Latest CVE Feed
-
1.9
LOWCVE-2015-3785
The Telephony component in Apple OS X before 10.11, when the Continuity feature is enabled, allows local users to bypass intended telephone-call restrictions via unspecified vectors.... Read more
- EPSS Score: %0.09
- Published: Oct. 09, 2015
- Modified: Apr. 12, 2025
-
1.9
LOWCVE-2013-5187
The Screen Lock implementation in Apple Mac OS X before 10.9 does not immediately accept Keychain Status menu Lock Screen commands, and instead incorrectly relies on a certain timeout setting, which allows physically proximate attackers to obtain sensitiv... Read more
- EPSS Score: %0.13
- Published: Oct. 24, 2013
- Modified: Apr. 11, 2025
-
1.9
LOWCVE-2015-2580
Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows local users to affect availability via vectors related to NFSv4.... Read more
Affected Products : solaris- EPSS Score: %0.22
- Published: Jul. 16, 2015
- Modified: Apr. 12, 2025
-
1.9
LOWCVE-2015-2534
Hyper-V in Microsoft Windows 8.1, Windows Server 2012 R2, and Windows 10 improperly processes ACL settings, which allows local users to bypass intended network-traffic restrictions via a crafted application, aka "Hyper-V Security Feature Bypass Vulnerabil... Read more
- EPSS Score: %0.60
- Published: Sep. 09, 2015
- Modified: Apr. 12, 2025
-
1.9
LOWCVE-2012-0218
Xen 3.4, 4.0, and 4.1, when the guest OS has not registered a handler for a syscall or sysenter instruction, does not properly clear a flag for exception injection when injecting a General Protection Fault, which allows local PV guest OS users to cause a ... Read more
Affected Products : xen- EPSS Score: %0.07
- Published: Dec. 03, 2012
- Modified: Apr. 11, 2025
-
1.9
LOWCVE-2010-4083
The copy_semid_to_user function in ipc/sem.c in the Linux kernel before 2.6.36 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via a (1) IPC_INFO, (2) SEM_INFO, (3) IPC... Read more
- EPSS Score: %0.09
- Published: Nov. 30, 2010
- Modified: Apr. 11, 2025
-
1.9
LOWCVE-2011-3153
dmrc.c in Light Display Manager (aka LightDM) before 1.1.1 allows local users to read arbitrary files via a symlink attack on ~/.dmrc.... Read more
- EPSS Score: %0.05
- Published: Mar. 06, 2014
- Modified: Apr. 12, 2025
-
1.9
LOWCVE-2009-2948
mount.cifs in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8 and 3.4 before 3.4.2, when mount.cifs is installed suid root, does not properly enforce permissions, which allows local users to read part of the credentials file and obtain the pa... Read more
Affected Products : samba- EPSS Score: %0.16
- Published: Oct. 07, 2009
- Modified: Apr. 09, 2025
-
1.9
LOWCVE-2009-3556
A certain Red Hat configuration step for the qla2xxx driver in the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5, when N_Port ID Virtualization (NPIV) hardware is used, sets world-writable permissions for the (1) vport_create and (2) vport_dele... Read more
- EPSS Score: %0.03
- Published: Jan. 27, 2010
- Modified: Apr. 11, 2025
-
1.9
LOWCVE-2007-0473
The writeFile function in core/smb4kfileio.cpp in Smb4K before 0.8.0 does not preserve /etc/sudoers permissions across modifications, which allows local users to obtain sensitive information (/etc/sudoers contents) by reading this file.... Read more
Affected Products : smb4k- EPSS Score: %0.06
- Published: Feb. 03, 2007
- Modified: Apr. 09, 2025
-
1.9
LOWCVE-2012-6539
The dev_ifconf function in net/socket.c in the Linux kernel before 3.6 does not initialize a certain structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.... Read more
Affected Products : linux_kernel- EPSS Score: %0.06
- Published: Mar. 15, 2013
- Modified: Apr. 11, 2025
-
1.9
LOWCVE-2012-6538
The copy_to_user_auth function in net/xfrm/xfrm_user.c in the Linux kernel before 3.6 uses an incorrect C library function for copying a string, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAP_NET_ADM... Read more
- EPSS Score: %0.06
- Published: Mar. 15, 2013
- Modified: Apr. 11, 2025
-
1.9
LOWCVE-2010-4075
The uart_get_count function in drivers/serial/serial_core.c in the Linux kernel before 2.6.37-rc1 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a ... Read more
Affected Products : linux_kernel- EPSS Score: %0.09
- Published: Nov. 29, 2010
- Modified: Apr. 11, 2025
-
1.9
LOWCVE-2013-1917
Xen 3.1 through 4.x, when running 64-bit hosts on Intel CPUs, does not clear the NT flag when using an IRET after a SYSENTER instruction, which allows PV guest users to cause a denial of service (hypervisor crash) by triggering a #GP fault, which is not p... Read more
Affected Products : xen- EPSS Score: %0.07
- Published: May. 13, 2013
- Modified: Apr. 11, 2025
-
1.9
LOWCVE-2010-4078
The sisfb_ioctl function in drivers/video/sis/sis_main.c in the Linux kernel before 2.6.36-rc6 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an FB... Read more
- EPSS Score: %0.07
- Published: Nov. 29, 2010
- Modified: Apr. 11, 2025
-
1.9
LOWCVE-2013-0541
Buffer overflow in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.29, 8.0 before 8.0.0.6, and 8.5 before 8.5.0.2 on Windows, when a localOS registry is used in conjunction with WebSphere Identity Manger (WIM), allows local us... Read more
- EPSS Score: %0.05
- Published: Apr. 24, 2013
- Modified: Apr. 11, 2025
-
1.9
LOWCVE-2010-4074
The USB subsystem in the Linux kernel before 2.6.36-rc5 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to TIOCGICOUNT ioctl calls, a... Read more
- EPSS Score: %0.08
- Published: Nov. 29, 2010
- Modified: Apr. 11, 2025
-
1.9
LOWCVE-2012-6549
The isofs_export_encode_fh function in fs/isofs/export.c in the Linux kernel before 3.6 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory via a crafted application.... Read more
Affected Products : linux_kernel- EPSS Score: %0.03
- Published: Mar. 15, 2013
- Modified: Apr. 11, 2025
-
1.9
LOWCVE-2013-1056
X.org X server 1.13.3 and earlier, when not run as root, allows local users to cause a denial of service (crash) or possibly gain privileges via vectors involving cached xkb files.... Read more
Affected Products : ubuntu_linux- EPSS Score: %0.05
- Published: Oct. 28, 2013
- Modified: Apr. 11, 2025
-
1.9
LOWCVE-2012-6540
The do_ip_vs_get_ctl function in net/netfilter/ipvs/ip_vs_ctl.c in the Linux kernel before 3.6 does not initialize a certain structure for IP_VS_SO_GET_TIMEOUT commands, which allows local users to obtain sensitive information from kernel stack memory via... Read more
Affected Products : linux_kernel- EPSS Score: %0.06
- Published: Mar. 15, 2013
- Modified: Apr. 11, 2025