Latest CVE Feed
-
1.9
LOWCVE-2010-4077
The ntty_ioctl_tiocgicount function in drivers/char/nozomi.c in the Linux kernel 2.6.36.1 and earlier does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory vi... Read more
Affected Products : linux_kernel- EPSS Score: %0.48
- Published: Nov. 29, 2010
- Modified: Apr. 11, 2025
-
1.9
LOWCVE-2010-4075
The uart_get_count function in drivers/serial/serial_core.c in the Linux kernel before 2.6.37-rc1 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a ... Read more
Affected Products : linux_kernel- EPSS Score: %0.09
- Published: Nov. 29, 2010
- Modified: Apr. 11, 2025
-
1.9
LOWCVE-2007-4972
RegMon 7.04 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via kernel SSDT hooks to the (1) NtCreateKey ... Read more
Affected Products : regmon- EPSS Score: %0.07
- Published: Sep. 19, 2007
- Modified: Apr. 09, 2025
-
1.9
LOWCVE-2007-0004
The NFS client implementation in the kernel in Red Hat Enterprise Linux (RHEL) 3, when a filesystem is mounted with the noacl option, checks permissions for the open system call via vfs_permission (mode bits) data rather than an NFS ACCESS call to the ser... Read more
Affected Products : enterprise_linux- EPSS Score: %0.04
- Published: Sep. 18, 2007
- Modified: Apr. 09, 2025
-
1.9
LOWCVE-2013-4025
IBM Data Studio Web Console 3.x before 3.2, Optim Performance Manager 5.x before 5.2, InfoSphere Optim Configuration Manager 2.x before 2.2, and DB2 Recovery Expert 2.x do not have an off autocomplete attribute for the login-password field, which makes it... Read more
- EPSS Score: %0.08
- Published: Sep. 25, 2013
- Modified: Apr. 11, 2025
-
1.9
LOWCVE-2014-0974
The boot_linux_from_mmc function in app/aboot/aboot.c in the Little Kernel (LK) bootloader, as distributed with Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not properly validate a certain address value,... Read more
Affected Products : little_kernel_bootloader- EPSS Score: %0.06
- Published: Aug. 25, 2014
- Modified: Apr. 12, 2025
-
1.9
LOWCVE-2015-7404
IBM Tivoli Storage Manager for Databases: Data Protection for Microsoft SQL Server (aka Spectrum Protect for Databases) 5.5 before 5.5.6.2, 6.3 before 6.3.1.6, 6.4 before 6.4.1.8, and 7.1 before 7.1.4; Tivoli Storage Manager for Mail: Data Protection for ... Read more
- EPSS Score: %0.03
- Published: Nov. 14, 2015
- Modified: Apr. 12, 2025
-
1.9
LOWCVE-2013-3287
EMC Unisphere for VMAX before 1.6.1.6, when using an unspecified level of debug logging in LDAP configurations, allows local users to discover the cleartext LDAP bind password by reading the console.... Read more
- EPSS Score: %0.06
- Published: Nov. 02, 2013
- Modified: Apr. 11, 2025
-
1.9
LOWCVE-2014-1446
The yam_ioctl function in drivers/net/hamradio/yam.c in the Linux kernel before 3.12.8 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability f... Read more
Affected Products : linux_kernel- EPSS Score: %0.20
- Published: Jan. 18, 2014
- Modified: Apr. 11, 2025
-
1.9
LOWCVE-2010-3876
net/packet/af_packet.c in the Linux kernel before 2.6.37-rc2 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory by leveraging the CAP_NET_RAW capability to ... Read more
- EPSS Score: %0.06
- Published: Jan. 03, 2011
- Modified: Apr. 11, 2025
-
1.9
LOWCVE-2015-0430
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect confidentiality via vectors related to RPC Utility.... Read more
- EPSS Score: %0.08
- Published: Jan. 21, 2015
- Modified: Apr. 12, 2025
-
1.9
LOWCVE-2013-0154
The get_page_type function in xen/arch/x86/mm.c in Xen 4.2, when debugging is enabled, allows local PV or HVM guest administrators to cause a denial of service (assertion failure and hypervisor crash) via unspecified vectors related to a hypercall.... Read more
Affected Products : xen- EPSS Score: %0.07
- Published: Jan. 12, 2013
- Modified: Apr. 11, 2025
-
1.9
LOWCVE-2014-3956
The sm_close_on_exec function in conf.c in sendmail before 8.14.9 has arguments in the wrong order, and consequently skips setting expected FD_CLOEXEC flags, which allows local users to access unintended high-numbered file descriptors via a custom mail-de... Read more
- EPSS Score: %0.11
- Published: Jun. 04, 2014
- Modified: Apr. 12, 2025
-
1.9
LOWCVE-2015-1114
The Sandbox Profiles component in Apple iOS before 8.3 and Apple TV before 7.2 allows attackers to discover hardware identifiers via a crafted app.... Read more
- EPSS Score: %0.07
- Published: Apr. 10, 2015
- Modified: Apr. 12, 2025
-
1.9
LOWCVE-2010-2192
The make_lockdir_name function in policy.c in pmount 0.9.18 allow local users to overwrite arbitrary files via a symlink attack on a file in /var/lock/.... Read more
Affected Products : pmount- EPSS Score: %0.03
- Published: Jun. 18, 2010
- Modified: Apr. 11, 2025
-
1.9
LOWCVE-2010-0769
IBM WebSphere Application Server (WAS) 6.0 before 6.0.2.41, 6.1 before 6.1.0.31, and 7.0 before 7.0.0.9 does not properly define wsadmin scripting J2CConnectionFactory objects, which allows local users to discover a KeyRingPassword password by reading a c... Read more
Affected Products : websphere_application_server- EPSS Score: %0.05
- Published: Apr. 01, 2010
- Modified: Apr. 11, 2025
-
1.9
LOWCVE-2010-1446
arch/powerpc/mm/fsl_booke_mmu.c in KGDB in the Linux kernel 2.6.30 and other versions before 2.6.33, when running on PowerPC, does not properly perform a security check for access to a kernel page, which allows local users to overwrite arbitrary kernel me... Read more
Affected Products : linux_kernel- EPSS Score: %0.06
- Published: May. 21, 2010
- Modified: Apr. 11, 2025
-
1.9
LOWCVE-2010-4076
The rs_ioctl function in drivers/char/amiserial.c in the Linux kernel 2.6.36.1 and earlier does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a TIOCGIC... Read more
Affected Products : linux_kernel- EPSS Score: %0.06
- Published: Nov. 29, 2010
- Modified: Apr. 11, 2025
-
1.9
LOWCVE-2013-4368
The outs instruction emulation in Xen 3.1.x, 4.2.x, 4.3.x, and earlier, when using FS: or GS: segment override, uses an uninitialized variable as a segment base, which allows local 64-bit PV guests to obtain sensitive information (hypervisor stack content... Read more
Affected Products : xen- EPSS Score: %0.09
- Published: Oct. 17, 2013
- Modified: Apr. 11, 2025
-
1.9
LOWCVE-2013-0223
The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string to the join command, when using the -i switch, which triggers a stack-based buffer overflow in... Read more
- EPSS Score: %0.14
- Published: Nov. 23, 2013
- Modified: Apr. 11, 2025