Latest CVE Feed
-
2.1
LOWCVE-2010-3074
SSL_Cipher.cpp in EncFS before 1.7.0 uses an improper combination of an AES cipher and a CBC cipher mode for encrypted filesystems, which allows local users to obtain sensitive information via a watermark attack.... Read more
Affected Products : encfs- EPSS Score: %0.07
- Published: Sep. 17, 2010
- Modified: Apr. 11, 2025
-
2.1
LOWCVE-2009-2691
The mm_for_maps function in fs/proc/base.c in the Linux kernel 2.6.30.4 and earlier allows local users to read (1) maps and (2) smaps files under proc/ via vectors related to ELF loading, a setuid process, and a race condition.... Read more
Affected Products : linux_kernel- EPSS Score: %0.06
- Published: Aug. 14, 2009
- Modified: Apr. 09, 2025
-
2.1
LOWCVE-2009-0518
VI Client in VMware VirtualCenter before 2.5 Update 4, VMware ESXi 3.5 before Update 4, and VMware ESX 3.5 before Update 4 retains the VirtualCenter Server password in process memory, which might allow local users to obtain this password.... Read more
- EPSS Score: %0.05
- Published: Apr. 06, 2009
- Modified: Apr. 09, 2025
-
2.1
LOWCVE-2009-3612
The tcf_fill_node function in net/sched/cls_api.c in the netlink subsystem in the Linux kernel 2.6.x before 2.6.32-rc5, and 2.4.37.6 and earlier, does not initialize a certain tcm__pad2 structure member, which might allow local users to obtain sensitive i... Read more
- EPSS Score: %0.07
- Published: Oct. 19, 2009
- Modified: Apr. 09, 2025
-
2.1
LOWCVE-2010-0547
client/mount.cifs.c in mount.cifs in smbfs in Samba 3.4.5 and earlier does not verify that the (1) device name and (2) mountpoint strings are composed of valid characters, which allows local users to cause a denial of service (mtab corruption) via a craft... Read more
Affected Products : samba- EPSS Score: %1.29
- Published: Feb. 04, 2010
- Modified: Apr. 11, 2025
-
2.1
LOWCVE-2004-0136
The mapelf32exec function call in IRIX 6.5.20 through 6.5.24 allows local users to cause a denial of service (system crash) via a "corrupted binary."... Read more
- EPSS Score: %0.07
- Published: Aug. 06, 2004
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2009-3940
Unspecified vulnerability in Guest Additions in Sun xVM VirtualBox 1.6.x and 2.0.x before 2.0.12, 2.1.x, and 2.2.x, and Sun VirtualBox before 3.0.10, allows guest OS users to cause a denial of service (memory consumption) on the guest OS via unknown vecto... Read more
- EPSS Score: %0.06
- Published: Nov. 16, 2009
- Modified: Apr. 09, 2025
-
2.1
LOWCVE-2010-0119
Bournal before 1.4.1 on FreeBSD 8.0, when the -K option is used, places a ccrypt key on the command line, which allows local users to obtain sensitive information by listing the process and its arguments, related to "echoing."... Read more
- EPSS Score: %0.06
- Published: Feb. 25, 2010
- Modified: Apr. 11, 2025
-
2.1
LOWCVE-2010-1451
The TSB I-TLB load implementation in arch/sparc/kernel/tsb.S in the Linux kernel before 2.6.33 on the SPARC platform does not properly obtain the value of a certain _PAGE_EXEC_4U bit and consequently does not properly implement a non-executable stack, whi... Read more
- EPSS Score: %0.10
- Published: May. 07, 2010
- Modified: Apr. 11, 2025
-
2.1
LOWCVE-2004-1237
Unknown vulnerability in the system call filtering code in the audit subsystem for Red Hat Enterprise Linux 3 allows local users to cause a denial of service (system crash) via unknown vectors.... Read more
- EPSS Score: %0.06
- Published: Apr. 14, 2005
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2008-4870
dovecot 1.0.7 in Red Hat Enterprise Linux (RHEL) 5, and possibly Fedora, uses world-readable permissions for dovecot.conf, which allows local users to obtain the ssl_key_password parameter value.... Read more
- EPSS Score: %0.04
- Published: Nov. 01, 2008
- Modified: Apr. 09, 2025
-
2.1
LOWCVE-2004-1022
Kerio Winroute Firewall before 6.0.7, ServerFirewall before 1.0.1, and MailServer before 6.0.5 use symmetric encryption for user passwords, which allows attackers to decrypt the user database and obtain the passwords by extracting the secret key from with... Read more
- EPSS Score: %0.04
- Published: Jan. 10, 2005
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2003-0461
/proc/tty/driver/serial in Linux 2.4.x reveals the exact number of characters used in serial links, which could allow local users to obtain potentially sensitive information such as the length of passwords.... Read more
Affected Products : linux- EPSS Score: %0.09
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2007-1322
QEMU 0.8.2 allows local users to halt a virtual machine by executing the icebp instruction.... Read more
- EPSS Score: %0.11
- Published: May. 02, 2007
- Modified: Apr. 09, 2025
-
2.1
LOWCVE-2009-1756
SLiM Simple Login Manager 1.3.0 places the X authority magic cookie (mcookie) on the command line when invoking xauth from (1) app.cpp and (2) switchuser.cpp, which allows local users to access the X session by listing the process and its arguments.... Read more
Affected Products : slim_simple_login_manager- EPSS Score: %0.07
- Published: May. 22, 2009
- Modified: Apr. 09, 2025
-
2.1
LOWCVE-2011-2493
The ext4_fill_super function in fs/ext4/super.c in the Linux kernel before 2.6.39 does not properly initialize a certain error-report data structure, which allows local users to cause a denial of service (OOPS) by attempting to mount a crafted ext4 filesy... Read more
Affected Products : linux_kernel- EPSS Score: %0.06
- Published: Jun. 13, 2012
- Modified: Apr. 11, 2025
-
2.1
LOWCVE-2011-1162
The tpm_read function in the Linux kernel 2.6 does not properly clear memory, which might allow local users to read the results of the previous TPM command.... Read more
Affected Products : linux_kernel- EPSS Score: %0.12
- Published: Jan. 27, 2012
- Modified: Apr. 11, 2025
-
2.1
LOWCVE-2009-0682
vetmonnt.sys in CA Internet Security Suite r3, vetmonnt.sys before 9.0.0.184 in Internet Security Suite r4, and vetmonnt.sys before 10.0.0.217 in Internet Security Suite r5 do not properly verify IOCTL calls, which allows local users to cause a denial of ... Read more
Affected Products : internet_security_suite- EPSS Score: %0.06
- Published: Aug. 19, 2009
- Modified: Apr. 09, 2025
-
2.1
LOWCVE-2024-9101
A reflected cross-site scripting (XSS) vulnerability in the 'Entry Chooser' of phpLDAPadmin (version 1.2.1 through the latest version, 1.2.6.7) allows attackers to execute arbitrary JavaScript in the user's browser via the 'element' parameter, which is un... Read more
Affected Products :- Published: Dec. 19, 2024
- Modified: Dec. 19, 2024
-
2.1
LOWCVE-2006-1588
The bridge ioctl (if_bridge code) in NetBSD 1.6 through 3.0 does not clear sensitive memory before copying ioctl results to the requesting process, which allows local users to obtain portions of kernel memory.... Read more
Affected Products : netbsd- EPSS Score: %0.08
- Published: Apr. 03, 2006
- Modified: Apr. 03, 2025