Latest CVE Feed
-
2.1
LOWCVE-2004-1000
lintian 1.23 and earlier removes the working directory even if it was not created by lintian, which may allow local users to delete arbitrary files or directories via a symlink attack.... Read more
Affected Products : lintian- EPSS Score: %0.06
- Published: Jan. 10, 2004
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2012-0813
Wicd before 1.7.1 saves sensitive information in log files in /var/log/wicd, which allows context-dependent attackers to obtain passwords and other sensitive information.... Read more
Affected Products : wicd- EPSS Score: %0.07
- Published: Jun. 29, 2012
- Modified: Apr. 11, 2025
-
2.1
LOWCVE-2011-3262
tools/libxc/xc_dom_bzimageloader.c in Xen 3.2, 3.3, 4.0, and 4.1 allows local users to cause a denial of service (management software infinite loop and management domain resource consumption) via unspecified vectors related to "Lack of error checking in t... Read more
Affected Products : xen- EPSS Score: %0.10
- Published: Aug. 19, 2011
- Modified: Apr. 11, 2025
-
2.1
LOWCVE-2005-0904
Remote Desktop in Windows XP SP1 does not verify the "Force shutdown from a remote system" setting, which allows remote attackers to shut down the system by executing TSShutdn.exe.... Read more
Affected Products : windows_xp- EPSS Score: %1.01
- Published: May. 02, 2005
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2011-2527
The change_process_uid function in os-posix.c in Qemu 0.14.0 and earlier does not properly drop group privileges when the -runas option is used, which allows local guest users to access restricted files on the host.... Read more
Affected Products : qemu- EPSS Score: %0.09
- Published: Jun. 21, 2012
- Modified: Apr. 11, 2025
-
2.1
LOWCVE-2004-0824
PPPDialer for Mac OS X 10.2.8 through 10.3.5 allows local users to overwrite system files via a symlink attack on PPPDialer log files.... Read more
Affected Products : mac_os_x- EPSS Score: %0.32
- Published: Dec. 31, 2004
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2005-2231
High Availability Linux Project Heartbeat 1.2.3 allows local users to overwrite arbitrary files via a symlink attack on temporary files.... Read more
Affected Products : heartbeat- EPSS Score: %0.10
- Published: Jul. 12, 2005
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2004-0491
The linux-2.4.21-mlock.patch in Red Hat Enterprise Linux 3 does not properly maintain the mlock page count when one process unlocks pages that belong to another process, which allows local users to mlock more memory than specified by the rlimit.... Read more
Affected Products : enterprise_linux- EPSS Score: %0.09
- Published: Dec. 31, 2004
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2005-2426
FTPshell Server 3.38 allows remote authenticated users to cause a denial of service (application crash) by multiple connections and disconnections without using the QUIT command.... Read more
Affected Products : ftpshell_server- EPSS Score: %1.11
- Published: Aug. 03, 2005
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2005-1725
launchd 106 in Apple Mac OS X 10.4.x up to 10.4.1 allows local users to overwrite arbitrary files via a symlink attack on the socket file in an insecure temporary directory.... Read more
Affected Products : mac_os_x_server- EPSS Score: %0.16
- Published: Jun. 08, 2005
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2010-2403
Unspecified vulnerability in the PeopleSoft Enterprise Campus Solutions component in Oracle PeopleSoft and JDEdwards Suite Campus Solutions 9.0 Bundle #17 allows remote authenticated users to affect confidentiality via unknown vectors.... Read more
Affected Products : peoplesoft_and_jdedwards_suite_campus_solutions- EPSS Score: %0.17
- Published: Jul. 13, 2010
- Modified: Apr. 11, 2025
-
2.1
LOWCVE-2014-5037
Eucalyptus 4.0.0 through 4.0.1, when the log level is set to INFO, logs user and system passwords, which allows local users to obtain sensitive information by reading cloud-requests.log.... Read more
Affected Products : eucalyptus- EPSS Score: %0.06
- Published: Nov. 07, 2014
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2014-2466
Unspecified vulnerability in the Oracle Agile PLM Framework component in Oracle Supply Chain Products Suite 9.3.3 allows remote authenticated users to affect confidentiality via unknown vectors related to Security.... Read more
Affected Products : supply_chain_products_suite- EPSS Score: %0.17
- Published: Apr. 16, 2014
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2014-2381
Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 uses weak encryption, which allows local users to obtain sensitive information by reading a credential file.... Read more
Affected Products : wonderware_information_server- EPSS Score: %0.03
- Published: Aug. 28, 2014
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2015-1005
IniNet embeddedWebServer (aka eWebServer) before 2.02 for Windows CE uses cleartext for password storage, which allows context-dependent attackers to obtain sensitive information via unspecified vectors.... Read more
Affected Products : scada_web_server- EPSS Score: %0.06
- Published: Oct. 25, 2015
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2007-6150
The "internal state tracking" code for the random and urandom devices in FreeBSD 5.5, 6.1 through 6.3, and 7.0 beta 4 allows local users to obtain portions of previously-accessed random values, which could be leveraged to bypass protection mechanisms that... Read more
Affected Products : freebsd- EPSS Score: %0.07
- Published: Nov. 30, 2007
- Modified: Apr. 09, 2025
-
2.1
LOWCVE-2006-3457
Symantec On-Demand Agent (SODA) before 2.5 MR2 Build 2157, and the Virtual Desktop module in Symantec On-Demand Protection (SODP) before 2.6 Build 2233, do not properly encrypt files that are subject to policy-based automatic encryption, which might allow... Read more
- EPSS Score: %0.05
- Published: Aug. 05, 2006
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2013-4498
The Spaces OG submodule in the Spaces module 6.x-3.x before 6.x-3.7 for Drupal does not properly delete organic group group spaces content when using the option to move to a new group, which causes the content to be "orphaned" and allows remote authentica... Read more
- EPSS Score: %0.20
- Published: May. 17, 2014
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2012-5538
Cross-site scripting (XSS) vulnerability in the FileField Sources module 6.x-1.x before 6.x-1.6 and 7.x-1.x before 7.x-1.6 for Drupal, when the field has "Reference existing" source enabled, allows remote authenticated users to inject arbitrary web script... Read more
- EPSS Score: %0.20
- Published: Dec. 03, 2012
- Modified: Apr. 11, 2025
-
2.1
LOWCVE-2006-5482
ufs_vnops.c in FreeBSD 6.1 allows local users to cause an unspecified denial of service by calling the ftruncate function on a file type that is not VREG, VLNK or VDIR, which is not defined in POSIX.... Read more
Affected Products : freebsd- EPSS Score: %0.24
- Published: Oct. 24, 2006
- Modified: Apr. 09, 2025