Latest CVE Feed
-
2.1
LOWCVE-2007-2617
srsexec in Sun Remote Services (SRS) Net Connect Software Proxy Core package in Sun Solaris 10 does not enforce file permissions when opening files, which allows local users to read the first line of arbitrary files via the -d and -v options.... Read more
- EPSS Score: %9.03
- Published: May. 11, 2007
- Modified: Apr. 09, 2025
-
2.1
LOWCVE-2014-4352
Address Book in Apple iOS before 8 relies on the hardware UID for its encryption key, which makes it easier for physically proximate attackers to obtain sensitive information by obtaining this UID.... Read more
Affected Products : iphone_os- EPSS Score: %0.04
- Published: Sep. 18, 2014
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2004-1377
The (1) fixps (aka fixps.in) and (2) psmandup (aka psmandup.in) scripts in a2ps before 4.13 allow local users to overwrite arbitrary files via a symlink attack on temporary files.... Read more
- EPSS Score: %0.07
- Published: Dec. 27, 2004
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2014-4463
Apple iOS before 8.1.1 allows physically proximate attackers to bypass the lock-screen protection mechanism, and view or transmit a Photo Library photo, via the FaceTime "Leave a Message" feature.... Read more
Affected Products : iphone_os- EPSS Score: %0.08
- Published: Nov. 18, 2014
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2014-1274
FaceTime in Apple iOS before 7.1 allows physically proximate attackers to obtain sensitive FaceTime contact information by using the lock screen for an invalid FaceTime call.... Read more
Affected Products : iphone_os- EPSS Score: %0.06
- Published: Mar. 14, 2014
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2004-1333
Integer overflow in the vc_resize function in the Linux kernel 2.4 and 2.6 before 2.6.10 allows local users to cause a denial of service (kernel crash) via a short new screen value, which leads to a buffer overflow.... Read more
- EPSS Score: %0.23
- Published: Dec. 15, 2004
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2004-1335
Memory leak in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (memory consumption) by repeatedly calling the ip_cmsg_send function.... Read more
- EPSS Score: %0.19
- Published: Dec. 15, 2004
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2007-3099
usr/mgmt_ipc.c in iscsid in open-iscsi (iscsi-initiator-utils) before 2.0-865 checks the client's UID on the listening AF_LOCAL socket instead of the new connection, which allows remote attackers to access the management interface and cause a denial of se... Read more
Affected Products : enterprise_linux- EPSS Score: %0.23
- Published: Jun. 14, 2007
- Modified: Apr. 09, 2025
-
2.1
LOWCVE-2013-1069
Ubuntu Metal as a Service (MaaS) 1.2 and 1.4 uses world-readable permissions for txlongpoll.yaml, which allows local users to obtain RabbitMQ authentication credentials by reading the file.... Read more
- EPSS Score: %0.05
- Published: Feb. 17, 2014
- Modified: Apr. 11, 2025
-
2.1
LOWCVE-2014-1738
The raw_cmd_copyout function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly restrict access to certain pointers during processing of an FDRAWCMD ioctl call, which allows local users to obtain sensitive information from kern... Read more
- EPSS Score: %0.03
- Published: May. 11, 2014
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2013-0346
Apache Tomcat 7.x uses world-readable permissions for the log directory and its files, which might allow local users to obtain sensitive information by reading a file. NOTE: One Tomcat distributor has stated "The tomcat log directory does not contain any ... Read more
Affected Products : tomcat- EPSS Score: %0.64
- Published: Feb. 15, 2014
- Modified: Apr. 11, 2025
-
2.1
LOWCVE-2014-1378
IOGraphicsFamily in Apple OS X before 10.9.4 allows local users to bypass the ASLR protection mechanism by leveraging read access to a kernel pointer in an IOKit object.... Read more
- EPSS Score: %0.06
- Published: Jul. 01, 2014
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2014-1360
Lockdown in Apple iOS before 7.1.2 does not properly verify data from activation servers, which makes it easier for physically proximate attackers to bypass the Activation Lock protection mechanism via unspecified vectors.... Read more
Affected Products : iphone_os- EPSS Score: %0.08
- Published: Jul. 01, 2014
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2007-4571
The snd_mem_proc_read function in sound/core/memalloc.c in the Advanced Linux Sound Architecture (ALSA) in the Linux kernel before 2.6.22.8 does not return the correct write size, which allows local users to obtain sensitive information (kernel memory con... Read more
Affected Products : linux_kernel- EPSS Score: %0.13
- Published: Sep. 26, 2007
- Modified: Apr. 09, 2025
-
2.1
LOWCVE-2014-4356
Apple iOS before 8 does not follow the intended configuration setting for text-message preview on the lock screen, which allows physically proximate attackers to obtain sensitive information by reading this screen.... Read more
Affected Products : iphone_os- EPSS Score: %0.08
- Published: Sep. 18, 2014
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2010-3881
arch/x86/kvm/x86.c in the Linux kernel before 2.6.36.2 does not initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory via read operations on the /dev/kvm device.... Read more
- EPSS Score: %0.07
- Published: Dec. 23, 2010
- Modified: Apr. 11, 2025
-
2.1
LOWCVE-2013-2546
The report API in the crypto user configuration API in the Linux kernel through 3.8.2 uses an incorrect C library function for copying strings, which allows local users to obtain sensitive information from kernel stack memory by leveraging the CAP_NET_ADM... Read more
- EPSS Score: %0.07
- Published: Mar. 15, 2013
- Modified: Apr. 11, 2025
-
2.1
LOWCVE-2005-0118
helvis 1.8h2_1 and earlier stores recovery files in world readable directories with world readable permissions, which allows local users to read the recovered files of other users.... Read more
Affected Products : helvis- EPSS Score: %0.05
- Published: May. 02, 2005
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2010-2226
The xfs_swapext function in fs/xfs/xfs_dfrag.c in the Linux kernel before 2.6.35 does not properly check the file descriptors passed to the SWAPEXT ioctl, which allows local users to leverage write access and obtain read access by swapping one file into a... Read more
- EPSS Score: %0.08
- Published: Sep. 03, 2010
- Modified: Apr. 11, 2025
-
2.1
LOWCVE-2009-5066
twiddle.sh in JBoss AS 5.0 and EAP 5.0 and earlier accepts credentials as command-line arguments, which allows local users to read the credentials by listing the process and its arguments.... Read more
- EPSS Score: %0.07
- Published: Aug. 13, 2012
- Modified: Apr. 11, 2025