Latest CVE Feed
-
2.1
LOWCVE-2004-2136
dm-crypt on Linux kernel 2.6.x, when used on certain file systems with a block size 1024 or greater, has certain "IV computation" weaknesses that allow watermarked files to be detected without decryption.... Read more
Affected Products : linux_kernel- EPSS Score: %0.07
- Published: Feb. 19, 2004
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2010-1958
Cross-site scripting (XSS) vulnerability in the FileField module 5.x before 5.x-2.5 and 6.x before 6.x-3.4 for Drupal allows remote authenticated users, with create or edit permissions and 'Path to File' or 'URL to File' display enabled, to inject arbitra... Read more
- EPSS Score: %0.25
- Published: Jun. 21, 2010
- Modified: Apr. 11, 2025
-
2.1
LOWCVE-2007-6744
Flexera Macrovision InstallShield before 2008 sends a digital-signature password to an unintended application during certain signature operations involving .spc and .pvk files, which might allow local users to obtain sensitive information via unspecified ... Read more
Affected Products : installshield- EPSS Score: %0.06
- Published: Jan. 19, 2012
- Modified: Apr. 11, 2025
-
2.1
LOWCVE-2012-6583
Cross-site scripting (XSS) vulnerability in the Imagemenu module 6.x-1.x before 6.x-1.4 for Drupal allows remote authenticated users with the "administer imagemenu" permission to inject arbitrary web script or HTML via an image file name.... Read more
- EPSS Score: %0.34
- Published: Aug. 23, 2013
- Modified: Apr. 11, 2025
-
2.1
LOWCVE-2007-3379
Unspecified vulnerability in the kernel in Red Hat Enterprise Linux (RHEL) 4 on the x86_64 platform allows local users to cause a denial of service (OOPS) via unspecified vectors related to the get_gate_vma function and the fuser command.... Read more
- EPSS Score: %0.06
- Published: Sep. 17, 2007
- Modified: Apr. 09, 2025
-
2.1
LOWCVE-2007-5790
The Globe7 soft phone client 7.3 uses weak cryptography (reversed sequence of binary values) for the password, which might allow local users to obtain sensitive information.... Read more
Affected Products : globe7- EPSS Score: %0.07
- Published: Nov. 01, 2007
- Modified: Apr. 09, 2025
-
2.1
LOWCVE-2013-1956
The create_user_ns function in kernel/user_namespace.c in the Linux kernel before 3.8.6 does not check whether a chroot directory exists that differs from the namespace root directory, which allows local users to bypass intended filesystem restrictions vi... Read more
Affected Products : linux_kernel- EPSS Score: %0.03
- Published: Apr. 24, 2013
- Modified: Apr. 11, 2025
-
2.1
LOWCVE-2009-2031
smbfs in Sun OpenSolaris snv_84 through snv_110, when default mount permissions are used, allows local users to read arbitrary files, and list arbitrary directories, on CIFS volumes.... Read more
Affected Products : opensolaris- EPSS Score: %0.05
- Published: Jun. 11, 2009
- Modified: Apr. 09, 2025
-
2.1
LOWCVE-2012-2075
Cross-site scripting (XSS) vulnerability in the Contact Save module 6.x-1.x before 6.x-1.5 for Drupal allows remote authenticated users with the access site-wide contact form permission to inject arbitrary web script or HTML via unspecified vectors.... Read more
- EPSS Score: %0.34
- Published: Aug. 14, 2012
- Modified: Apr. 11, 2025
-
2.1
LOWCVE-2005-2991
ncompress 4.2.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files using (1) zdiff or (2) zcmp, a different vulnerability than CVE-2004-0970.... Read more
Affected Products : ncompress- EPSS Score: %0.09
- Published: Sep. 20, 2005
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2014-3426
NCSA Mosaic 2.1 through 2.7b5 allows local users to cause a denial of service ("remote control" outage) by creating a /tmp/Mosaic.pid file for every possible PID.... Read more
Affected Products : ncsa_mosaic- EPSS Score: %0.05
- Published: May. 08, 2014
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2006-4537
NET$SESSION_CONTROL.EXE in DECnet-Plus in OpenVMS ALPHA 7.3-2 and Alpha 8.2 writes a password to an audit log file when there is a successful connection after a "network breakin" event, which allows local users to obtain passwords by reading the file.... Read more
Affected Products : dec_openvms_alpha- EPSS Score: %0.07
- Published: Sep. 05, 2006
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2005-4175
Insyde BIOS V190 does not clear the keyboard buffer after reading the BIOS password during system startup, which allows local administrators or users to read the password directly from physical memory.... Read more
Affected Products : insyde_bios- EPSS Score: %0.13
- Published: Dec. 11, 2005
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2013-5440
IBM InfoSphere Information Server 8.0, 8.1, 8.5, 8.7, and 9.1 allows local users to obtain sensitive information in opportunistic circumstances by leveraging the presence of file content after a failed installation.... Read more
Affected Products : infosphere_information_server- EPSS Score: %0.05
- Published: Dec. 18, 2013
- Modified: Apr. 11, 2025
-
2.1
LOWCVE-2007-1448
The Tape Engine in CA (formerly Computer Associates) BrightStor ARCserve Backup 11.5 and earlier allows remote attackers to cause a denial of service (disabled interface) by calling an unspecified RPC function.... Read more
- EPSS Score: %1.35
- Published: Mar. 16, 2007
- Modified: Apr. 09, 2025
-
2.1
LOWCVE-2000-0679
The CVS 1.10.8 client trusts pathnames that are provided by the CVS server, which allows the server to force the client to create arbitrary files.... Read more
Affected Products : cvs- EPSS Score: %0.38
- Published: Oct. 20, 2000
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2001-0071
gpg (aka GnuPG) 1.0.4 and other versions does not properly verify detached signatures, which allows attackers to modify the contents of a file without detection.... Read more
Affected Products : privacy_guard- EPSS Score: %0.14
- Published: Feb. 12, 2001
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2000-0866
Interbase 6 SuperServer for Linux allows an attacker to cause a denial of service via a query containing 0 bytes.... Read more
Affected Products : interbase_superserver- EPSS Score: %0.07
- Published: Nov. 14, 2000
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2004-0207
"Shatter" style vulnerability in the Window Management application programming interface (API) for Microsoft Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to gain privileges by using certain API functions... Read more
- EPSS Score: %1.59
- Published: Nov. 03, 2004
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2006-2334
The RtlDosPathNameToNtPathName_U API function in NTDLL.DLL in Microsoft Windows 2000 SP4 and XP SP2 does not properly convert DOS style paths with trailing spaces into NT style paths, which allows context-dependent attackers to create files that cannot be... Read more
- EPSS Score: %3.43
- Published: May. 12, 2006
- Modified: Apr. 03, 2025