Latest CVE Feed
-
2.1
LOWCVE-2001-0067
The installation of J-Pilot creates the .jpilot directory with the user's umask, which could allow local attackers to read other users' PalmOS backup information if their umasks are not securely set.... Read more
Affected Products : jpilot- EPSS Score: %0.10
- Published: Feb. 12, 2001
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2015-6752
Cross-site scripting (XSS) vulnerability in the Search API Autocomplete module 7.x-1.x before 7.x-1.3 for Drupal, when the search index is configured to use the HTML filter processor, allows remote authenticated users with certain permissions to inject ar... Read more
Affected Products : search_api_autocomplete- EPSS Score: %0.14
- Published: Aug. 31, 2015
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2014-9568
puppetlabs-rabbitmq 3.0 through 4.1 stores the RabbitMQ Erlang cookie value in the facts of a node, which allows local users to obtain sensitive information as demonstrated by using Facter.... Read more
Affected Products : rabbitmq- EPSS Score: %0.13
- Published: Feb. 03, 2015
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2015-6847
The default configuration of EMC VPLEX GeoSynchrony 5.4 SP1 before P3 stores cleartext NAVISPHERE GUI passwords in a log file, which allows local users to obtain sensitive information by reading this file.... Read more
Affected Products : vplex_geosynchrony- EPSS Score: %0.06
- Published: Nov. 18, 2015
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2015-2027
IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3 and 7.1.1 before 7.1.1.1 improperly performs logout actions, which allows remote attackers to bypass intended access restrictions by leveraging an unattended workstation.... Read more
Affected Products : websphere_extreme_scale- EPSS Score: %0.14
- Published: Oct. 04, 2015
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2014-4818
dsmtca in the client in IBM Tivoli Storage Manager (TSM) 5.4.x, 5.5.x, 6.x before 6.4.3, and 7.1.x before 7.1.2 allows local users to discover the backup/restore encryption-key password via unspecified vectors.... Read more
Affected Products : tivoli_storage_manager- EPSS Score: %0.03
- Published: Feb. 24, 2015
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2015-5742
VeeamVixProxy in Veeam Backup & Replication (B&R) before 8.0 update 3 stores local administrator credentials in log files with world-readable permissions, which allows local users to obtain sensitive information by reading the files.... Read more
- EPSS Score: %0.05
- Published: Oct. 16, 2015
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2014-6102
IBM Maximo Asset Management 7.1 through 7.1.1.13 and 7.5.0 before 7.5.0.6 IFIX008, Maximo Asset Management 7.5.0 through 7.5.0.3 and 7.5.1 through 7.5.1.2 for SmartCloud Control Desk, and Maximo Asset Management 7.1 through 7.1.1.13 and 7.2 for Tivoli IT ... Read more
Affected Products : maximo_asset_management maximo_for_life_sciences maximo_for_nuclear_power maximo_for_oil_and_gas maximo_for_transportation maximo_for_utilities smartcloud_control_desk change_and_configuration_management_database maximo_asset_management_essentials maximo_for_government +2 more products- EPSS Score: %0.12
- Published: Feb. 17, 2015
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2014-4974
The ESET Personal Firewall NDIS filter (EpFwNdis.sys) kernel mode driver, aka Personal Firewall module before Build 1212 (20140609), as used in multiple ESET products 5.0 through 7.0, allows local users to obtain sensitive information from kernel memory v... Read more
Affected Products : personal_firewall_ndis_filter- EPSS Score: %0.06
- Published: Nov. 04, 2014
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2015-0519
The InputAccel Database (IADB) installation process in EMC Captiva Capture 7.0 before patch 25 and 7.1 before patch 13 places a cleartext InputAccel (IA) SQL password in a DAL log file, which allows local users to obtain sensitive information by reading a... Read more
Affected Products : captiva_capture- EPSS Score: %0.07
- Published: Feb. 14, 2015
