Latest CVE Feed
-
3.1
LOWCVE-2017-10345
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploi... Read more
- Published: Oct. 19, 2017
- Modified: Apr. 20, 2025
-
3.1
LOWCVE-2023-22006
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise ... Read more
- Published: Jul. 18, 2023
- Modified: Nov. 21, 2024
-
3.1
LOWCVE-2023-42119
Exim dnsdb Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Exim. Authentication is not required to exploit this vulnerability. Th... Read more
Affected Products : exim- Published: May. 03, 2024
- Modified: Aug. 07, 2025
-
3.1
LOWCVE-2018-8482
An information disclosure vulnerability exists when Windows Media Player improperly discloses file information, aka "Windows Media Player Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server... Read more
- Published: Oct. 10, 2018
- Modified: Nov. 21, 2024
-
3.1
LOWCVE-2018-8481
An information disclosure vulnerability exists when Windows Media Player improperly discloses file information, aka "Windows Media Player Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server... Read more
- Published: Oct. 10, 2018
- Modified: Nov. 21, 2024
-
3.1
LOWCVE-2018-8864
In ATI Systems Emergency Mass Notification Systems (HPSS16, HPSS32, MHPSS, and ALERT4000) devices, a missing encryption of sensitive data vulnerability caused by specially crafted malicious radio transmissions may allow an attacker to remotely trigger fal... Read more
Affected Products : hpss16_firmware hpss32_firmware mhpss_firmware alert4000_firmware hpss16 hpss32 mhpss alert4000- Published: May. 25, 2018
- Modified: Nov. 21, 2024
-
3.1
LOWCVE-2025-6107
A vulnerability was found in comfyanonymous comfyui 0.3.40. It has been classified as problematic. Affected is the function set_attr of the file /comfy/utils.py. The manipulation leads to dynamically-determined object attributes. It is possible to launch ... Read more
Affected Products :- Published: Jun. 16, 2025
- Modified: Jun. 16, 2025
- Vuln Type: Misconfiguration
-
3.1
LOWCVE-2024-20923
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JavaFX). Supported versions that are affected are Oracle Java SE: 8u391; Oracle GraalVM Enterprise Edition: 20.3.12 and 21.3.8. Difficult to exp... Read more
- Published: Feb. 17, 2024
- Modified: Mar. 26, 2025
-
3.1
LOWCVE-2024-21005
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JavaFX). Supported versions that are affected are Oracle Java SE: 8u401; Oracle GraalVM Enterprise Edition: 20.3.13 and 21.3.9. Difficult to exp... Read more
- Published: Apr. 16, 2024
- Modified: Dec. 05, 2024
-
3.1
LOWCVE-2020-23587
A vulnerability found in the OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware Version: OP_V3.3.1-191028 allows an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack to men in the middle attack by adding New Routes... Read more
- Published: Nov. 23, 2022
- Modified: Apr. 25, 2025
-
3.1
LOWCVE-2025-1149
A vulnerability was found in GNU Binutils 2.43. It has been classified as problematic. This affects the function xstrdup of the file libiberty/xmalloc.c of the component ld. The manipulation leads to memory leak. It is possible to initiate the attack remo... Read more
Affected Products : binutils- Published: Feb. 10, 2025
- Modified: Feb. 10, 2025
- Vuln Type: Memory Corruption
-
3.1
LOWCVE-2024-45120
Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could lead to a security feature bypass. An attacker could exploit this vulnerability to alt... Read more
- Published: Oct. 10, 2024
- Modified: Dec. 12, 2024
-
3.1
LOWCVE-2017-3539
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121. Difficult to exploit vulnerability allows unauthenticat... Read more
Affected Products : debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation enterprise_linux_server_aus enterprise_linux_server_eus enterprise_linux_server_tus jdk jre satellite +1 more products- Published: Apr. 24, 2017
- Modified: Apr. 20, 2025
-
3.1
LOWCVE-2016-3325
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."... Read more
- Published: Sep. 14, 2016
- Modified: Apr. 12, 2025
-
3.1
LOWCVE-2025-1151
A vulnerability was found in GNU Binutils 2.43. It has been rated as problematic. This issue affects the function xmemdup of the file xmemdup.c of the component ld. The manipulation leads to memory leak. The attack may be initiated remotely. The complexit... Read more
Affected Products : binutils- Published: Feb. 10, 2025
- Modified: Feb. 10, 2025
- Vuln Type: Memory Corruption
-
3.1
LOWCVE-2020-14796
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthentica... Read more
Affected Products : debian_linux leap active_iq_unified_manager hci_management_node solidfire oncommand_insight oncommand_unified_manager jdk jre e-series_santricity_os_controller +8 more products- Published: Oct. 21, 2020
- Modified: May. 27, 2025
-
3.1
LOWCVE-2024-2032
A race condition vulnerability exists in zenml-io/zenml versions up to and including 0.55.3, which allows for the creation of multiple users with the same username when requests are sent in parallel. This issue was fixed in version 0.55.5. The vulnerabili... Read more
Affected Products : zenml- Published: Jun. 06, 2024
- Modified: Nov. 21, 2024
-
3.1
LOWCVE-2016-7204
Microsoft Edge allows remote attackers to access arbitrary "My Documents" files via a crafted web site, aka "Microsoft Edge Information Disclosure Vulnerability."... Read more
Affected Products : edge- Published: Nov. 10, 2016
- Modified: Apr. 12, 2025
-
3.1
LOWCVE-2016-5166
The download implementation in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux does not properly restrict saving a file:// URL that is referenced by an http:// URL, which makes it easier for user-assisted remote atta... Read more
- Published: Sep. 11, 2016
- Modified: Apr. 12, 2025
-
3.1
LOWCVE-2016-4583
WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to bypass the Same Origin Policy and obtain image date from an unintended web site via a timing attack involving an SVG document.... Read more
- Published: Jul. 22, 2016
- Modified: Apr. 12, 2025