Latest CVE Feed
-
2.1
LOWCVE-2009-2910
arch/x86/ia32/ia32entry.S in the Linux kernel before 2.6.31.4 on the x86_64 platform does not clear certain kernel registers before a return to user mode, which allows local users to read register values from an earlier process by switching an ia32 proces... Read more
Affected Products : linux_kernel ubuntu_linux fedora enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation enterprise_linux_eus virtualization opensuse linux_enterprise_server +3 more products- EPSS Score: %0.05
- Published: Oct. 20, 2009
- Modified: Apr. 09, 2025
-
2.1
LOWCVE-2015-4813
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 4.0.34, 4.1.42, 4.2.34, 4.3.32, and 5.0.8, when using a Windows guest, allows local users to affect availability via unknown vectors related to Co... Read more
- EPSS Score: %0.06
- Published: Oct. 21, 2015
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2011-0685
The Delete Private Data feature in Opera before 11.01 does not properly implement the "Clear all email account passwords" option, which might allow physically proximate attackers to access an e-mail account via an unattended workstation.... Read more
Affected Products : opera_browser- EPSS Score: %0.07
- Published: Jan. 31, 2011
- Modified: Apr. 11, 2025
-
2.1
LOWCVE-2011-3196
The setup script in Domain Technologie Control (DTC) before 0.34.1 uses world-readable permissions for /etc/apache2/apache2.conf, which allows local users to obtain the dtcdaemons MySQL password by reading the file.... Read more
Affected Products : domain_technologie_control- EPSS Score: %0.05
- Published: Mar. 21, 2014
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2017-2752
A potential security vulnerability caused by incomplete obfuscation of application configuration information was discovered in Tommy Hilfiger TH24/7 Android app versions 2.0.0.11, 2.0.1.14, 2.1.0.16, and 2.2.0.19. HP has no access to customer data as a re... Read more
Affected Products : tommy_hilfiger_th24\/7- EPSS Score: %0.11
- Published: Mar. 27, 2019
- Modified: Nov. 21, 2024
-
2.1
LOWCVE-2015-4077
The (1) mdare64_48.sys, (2) mdare32_48.sys, (3) mdare32_52.sys, and (4) mdare64_52.sys drivers in Fortinet FortiClient before 5.2.4 allow local users to read arbitrary kernel memory via a 0x22608C ioctl call.... Read more
Affected Products : forticlient- EPSS Score: %0.56
- Published: Sep. 03, 2015
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2015-0988
Omron CX-One CX-Programmer before 9.6 uses a reversible format for password storage in project source-code files, which makes it easier for local users to obtain sensitive information by reading a file.... Read more
Affected Products : cx-programmer- EPSS Score: %0.06
- Published: Oct. 06, 2015
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2015-2027
IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3 and 7.1.1 before 7.1.1.1 improperly performs logout actions, which allows remote attackers to bypass intended access restrictions by leveraging an unattended workstation.... Read more
Affected Products : websphere_extreme_scale- EPSS Score: %0.14
- Published: Oct. 04, 2015
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2013-4452
Red Hat JBoss Operations Network 3.1.2 uses world-readable permissions for the (1) server and (2) agent configuration files, which allows local users to obtain authentication credentials and other unspecified sensitive information by reading these files.... Read more
Affected Products : jboss_operations_network- EPSS Score: %0.05
- Published: Dec. 24, 2013
- Modified: Apr. 11, 2025
-
2.1
LOWCVE-2014-8536
McAfee Network Data Loss Prevention (NDLP) before 9.2.2 allows local users to obtain sensitive information by reading unspecified error messages.... Read more
Affected Products : network_data_loss_prevention- EPSS Score: %0.06
- Published: Oct. 29, 2014
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2013-3976
The (1) Data Protection for Exchange component 6.1 before 6.1.3.4 and 6.3 before 6.3.1 in IBM Tivoli Storage Manager for Mail and the (2) FlashCopy Manager for Exchange component 2.2 and 3.1 before 3.1.1 in IBM Tivoli Storage FlashCopy Manager do not prop... Read more
- EPSS Score: %0.18
- Published: Mar. 26, 2014
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2013-7273
GNOME Display Manager (gdm) 3.4.1 and earlier, when disable-user-list is set to true, allows local users to cause a denial of service (unable to login) by pressing the cancel button after entering a user name.... Read more
Affected Products : gnome_display_manager- EPSS Score: %0.07
- Published: Apr. 29, 2014
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2014-4506
Cross-site scripting (XSS) vulnerability in the Custom Meta module 6.x-1.x before 6.x-1.2 and 7.x-1.x before 7.x-1.3 for Drupal allows remote authenticated users with the "administer custom meta settings" permission to inject arbitrary web script or HTML ... Read more
Affected Products : custom_meta- EPSS Score: %0.23
- Published: Jun. 20, 2014
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2013-6181
EMC Watch4Net before 6.3 stores cleartext polled-device passwords in the installation repository, which allows local users to obtain sensitive information by leveraging repository privileges.... Read more
Affected Products : watch4net- EPSS Score: %0.14
- Published: Dec. 28, 2013
- Modified: Apr. 11, 2025
-
2.1
LOWCVE-2012-6646
F-Secure Anti-Virus, Safe Anywhere, and PSB Workstation Security before 11500 for Mac OS X allows local users to disable the Mac OS X firewall via unspecified vectors.... Read more
- EPSS Score: %0.05
- Published: Apr. 18, 2014
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2015-1933
IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.8 IFIX001, and 7.6.0 before 7.6.0.1 IFIX001; Maximo Asset Management 7.5.x before 7.5.0.8 IFIX001 and 7.6.0 before 7.6.0.1 IFIX001 for SmartCloud Control Desk; and Maximo Asset Managemen... Read more
Affected Products : maximo_asset_management maximo_for_life_sciences maximo_for_nuclear_power maximo_for_oil_and_gas maximo_for_transportation maximo_for_utilities smartcloud_control_desk change_and_configuration_management_database maximo_asset_management_essentials maximo_for_government +3 more products- EPSS Score: %0.08
- Published: Oct. 04, 2015
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2014-4757
The Outlook Extension in IBM Content Collector 4.0.0.x before 4.0.0.0-ICC-OE-IF004 allows local users to bypass the intended Reviewer privilege requirement and read e-mail messages from an arbitrary mailbox by invoking the Search function.... Read more
Affected Products : content_collector- EPSS Score: %0.05
- Published: Aug. 12, 2014
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2014-1604
The parser cache functionality in parsergenerator.py in RPLY (aka python-rply) before 0.7.1 allows local users to spoof cache data by pre-creating a temporary rply-*.json file with a predictable name.... Read more
- EPSS Score: %0.07
- Published: Jan. 28, 2014
- Modified: Apr. 11, 2025
-
2.1
LOWCVE-2014-4974
The ESET Personal Firewall NDIS filter (EpFwNdis.sys) kernel mode driver, aka Personal Firewall module before Build 1212 (20140609), as used in multiple ESET products 5.0 through 7.0, allows local users to obtain sensitive information from kernel memory v... Read more
Affected Products : personal_firewall_ndis_filter- EPSS Score: %0.06
- Published: Nov. 04, 2014
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2014-0085
JBoss Fuse did not enable encrypted passwords by default in its usage of Apache Zookeeper. This permitted sensitive information disclosure via logging to local users. Note: this description has been updated; previous text mistakenly identified the source ... Read more
- EPSS Score: %0.14
- Published: Apr. 17, 2014
- Modified: Apr. 12, 2025