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2014-8536
McAfee Network Data Loss Prevention (NDLP) before 9.2.2 allows local users to obtain sensitive information by reading unspecified error messages.... Read more
Affected Products : network_data_loss_prevention- EPSS Score: %0.06
- Published: Oct. 29, 2014
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2014-9191
The CodeWrights HART Device Type Manager (DTM) library in Emerson HART DTM before 1.4.181 allows physically proximate attackers to cause a denial of service (DTM outage and FDT Frame application hang) by transmitting crafted response packets on the 4-20 m... Read more
Affected Products : hart_device_type_manager- EPSS Score: %0.10
- Published: Jan. 10, 2015
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2017-2752
A potential security vulnerability caused by incomplete obfuscation of application configuration information was discovered in Tommy Hilfiger TH24/7 Android app versions 2.0.0.11, 2.0.1.14, 2.1.0.16, and 2.2.0.19. HP has no access to customer data as a re... Read more
Affected Products : tommy_hilfiger_th24\/7- EPSS Score: %0.11
- Published: Mar. 27, 2019
- Modified: Nov. 21, 2024
-
2.1
LOWCVE-2015-1933
IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.8 IFIX001, and 7.6.0 before 7.6.0.1 IFIX001; Maximo Asset Management 7.5.x before 7.5.0.8 IFIX001 and 7.6.0 before 7.6.0.1 IFIX001 for SmartCloud Control Desk; and Maximo Asset Managemen... Read more
Affected Products : maximo_asset_management maximo_for_life_sciences maximo_for_nuclear_power maximo_for_oil_and_gas maximo_for_transportation maximo_for_utilities smartcloud_control_desk change_and_configuration_management_database maximo_asset_management_essentials maximo_for_government +3 more products- EPSS Score: %0.08
- Published: Oct. 04, 2015
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2015-5513
Cross-site scripting (XSS) vulnerability in the Shibboleth authentication module 6.x-4.x before 6.x-4.2 and 7.x-4.x before 7.x-4.2 for Drupal allows remote authenticated users with the "Administer blocks" permission to inject arbitrary web script or HTML ... Read more
- EPSS Score: %0.21
- Published: Aug. 18, 2015
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2015-6746
Basware Banking (Maksuliikenne) before 8.90.07.X stores private keys in plaintext in the SQL database, which allows remote attackers to spoof communications with banks via unspecified vectors. NOTE: this identifier was SPLIT from CVE-2015-0942 per ADT2 d... Read more
Affected Products : banking- EPSS Score: %0.12
- Published: Aug. 31, 2015
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2015-0988
Omron CX-One CX-Programmer before 9.6 uses a reversible format for password storage in project source-code files, which makes it easier for local users to obtain sensitive information by reading a file.... Read more
Affected Products : cx-programmer- EPSS Score: %0.06
- Published: Oct. 06, 2015
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2014-6123
IBM Rational AppScan Source 8.0 through 8.0.0.2 and 8.5 through 8.5.0.1 and Security AppScan Source 8.6 through 8.6.0.2, 8.7 through 8.7.0.1, 8.8, 9.0 through 9.0.0.1, and 9.0.1 allow local users to obtain sensitive credential information by reading insta... Read more
- EPSS Score: %0.05
- Published: Dec. 29, 2014
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2015-6557
IBM Tivoli Storage Manager for Databases: Data Protection for Microsoft SQL Server 5.5 before 5.5.6.1, 6.3 before 6.3.1.5, 6.4 before 6.4.1.7, and 7.1 before 7.1.2; Tivoli Storage Manager for Mail: Data Protection for Microsoft Exchange Server 5.5 before ... Read more
- EPSS Score: %0.05
- Published: Aug. 23, 2015
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2011-1742
EMC Data Protection Advisor before 5.8.1 places cleartext account credentials in the DPA configuration file in unspecified circumstances, which might allow local users to obtain sensitive information by reading this file.... Read more
Affected Products : data_protection_advisor- EPSS Score: %0.08
- Published: Aug. 01, 2011
- Modified: Apr. 11, 2025