Latest CVE Feed
-
2.8
LOWCVE-2024-3480
An Implicit intent vulnerability was reported in the Motorola framework that could allow an attacker to read telephony-related data.... Read more
Affected Products :- Published: May. 03, 2024
- Modified: Nov. 21, 2024
-
2.8
LOWCVE-2024-53921
An issue was discovered in the installer in Samsung Magician 8.1.0 on Windows. An attacker can create arbitrary folders in the system permission directory via a symbolic link during the installation process.... Read more
- Published: Dec. 03, 2024
- Modified: Jun. 03, 2025
-
2.8
LOWCVE-2016-4511
ABB PCM600 before 2.7 uses an improper hash algorithm for the main application password, which makes it easier for local users to obtain sensitive cleartext information by leveraging read access to the ACTConfig configuration file.... Read more
Affected Products : pcm600- Published: Jun. 10, 2016
- Modified: Apr. 12, 2025
-
2.8
LOWCVE-2023-31028
NVIDIA nvJPEG2000 Library for Windows and Linux contains a vulnerability where improper input validation might enable an attacker to use a specially crafted input file. A successful exploit of this vulnerability might lead to a partial denial of service.... Read more
Affected Products :- Published: Apr. 05, 2024
- Modified: Nov. 21, 2024
-
2.8
LOWCVE-2025-48930
The TeleMessage service through 2025-05-05 stores certain cleartext information in memory, even though memory content may be accessible to an adversary through various avenues.... Read more
Affected Products : telemessage- Published: May. 28, 2025
- Modified: Jul. 01, 2025
- Vuln Type: Information Disclosure
-
2.8
LOWCVE-2018-3084
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Shell: Core / Client). Supported versions that are affected are 8.0.11 and prior. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure w... Read more
Affected Products : mysql oncommand_insight oncommand_workflow_automation snapcenter storage_automation_store mysql_server- Published: Jul. 18, 2018
- Modified: Nov. 21, 2024
-
2.8
LOWCVE-2025-54314
Thor before 1.4.0 can construct an unsafe shell command from library input. NOTE: this is disputed by the Supplier because "the method that was fixed can only be used with arguments that are controlled by Thor, and there is no way an attacker can take con... Read more
Affected Products :- Published: Jul. 20, 2025
- Modified: Aug. 10, 2025
- Vuln Type: Injection
-
2.8
LOWCVE-2024-22384
Out-of-bounds read for some Intel(R) Trace Analyzer and Collector software before version 2022.0.0 published Nov 2023 may allow an authenticated user to potentially enable information disclosure via local access.... Read more
Affected Products : trace_analyzer_and_collector- Published: May. 16, 2024
- Modified: Nov. 21, 2024
-
2.8
LOWCVE-2020-14740
Vulnerability in the SQL Developer Install component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1 and 18c. Easily exploitable vulnerability allows low privileged attacker having Client Computer User Acco... Read more
Affected Products : sql_developer- Published: Oct. 21, 2020
- Modified: Nov. 21, 2024
-
2.8
LOWCVE-2023-41817
An improper export vulnerability was reported in the Motorola Phone Calls application that could allow a local attacker to read unauthorized information.... Read more
Affected Products :- Published: May. 03, 2024
- Modified: Nov. 21, 2024
-
2.8
LOWCVE-2023-41824
An implicit intent vulnerability was reported in the Motorola Phone Calls application that could allow a local attacker to read the calling phone number and calling data. ... Read more
Affected Products :- Published: May. 03, 2024
- Modified: Nov. 21, 2024
-
2.8
LOWCVE-2024-0080
NVIDIA nvTIFF Library for Windows and Linux contains a vulnerability where improper input validation might enable an attacker to use a specially crafted input file. A successful exploit of this vulnerability might lead to a partial denial of service. ... Read more
Affected Products :- Published: Apr. 05, 2024
- Modified: Nov. 21, 2024
-
2.8
LOWCVE-2015-2566
Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via vectors related to DML.... Read more
- Published: Apr. 16, 2015
- Modified: Apr. 12, 2025
-
2.8
LOWCVE-2014-2432
Unspecified vulnerability Oracle the MySQL Server component 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Federated.... Read more
- Published: Apr. 16, 2014
- Modified: Apr. 12, 2025
-
2.8
LOWCVE-2012-1743
Unspecified vulnerability in the Oracle Clinical Remote Data Capture Option component in Oracle Industry Applications 4.6.0.x, 4.6.2, and 4.6.3 allows remote authenticated users to affect confidentiality, related to HTML Surround.... Read more
Affected Products : industry_applications- Published: Jul. 17, 2012
- Modified: Apr. 11, 2025
-
2.8
LOWCVE-2016-3272
The kernel in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 mishandles page-fault system calls, which allows local users to obtain sensitive information from an arbitrary process via a crafted applica... Read more
- Published: Jul. 13, 2016
- Modified: Apr. 12, 2025
-
2.8
LOWCVE-2013-6398
The virtual router in Apache CloudStack before 4.2.1 does not preserve the source restrictions in firewall rules after being restarted, which allows remote attackers to bypass intended restrictions via a request.... Read more
Affected Products : cloudstack- Published: Jan. 15, 2014
- Modified: Apr. 11, 2025
-
2.8
LOWCVE-2016-5480
Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect integrity via vectors related to Bash.... Read more
Affected Products : solaris- Published: Oct. 25, 2016
- Modified: Apr. 12, 2025
-
2.8
LOWCVE-2024-3479
An improper export vulnerability was reported in the Motorola Enterprise MotoDpms Provider (com.motorola.server.enterprise.MotoDpmsProvider) that could allow a local attacker to read local data.... Read more
Affected Products :- Published: May. 03, 2024
- Modified: Nov. 21, 2024
-
2.8
LOWCVE-2025-54781
Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. When debugging is enabled for Himmelblau in version 1.0.0, the himmelblaud_tasks service leaks an Intune service access token to the system journal. This short-lived token ca... Read more
Affected Products :- Published: Aug. 02, 2025
- Modified: Aug. 04, 2025
- Vuln Type: Information Disclosure