Latest CVE Feed
-
2.1
LOWCVE-2001-0438
Preview version of Timbuktu for Mac OS X allows local users to modify System Preferences without logging in via the About Timbuktu menu.... Read more
Affected Products : timbuktu_mac- EPSS Score: %0.09
- Published: Jul. 02, 2001
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2001-0706
Maximum Rumpus FTP Server 2.0.3 dev and before allows an attacker to cause a denial of service (crash) via a mkdir command that specifies a large number of sub-folders.... Read more
Affected Products : rumpus_ftp_server- EPSS Score: %0.88
- Published: Sep. 20, 2001
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2002-0110
Nevrona Designs MiraMail 1.04 and earlier stores authentication information such as POP usernames and passwords in plaintext in a .ini file, which allows an attacker to gain privileges by reading the passwords from the file.... Read more
Affected Products : miramail- EPSS Score: %0.20
- Published: Mar. 25, 2002
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2001-0052
IBM DB2 Universal Database version 6.1 allows users to cause a denial of service via a malformed query.... Read more
Affected Products : db2_universal_database- EPSS Score: %1.57
- Published: Feb. 16, 2001
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2001-1288
Windows 2000 and Windows NT allows local users to cause a denial of service (reboot) by executing a command at the command prompt and pressing the F7 and enter keys several times while the command is executing, possibly related to an exception handling er... Read more
- EPSS Score: %0.43
- Published: Jul. 27, 2001
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2022-32967
RTL8111EP-CG/RTL8111FP-CG DASH function has hard-coded password. An unauthenticated physical attacker can use the hard-coded default password during system reboot triggered by other user, to acquire partial system information such as serial number and ser... Read more
- EPSS Score: %0.06
- Published: Nov. 29, 2022
- Modified: Nov. 21, 2024
-
2.1
LOWCVE-2008-4807
IBM Lotus Connections 2.x before 2.0.1 stores the password for the administrative user in the trace.log file, which allows local users to obtain sensitive information by reading this file. NOTE: the provenance of this information is unknown; the details ... Read more
Affected Products : lotus_connections- EPSS Score: %0.06
- Published: Oct. 31, 2008
- Modified: Apr. 09, 2025
-
2.1
LOWCVE-2013-0324
Cross-site scripting (XSS) vulnerability in the Rendered links formatter in the Menu Reference module 7.x-1.x before 7.x-1.0 for Drupal allows remote authenticated users with the "Administer menus and menu items" permission to inject arbitrary web script ... Read more
- EPSS Score: %0.20
- Published: Mar. 27, 2013
- Modified: Apr. 11, 2025
-
2.1
LOWCVE-2011-3982
The Fibre Channel driver for QLogic adapters in IBM AIX 6.1 and 7.1 does not properly handle DMA resource limitations, which allows local users to cause a denial of service (system hang) via vectors that generate a large amount of DMA I/O, related to a de... Read more
Affected Products : aix- EPSS Score: %0.07
- Published: Oct. 05, 2011
- Modified: Apr. 11, 2025
-
2.1
LOWCVE-2013-0260
Unspecified vulnerability in the Drush Debian Packaging module for Drupal allows local users to obtain database credentials via unknown vectors.... Read more
- EPSS Score: %0.06
- Published: Mar. 27, 2013
- Modified: Apr. 11, 2025
-
2.1
LOWCVE-2005-1578
EnCase Forensic Edition 4.18a does not support Device Configuration Overlays (DCO), which allows attackers to hide information without detection.... Read more
Affected Products : encase- EPSS Score: %0.07
- Published: May. 13, 2005
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2010-0384
Tor 0.2.2.x before 0.2.2.7-alpha, when functioning as a directory mirror, does not prevent logging of the client IP address upon detection of erroneous client behavior, which might make it easier for local users to discover the identities of clients in op... Read more
- EPSS Score: %0.06
- Published: Jan. 25, 2010
- Modified: Apr. 11, 2025
-
2.1
LOWCVE-2013-4140
Cross-site scripting (XSS) vulnerability in the TinyBox (Simple Splash) module before 7.x-2.2 for Drupal allows remote authenticated users with the "administer tinybox" permission to inject arbitrary web script or HTML via unspecified vectors.... Read more
- EPSS Score: %0.35
- Published: Jul. 29, 2013
- Modified: Apr. 11, 2025
-
2.1
LOWCVE-2011-4142
The Web Search feature in EMC SourceOne Email Management 6.5 before 6.5.2.4033, 6.6 before 6.6.1.2194, and 6.7 before 6.7.2.2033 places cleartext credentials in log files, which allows local users to obtain sensitive information by reading these files.... Read more
Affected Products : sourceone_email_management- EPSS Score: %0.06
- Published: Jan. 19, 2012
- Modified: Apr. 11, 2025
-
2.1
LOWCVE-2008-4540
Windows Mobile 6 on the HTC Hermes device makes WLAN passwords available to an auto-completion mechanism for the password input field, which allows physically proximate attackers to bypass password authentication and obtain WLAN access.... Read more
- EPSS Score: %2.33
- Published: Oct. 13, 2008
- Modified: Apr. 09, 2025
-
2.1
LOWCVE-2008-5417
HP DECnet-Plus 8.3 before ECO03 for OpenVMS on the Alpha platform uses world-writable permissions for the OSIT$NAMES logical name table, which allows local users to bypass intended access restrictions and modify this table via the (1) SYS$CRELNM and (2) S... Read more
- EPSS Score: %0.08
- Published: Dec. 10, 2008
- Modified: Apr. 09, 2025
-
2.1
LOWCVE-2014-3851
usr/lib/cgi-bin/create_passwd_file.py in Pyplate 0.08 uses world-readable permissions for passwd.db, which allows local users to obtain the administrator password by reading this file.... Read more
Affected Products : pyplate- EPSS Score: %0.04
- Published: Aug. 07, 2014
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2014-5456
Cross-site scripting (XSS) vulnerability in the Social Stats module before 7.x-1.5 for Drupal allows remote authenticated users with the "[Content Type]: Create new content" permission to inject arbitrary web script or HTML via vectors related to the conf... Read more
Affected Products : social_stats- EPSS Score: %0.20
- Published: Aug. 25, 2014
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2014-4757
The Outlook Extension in IBM Content Collector 4.0.0.x before 4.0.0.0-ICC-OE-IF004 allows local users to bypass the intended Reviewer privilege requirement and read e-mail messages from an arbitrary mailbox by invoking the Search function.... Read more
Affected Products : content_collector- EPSS Score: %0.05
- Published: Aug. 12, 2014
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2013-1650
Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 uses weak permissions (group "other" readable) under opt/open-xchange/etc/, which allows local users to obtain sensitive information via standard filesystem operations.... Read more
Affected Products : open-xchange_server- EPSS Score: %0.20
- Published: Sep. 05, 2013
- Modified: Apr. 11, 2025