Latest CVE Feed
-
2.1
LOWCVE-2005-4690
Six Apart Movable Type 3.16 allows local users with blog-creation privileges to create or overwrite arbitrary files of certain types (such as HTML and image files) by selecting an arbitrary directory as a blog's top-level directory. NOTE: this issue can ... Read more
Affected Products : movable_type- EPSS Score: %0.08
- Published: Dec. 31, 2005
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2002-1737
Astaro Security Linux 2.016 creates world-writable files and directories, which allows local users to overwrite arbitrary files.... Read more
Affected Products : security_linux- EPSS Score: %0.08
- Published: Dec. 31, 2002
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2004-0471
BEA WebLogic Server and WebLogic Express 7.0 through SP5 and 8.1 through SP2 does not enforce site restrictions for starting and stopping servers for users in the Admin and Operator security roles, which allows unauthorized users to cause a denial of serv... Read more
Affected Products : weblogic_server- EPSS Score: %0.06
- Published: Jul. 07, 2004
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2002-1668
HP-UX 11.11 and earlier allows local users to cause a denial of service (kernel deadlock), due to a "file system weakness" that is possibly via an mmap() system call and performing an I/O operation using data from the mapped buffer on the file descriptor ... Read more
- EPSS Score: %0.09
- Published: Dec. 31, 2002
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2001-1270
Directory traversal vulnerability in the console version of PKZip (pkzipc) 4.00 and earlier allows attackers to overwrite arbitrary files during archive extraction with the -rec (recursive) option via a .. (dot dot) attack on the archived files.... Read more
Affected Products : pkzip- EPSS Score: %0.14
- Published: Jul. 12, 2001
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2004-0481
The logging feature in kcms_configure in the KCMS package on Solaris 8 and 9, and possibly other versions, allows local users to corrupt arbitrary files via a symlink attack on the KCS_ClogFile file.... Read more
- EPSS Score: %0.05
- Published: Feb. 23, 2005
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2002-1610
Unknown vulnerability in ping in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to cause a denial of service.... Read more
- EPSS Score: %0.13
- Published: Aug. 30, 2002
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-1999-1297
cmdtool in OpenWindows 3.0 and XView 3.0 in SunOS 4.1.4 and earlier allows attackers with physical access to the system to display unechoed characters (such as those from password prompts) via the L2/AGAIN key.... Read more
Affected Products : sunos- EPSS Score: %0.13
- Published: Jul. 15, 1998
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2002-1109
securetar, as used in AMaViS shell script 0.2.1 and earlier, allows users to cause a denial of service (CPU consumption) via a malformed TAR file, possibly via an incorrect file size parameter.... Read more
Affected Products : virus_scanner- EPSS Score: %0.07
- Published: Oct. 04, 2002
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2007-1194
Norman SandBox Analyzer does not use the proper range for Interrupt Descriptor Table (IDT) entries, which allows local users to determine that the local machine is an emulator, or a similar environment not based on a physical Intel processor, which allows... Read more
Affected Products : norman_sandbox_analyzer- EPSS Score: %0.07
- Published: Mar. 02, 2007
- Modified: Apr. 09, 2025
-
2.1
LOWCVE-2004-1204
FluxBox 0.9.10 and earlier versions allows local users to cause a denial of service (application crash) by calling Xman with a long -title value, possibly triggering a buffer overflow.... Read more
Affected Products : fluxbot- EPSS Score: %0.06
- Published: Jan. 10, 2005
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-1999-1402
The access permissions for a UNIX domain socket are ignored in Solaris 2.x and SunOS 4.x, and other BSD-based operating systems before 4.4, which could allow local users to connect to the socket and possibly disrupt or control the operations of the progra... Read more
- EPSS Score: %0.27
- Published: May. 17, 1997
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2005-0521
SendLink 1.5 stores sensitive information, possibly including passwords, in plaintext in the data.eat file, which allows local users to gain privileges.... Read more
Affected Products : sendlink- EPSS Score: %0.18
- Published: Feb. 23, 2005
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2013-6216
Unspecified vulnerability in HP Array Configuration Utility, Array Diagnostics Utility, ProLiant Array Diagnostics, and SmartSSD Wear Gauge Utility 9.40 and earlier allows local users to gain privileges via unknown vectors.... Read more
- EPSS Score: %0.12
- Published: Apr. 12, 2014
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2014-4768
IBM Unified Extensible Firmware Interface (UEFI) on Flex System x880 X6, System x3850 X6, and System x3950 X6 devices allows remote authenticated users to cause an unspecified temporary denial of service by using privileged access to enable a legacy boot ... Read more
- EPSS Score: %0.36
- Published: Jun. 28, 2015
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2003-1295
Unspecified vulnerability in xscreensaver 4.12, and possibly other versions, allows attackers to cause xscreensaver to crash via unspecified vectors "while verifying the user-password."... Read more
- EPSS Score: %0.06
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2014-5038
Eucalyptus 3.0.0 through 4.0.1, when the log level is set to DEBUG or lower, logs user and system passwords, which allows local users to obtain sensitive information by reading the cloud log files.... Read more
Affected Products : eucalyptus- EPSS Score: %0.06
- Published: Nov. 07, 2014
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2003-1246
NtCreateSymbolicLinkObject in ntdll.dll in Integrity Protection Driver (IPD) 1.2 and 1.3 allows local users to create and overwrite arbitrary files via a symlink attack on \winnt\system32\drivers using the subst command.... Read more
Affected Products : integrity_protection_driver- EPSS Score: %0.06
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2005-3268
yiff server (yiff-server) 2.14.2 on Debian GNU/Linux runs as root and does not properly verify ownership of files that it opens, which allows local users to read arbitrary files.... Read more
Affected Products : yiff_server- EPSS Score: %0.06
- Published: Oct. 20, 2005
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2005-0346
SafeNet SoftRemote VPN Client stores the VPN password (pre-shared key) in cleartext in memory of the IreIKE.exe process, which allows local users to gain sensitive information if they have access to that process.... Read more
Affected Products : softremote_vpn_client- EPSS Score: %0.07
- Published: May. 02, 2005
- Modified: Apr. 03, 2025