Latest CVE Feed
-
2.1
LOWCVE-2008-4011
Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, and 9.0 allows remote authenticated users to affect integrity via unknown vectors.... Read more
Affected Products : bea_product_suite- EPSS Score: %0.17
- Published: Oct. 14, 2008
- Modified: Apr. 09, 2025
-
2.1
LOWCVE-2010-3094
Multiple cross-site scripting (XSS) vulnerabilities in Drupal 6.x before 6.18 allow remote authenticated users with certain privileges to inject arbitrary web script or HTML via (1) an action description, (2) an action message, (3) a node, or (4) a taxono... Read more
Affected Products : drupal- EPSS Score: %0.21
- Published: Sep. 21, 2010
- Modified: Apr. 11, 2025
-
2.1
LOWCVE-2004-1085
Human Interface Toolbox (HIToolBox) for Apple Mac 0S X 10.3.6 allows local users to exit applications via the force-quit key combination, even when the system is running in kiosk mode.... Read more
- EPSS Score: %0.07
- Published: Dec. 02, 2004
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2004-1340
Debian GNU/Linux 3.0 installs the libpam-radius-auth package with the pam_radius_auth.conf set to be world-readable, which allows local users to obtain sensitive information.... Read more
Affected Products : debian_linux- EPSS Score: %0.06
- Published: Jan. 26, 2005
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2009-1716
CFNetwork in Apple Safari before 4.0 on Windows does not properly protect the temporary files created for downloads, which allows local users to obtain sensitive information by reading these files.... Read more
Affected Products : safari- EPSS Score: %0.10
- Published: Jun. 10, 2009
- Modified: Apr. 09, 2025
-
2.1
LOWCVE-2011-1828
usb-creator-helper in usb-creator before 0.2.28.3 does not enforce intended PolicyKit restrictions, which allows local users to perform arbitrary unmount operations via the UnmountFile method in a dbus-send command.... Read more
Affected Products : usb-creator- EPSS Score: %0.06
- Published: May. 16, 2011
- Modified: Apr. 11, 2025
-
2.1
LOWCVE-2007-0710
The Bonjour functionality in iChat in Apple Mac OS X 10.3.9 allows remote attackers to cause a denial of service (persistent application crash) via unspecified vectors, possibly related to CVE-2007-0614.... Read more
- EPSS Score: %1.18
- Published: Feb. 16, 2007
- Modified: Apr. 09, 2025
-
2.1
LOWCVE-2008-1005
WebCore, as used in Apple Safari before 3.1, does not properly mask the password field when reverse conversion is used with the Kotoeri input method, which allows physically proximate attackers to read the password.... Read more
Affected Products : safari- EPSS Score: %0.09
- Published: Mar. 19, 2008
- Modified: Apr. 09, 2025
-
2.1
LOWCVE-2010-1149
probers/udisks-dm-export.c in udisks before 1.0.1 exports UDISKS_DM_TARGETS_PARAMS information to udev even for a crypt UDISKS_DM_TARGETS_TYPE, which allows local users to discover encryption keys by (1) running a certain udevadm command or (2) reading a ... Read more
Affected Products : udisks- EPSS Score: %0.04
- Published: Apr. 12, 2010
- Modified: Apr. 11, 2025
-
2.1
LOWCVE-2004-1087
Terminal for Apple Mac OS X 10.3.6 may indicate that "Secure Keyboard Entry" is enabled even when it is not, which could result in a false sense of security for the user.... Read more
- EPSS Score: %0.09
- Published: Dec. 02, 2004
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2008-4278
VMware VirtualCenter 2.5 before Update 3 build 119838 on Windows displays a user's password in cleartext when the password contains unspecified special characters, which allows physically proximate attackers to steal the password.... Read more
- EPSS Score: %0.06
- Published: Oct. 06, 2008
- Modified: Apr. 09, 2025
-
2.1
LOWCVE-2010-0854
Unspecified vulnerability in the Audit component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote authenticated users to affect integrity, related to "SELECT, INSERT or DELETE on tables subject to auditing."... Read more
Affected Products : database_server- EPSS Score: %0.28
- Published: Apr. 13, 2010
- Modified: Apr. 11, 2025
-
2.1
LOWCVE-2004-1296
The (1) eqn2graph and (2) pic2graph scripts in groff 1.18.1 allow local users to overwrite arbitrary files via a symlink attack on temporary files.... Read more
Affected Products : groff- EPSS Score: %0.15
- Published: Dec. 31, 2004
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2010-3735
The "Query Compiler, Rewrite, Optimizer" component in IBM DB2 UDB 9.5 before FP6a allows remote authenticated users to cause a denial of service (CPU consumption) via a crafted query involving certain UNION ALL views, leading to an indefinitely large amou... Read more
Affected Products : db2- EPSS Score: %0.41
- Published: Oct. 05, 2010
- Modified: Apr. 11, 2025
-
2.1
LOWCVE-2010-0750
pkexec.c in pkexec in libpolkit in PolicyKit 0.96 allows local users to determine the existence of arbitrary files via the argument.... Read more
Affected Products : policykit- EPSS Score: %0.08
- Published: Apr. 06, 2010
- Modified: Apr. 11, 2025
-
2.1
LOWCVE-2004-0602
The binary compatibility mode for FreeBSD 4.x and 5.x does not properly handle certain Linux system calls, which could allow local users to access kernel memory to gain privileges or cause a system panic.... Read more
Affected Products : freebsd- EPSS Score: %0.06
- Published: Dec. 06, 2004
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2008-0009
The vmsplice_to_user function in fs/splice.c in the Linux kernel 2.6.22 through 2.6.24 does not validate a certain userspace pointer before dereference, which might allow local users to access arbitrary kernel memory locations.... Read more
Affected Products : linux_kernel- EPSS Score: %1.00
- Published: Feb. 12, 2008
- Modified: Apr. 09, 2025
-
2.1
LOWCVE-2004-0462
The built-in web servers for multiple networking devices do not set the Secure attribute for sensitive cookies in HTTPS sessions, which could cause the user agent to send those cookies in plaintext over an HTTP session with the same server.... Read more
Affected Products :- EPSS Score: %0.23
- Published: Dec. 31, 2004
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2004-1108
qpkg in Gentoolkit 0.2.0_pre10 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary directory.... Read more
Affected Products : linux- EPSS Score: %0.07
- Published: Jan. 10, 2005
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2003-0334
BitchX IRC client 1.0c20cvs and earlier allows attackers to cause a denial of service (core dump) via certain channel mode changes that are not properly handled in names.c.... Read more
Affected Products : bitchx- EPSS Score: %0.08
- Published: May. 10, 2003
- Modified: Apr. 03, 2025