Latest CVE Feed
-
2.1
LOWCVE-2009-0676
The sock_getsockopt function in net/core/sock.c in the Linux kernel before 2.6.28.6 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel memory via an SO_BSDCOMPAT getsockopt requ... Read more
Affected Products : linux_kernel- EPSS Score: %0.17
- Published: Feb. 22, 2009
- Modified: Apr. 09, 2025
-
2.1
LOWCVE-2010-4346
The install_special_mapping function in mm/mmap.c in the Linux kernel before 2.6.37-rc6 does not make an expected security_file_mmap function call, which allows local users to bypass intended mmap_min_addr restrictions and possibly conduct NULL pointer de... Read more
Affected Products : linux_kernel- EPSS Score: %0.06
- Published: Dec. 22, 2010
- Modified: Apr. 11, 2025
-
2.1
LOWCVE-2015-1127
The private-browsing implementation in WebKit in Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5 places browsing history into an index, which might allow local users to obtain sensitive information by reading index entries.... Read more
Affected Products : safari- EPSS Score: %0.06
- Published: Apr. 10, 2015
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2005-0530
Signedness error in the copy_from_read_buf function in n_tty.c for Linux kernel 2.6.10 and 2.6.11rc1 allows local users to read kernel memory via a negative argument.... Read more
Affected Products : linux_kernel- EPSS Score: %0.07
- Published: May. 02, 2005
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2015-2157
The (1) ssh2_load_userkey and (2) ssh2_save_userkey functions in PuTTY 0.51 through 0.63 do not properly wipe SSH-2 private keys from memory, which allows local users to obtain sensitive information by reading the memory.... Read more
- EPSS Score: %0.27
- Published: Mar. 27, 2015
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2012-2314
The bootloader configuration module (pyanaconda/bootloader.py) in Anaconda uses 755 permissions for /etc/grub.d, which allows local users to obtain password hashes and conduct brute force password guessing attacks.... Read more
Affected Products : anaconda- EPSS Score: %0.08
- Published: Jul. 03, 2012
- Modified: Apr. 11, 2025
-
2.1
LOWCVE-2012-6119
Candlepin before 0.7.24, as used in Red Hat Subscription Asset Manager before 1.2.1, does not properly check manifest signatures, which allows local users to modify manifests.... Read more
- EPSS Score: %0.05
- Published: Apr. 02, 2013
- Modified: Apr. 11, 2025
-
2.1
LOWCVE-2005-3054
fopen_wrappers.c in PHP 4.4.0, and possibly other versions, does not properly restrict access to other directories when the open_basedir directive includes a trailing slash, which allows PHP scripts in one directory to access files in other directories wh... Read more
Affected Products : php- EPSS Score: %0.57
- Published: Sep. 26, 2005
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2008-3894
IBM Lenovo firmware 7CETB5WW 2.05 stores pre-boot authentication passwords in the BIOS Keyboard buffer and does not clear this buffer after use, which allows local users to obtain sensitive information by reading the physical memory locations associated w... Read more
Affected Products : lenovo_7cetb5ww- EPSS Score: %0.06
- Published: Sep. 03, 2008
- Modified: Apr. 09, 2025
-
2.1
LOWCVE-2025-32698
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/logging/LogPager.Php. This issue affects MediaWiki: before 1.39.12, 1.42.6, 1.43.1.... Read more
Affected Products : mediawiki- Published: Apr. 10, 2025
- Modified: Apr. 11, 2025
- Vuln Type: Information Disclosure
-
2.1
LOWCVE-2005-2851
smb4k 0.4 and other versions before 0.6.3 allows local users to read sensitive files via a symlink attack on the (1) smb4k.tmp or (2) sudoers temporary files.... Read more
Affected Products : smb4k- EPSS Score: %0.08
- Published: Sep. 08, 2005
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2005-1041
The fib_seq_start function in fib_hash.c in Linux kernel allows local users to cause a denial of service (system crash) via /proc/net/route.... Read more
Affected Products : linux_kernel- EPSS Score: %0.07
- Published: May. 02, 2005
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2005-1152
popauth.c in qpopper 4.0.5 and earlier does not properly set the umask, which may cause qpopper to create files with group or world-writable permissions.... Read more
- EPSS Score: %0.07
- Published: May. 25, 2005
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2011-1943
The destroy_one_secret function in nm-setting-vpn.c in libnm-util in the NetworkManager package 0.8.999-3.git20110526 in Fedora 15 creates a log entry containing a certificate password, which allows local users to obtain sensitive information by reading a... Read more
- EPSS Score: %0.04
- Published: Jun. 14, 2011
- Modified: Apr. 11, 2025
-
2.1
LOWCVE-2005-2294
Oracle Forms 4.5, 6.0, 6i, and 9i on Unix, when a large number of records are retrieved by an Oracle form, stores a copy of the database tables in a world-readable temporary file, which allows local users to gain sensitive information such as credit card ... Read more
Affected Products : forms- EPSS Score: %0.28
- Published: Jul. 18, 2005
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2005-2292
Oracle JDeveloper 9.0.4, 9.0.5, and 10.1.2 stores cleartext passwords in (1) IDEConnections.xml, (2) XSQLConfig.xml and (3) settings.xml, which allows local users to obtain sensitive information.... Read more
Affected Products : jdeveloper- EPSS Score: %0.33
- Published: Jul. 18, 2005
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2004-1190
SUSE Linux before 9.1 and SUSE Linux Enterprise Server before 9 do not properly check commands sent to CD devices that have been opened read-only, which could allow local users to conduct unauthorized write activities to modify the firmware of associated ... Read more
- EPSS Score: %0.08
- Published: Jan. 10, 2005
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2005-2302
PowerDNS before 2.9.18, when allowing recursion to a restricted range of IP addresses, does not properly handle questions from clients that are denied recursion, which could cause a "blank out" of answers to those clients that are allowed to use recursion... Read more
Affected Products : powerdns- EPSS Score: %0.01
- Published: Jul. 19, 2005
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2009-0675
The skfp_ioctl function in drivers/net/skfp/skfddi.c in the Linux kernel before 2.6.28.6 permits SKFP_CLR_STATS requests only when the CAP_NET_ADMIN capability is absent, instead of when this capability is present, which allows local users to reset the dr... Read more
Affected Products : linux_kernel- EPSS Score: %0.08
- Published: Feb. 22, 2009
- Modified: Apr. 09, 2025
-
2.1
LOWCVE-2007-6249
etc-update in Portage before 2.1.3.11 on Gentoo Linux relies on the umask to set permissions for the merge file, often resulting in permissions weaker than those of the original files, which might allow local users to obtain sensitive information by readi... Read more
- EPSS Score: %0.07
- Published: Dec. 15, 2007
- Modified: Apr. 09, 2025