Latest CVE Feed
-
2.1
LOWCVE-2010-1536
Cross-site scripting (XSS) vulnerability in the AddThis Button module 5.x before 5.x-2.2 and 6.x before 6.x-2.9 for Drupal allows remote authenticated users, with administer addthis privileges, to inject arbitrary web script or HTML via unspecified vector... Read more
- EPSS Score: %0.23
- Published: Apr. 26, 2010
- Modified: Apr. 11, 2025
-
2.1
LOWCVE-1999-0862
Insecure directory permissions in RPM distribution for PostgreSQL allows local users to gain privileges by reading a plaintext password file.... Read more
Affected Products : postgresql- EPSS Score: %0.09
- Published: Dec. 02, 1999
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2011-4922
cipher.c in the Cipher API in libpurple in Pidgin before 2.7.10 retains encryption-key data in process memory, which might allow local users to obtain sensitive information by reading a core file or other representation of memory contents.... Read more
Affected Products : pidgin- EPSS Score: %0.11
- Published: Aug. 08, 2012
- Modified: Apr. 11, 2025
-
2.1
LOWCVE-2005-0719
Unknown vulnerability in the systems message queue in HP Tru64 Unix 4.0F PK8 through 5.1B-2/PK4 allows local users to cause a denial of service (process crash) for processes such as nfsstat, pfstat, arp, ogated, rarpd, route, sendmail, srconfig, strsetup,... Read more
Affected Products : tru64- EPSS Score: %0.09
- Published: Mar. 09, 2005
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2005-0757
The xattr file system code, as backported in Red Hat Enterprise Linux 3 on 64-bit systems, does not properly handle certain offsets, which allows local users to cause a denial of service (system crash) via certain actions on an ext3 file system with exten... Read more
- EPSS Score: %0.06
- Published: May. 18, 2005
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2012-6583
Cross-site scripting (XSS) vulnerability in the Imagemenu module 6.x-1.x before 6.x-1.4 for Drupal allows remote authenticated users with the "administer imagemenu" permission to inject arbitrary web script or HTML via an image file name.... Read more
- EPSS Score: %0.34
- Published: Aug. 23, 2013
- Modified: Apr. 11, 2025
-
2.1
LOWCVE-2014-8518
The (1) Removable Media and (2) CD and DVD encryption offsite access options (formerly Endpoint Encryption for Removable Media or EERM) in McAfee File and Removable Media Protection (FRP) 4.3.0.x, and Endpoint Encryption for Files and Folders (EEFF) 3.2.x... Read more
- EPSS Score: %0.03
- Published: Oct. 29, 2014
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2012-1654
Multiple cross-site scripting (XSS) vulnerabilities in the Data module 6.x-1.x before 6.x-1.0 and 7.x-1.x before 7.x-1.0-alpha3 for Drupal allow remote authenticated users with the administer data tables permission to inject arbitrary web script or HTML v... Read more
- EPSS Score: %0.39
- Published: Sep. 18, 2012
- Modified: Apr. 11, 2025
-
2.1
LOWCVE-2012-0097
Unspecified vulnerability in Oracle Solaris 11 Express allows local users to affect confidentiality via unknown vectors related to ksh93 Shell.... Read more
- EPSS Score: %0.06
- Published: Jan. 18, 2012
- Modified: Apr. 11, 2025
-
2.1
LOWCVE-2014-8529
McAfee Network Data Loss Prevention (NDLP) before 9.3 stores the SSH key in cleartext, which allows local users to obtain sensitive information via unspecified vectors.... Read more
Affected Products : network_data_loss_prevention- EPSS Score: %0.13
- Published: Oct. 29, 2014
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2025-32698
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/logging/LogPager.Php. This issue affects MediaWiki: before 1.39.12, 1.42.6, 1.43.1.... Read more
Affected Products : mediawiki- Published: Apr. 10, 2025
- Modified: Apr. 11, 2025
- Vuln Type: Information Disclosure
-
2.1
LOWCVE-2008-3894
IBM Lenovo firmware 7CETB5WW 2.05 stores pre-boot authentication passwords in the BIOS Keyboard buffer and does not clear this buffer after use, which allows local users to obtain sensitive information by reading the physical memory locations associated w... Read more
Affected Products : lenovo_7cetb5ww- EPSS Score: %0.06
- Published: Sep. 03, 2008
- Modified: Apr. 09, 2025
-
2.1
LOWCVE-2012-1717
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows local users to affect confidentiality via unknown vectors... Read more
Affected Products : linux_kernel enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation enterprise_linux_server_aus enterprise_linux_eus jdk jre sunos linux_enterprise_server +9 more products- EPSS Score: %0.16
- Published: Jun. 16, 2012
- Modified: Apr. 11, 2025
-
2.1
LOWCVE-2025-46729
julmud/phpDVDProfiler is an adoption of the defunct phpDVDProfiler project, which allows users to display on the web their DVD collections maintained with Invelos's DVDProfiler software. Starting in v_20230807 and prior to v_20250511, cross-site scripting... Read more
Affected Products :- Published: May. 12, 2025
- Modified: May. 12, 2025
- Vuln Type: Cross-Site Scripting
-
2.1
LOWCVE-2024-12706
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in OpenText™ Digital Asset Management. T he vulnerability could allow an authenticated user to run arbitrary SQL commands on the underlying database. Thi... Read more
Affected Products :- Published: Apr. 28, 2025
- Modified: Apr. 29, 2025
- Vuln Type: Injection
-
2.1
LOWCVE-2014-6123
IBM Rational AppScan Source 8.0 through 8.0.0.2 and 8.5 through 8.5.0.1 and Security AppScan Source 8.6 through 8.6.0.2, 8.7 through 8.7.0.1, 8.8, 9.0 through 9.0.0.1, and 9.0.1 allow local users to obtain sensitive credential information by reading insta... Read more
- EPSS Score: %0.05
- Published: Dec. 29, 2014
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2015-0999
Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 store cleartext OPC User credentials in a configuration file, which allows local users to obtain sensitive information by reading... Read more
- EPSS Score: %0.06
- Published: Mar. 29, 2015
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2014-6102
IBM Maximo Asset Management 7.1 through 7.1.1.13 and 7.5.0 before 7.5.0.6 IFIX008, Maximo Asset Management 7.5.0 through 7.5.0.3 and 7.5.1 through 7.5.1.2 for SmartCloud Control Desk, and Maximo Asset Management 7.1 through 7.1.1.13 and 7.2 for Tivoli IT ... Read more
Affected Products : maximo_asset_management maximo_for_life_sciences maximo_for_nuclear_power maximo_for_oil_and_gas maximo_for_transportation maximo_for_utilities smartcloud_control_desk change_and_configuration_management_database maximo_asset_management_essentials maximo_for_government +2 more products- EPSS Score: %0.12
- Published: Feb. 17, 2015
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2015-2111
Unspecified vulnerability in HP Intelligent Provisioning 1.40 through 1.60 on Windows Server 2008 R2 and 2012 allows local users to obtain sensitive information via unknown vectors.... Read more
- EPSS Score: %0.14
- Published: Apr. 04, 2015
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2015-0170
IBM Security SiteProtector System 3.0 before 3.0.0.7, 3.1 before 3.1.0.4, and 3.1.1 before 3.1.1.2 allows local users to obtain sensitive information by reading cached data.... Read more
Affected Products : security_siteprotector_system- EPSS Score: %0.05
- Published: May. 25, 2015
- Modified: Apr. 12, 2025