec_infrastructure_network_services essbase universal_forwarder communications_cloud_native_core_network_function_cloud_native_environment communications_cloud_native_core_binding_support_function +2 more products- Published: Jun. 11, 2021
- Modified: Nov. 21, 2024
-
3.1
LOWCVE-2023-49619
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability in Apache Answer. This issue affects Apache Answer: through 1.2.0. Under normal circumstances, a user can only bookmark a question once, and will o... Read more
Affected Products : answer- Published: Jan. 10, 2024
- Modified: Jun. 11, 2025
-
3.1
LOWCVE-2018-8864
In ATI Systems Emergency Mass Notification Systems (HPSS16, HPSS32, MHPSS, and ALERT4000) devices, a missing encryption of sensitive data vulnerability caused by specially crafted malicious radio transmissions may allow an attacker to remotely trigger fal... Read more
Affected Products : hpss16_firmware hpss32_firmware mhpss_firmware alert4000_firmware hpss16 hpss32 mhpss alert4000- Published: May. 25, 2018
- Modified: Nov. 21, 2024
-
3.1
LOWCVE-2017-10345
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploi... Read more
- Published: Oct. 19, 2017
- Modified: Apr. 20, 2025
-
3.1
LOWCVE-2017-11791
ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Serve... Read more
- Published: Nov. 15, 2017
- Modified: Apr. 20, 2025
-
3.1
LOWCVE-2023-22006
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise ... Read more
- Published: Jul. 18, 2023
- Modified: Nov. 21, 2024
-
3.1
LOW- Published: Jan. 31, 2025
- Modified: Aug. 26, 2025
- Vuln Type: Authorization
-
3.1
LOWCVE-2016-3325
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."... Read more
- Published: Sep. 14, 2016
- Modified: Apr. 12, 2025
-
3.1
LOWCVE-2020-3894
A race condition was addressed with additional validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. An application may be able to read restrict... Read more
- Published: Apr. 01, 2020
- Modified: Nov. 21, 2024
-
3.1
LOWCVE-2017-15352
Huawei OceanStor 2800 V3, V300R003C00, V300R003C20, OceanStor 5300 V3, V300R003C00, V300R003C10, V300R003C20, OceanStor 5500 V3, V300R003C00, V300R003C10, V300R003C20, OceanStor 5600 V3, V300R003C00, V300R003C10, V300R003C20, OceanStor 5800 V3, V300R003C0... Read more
- Published: Feb. 15, 2018
- Modified: Nov. 21, 2024
-
3.1
LOWCVE-2021-24000
A race condition with requestPointerLock() and setTimeout() could have resulted in a user interacting with one tab when they believed they were on a separate tab. In conjunction with certain elements (such as <input type="file">) this could have led... Read more
Affected Products : firefox- Published: Jun. 24, 2021
- Modified: Nov. 21, 2024