Latest CVE Feed
-
2.1
LOWCVE-2000-0311
The Windows 2000 domain controller allows a malicious user to modify Active Directory information by modifying an unprotected attribute, aka the "Mixed Object Access" vulnerability.... Read more
Affected Products : windows_2000- EPSS Score: %0.65
- Published: Apr. 20, 2000
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2010-1487
IBM Lotus Notes 7.0, 8.0, and 8.5 stores administrative credentials in cleartext in SURunAs.exe, which allows local users to obtain sensitive information by examining this file, aka SPR JSTN837SEG.... Read more
- EPSS Score: %0.06
- Published: Apr. 20, 2010
- Modified: Apr. 11, 2025
-
2.1
LOWCVE-2003-1174
Buffer overflow in NullSoft Shoutcast Server 1.9.2 allows local users to cause a denial of service via (1) icy-name followed by a long server name or (2) icy-url followed by a long URL.... Read more
Affected Products : shoutcast_server- EPSS Score: %0.46
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2012-1657
Cross-site scripting (XSS) vulnerability in block_class.module in the Block Class module before 7.x-1.1 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via the class name.... Read more
- EPSS Score: %0.26
- Published: Sep. 18, 2012
- Modified: Apr. 11, 2025
-
2.1
LOWCVE-2014-6147
IBM Flex System Manager (FSM) 1.1.x.x, 1.2.0.x, 1.2.1.x, 1.3.0.0, 1.3.1.0, and 1.3.2.0 allows local users to obtain sensitive information, and consequently gain privileges or conduct impersonation attacks, via unspecified vectors.... Read more
Affected Products : flex_system_manager- EPSS Score: %0.13
- Published: Feb. 19, 2015
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2006-5724
Heap-based buffer overflow the "Answering Service" function in ICQ 2003b Build 3916 allows local users to cause a denial of service (application crash) via a long string in the "AwayMsg Presets" value in the ICQ\ICQPro\DefaultPrefs\Presets registry key.... Read more
Affected Products : icq- EPSS Score: %0.17
- Published: Nov. 04, 2006
- Modified: Apr. 09, 2025
-
2.1
LOWCVE-2014-0647
The Starbucks 2.6.1 application for iOS stores sensitive information in plaintext in the Crashlytics log file (/Library/Caches/com.crashlytics.data/com.starbucks.mystarbucks/session.clslog), which allows attackers to discover usernames, passwords, and e-m... Read more
- EPSS Score: %0.08
- Published: Jan. 28, 2014
- Modified: Apr. 11, 2025
-
2.1
LOWCVE-2011-0797
Unspecified vulnerability in the Applications Install component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows remote authenticated users to affect confidentiality via unknown vectors.... Read more
Affected Products : e-business_suite- EPSS Score: %0.17
- Published: Apr. 20, 2011
- Modified: Apr. 11, 2025
-
2.1
LOWCVE-2012-1660
Multiple cross-site scripting (XSS) vulnerabilities in components/select.inc in the Webform module 6.x-3.x before 6.x-3.17 and 7.x-3.x before 7.x-3.17 for Drupal, when the "Select (or other)" module is enabled, allow remote authenticated users with the cr... Read more
- EPSS Score: %0.46
- Published: Sep. 18, 2012
- Modified: Apr. 11, 2025
-
2.1
LOWCVE-2004-0838
Lexar Safe Guard for JumpDrive Secure 1.0 stores the password insecurely in memory using XOR encryption, which allows local users to read the password directly from the device and access the password protected part of the drive.... Read more
Affected Products : jumpdrive_secure- EPSS Score: %0.04
- Published: Sep. 13, 2004
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2005-4344
Adobe (formerly Macromedia) ColdFusion MX 7.0 does not honor when the CFOBJECT /CreateObject(Java) setting is disabled, which allows local users to create an object despite the specified configuration.... Read more
Affected Products : coldfusion- EPSS Score: %0.02
- Published: Dec. 19, 2005
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2005-1682
JavaMail API, as used by Solstice Internet Mail Server POP3 2.0, does not properly validate the message number in the MimeMessage constructor in javax.mail.internet.InternetHeaders, which allows remote authenticated users to read other users' e-mail messa... Read more
Affected Products : solstice_internet_mail_server- EPSS Score: %0.13
- Published: May. 20, 2005
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2005-4789
resmgr in SUSE Linux 9.2 and 9.3, and possibly other distributions, does not properly enforce class-specific exclude rules in some situations, which allows local users to bypass intended access restrictions for USB devices that set their class ID at the i... Read more
Affected Products : suse_linux- EPSS Score: %0.06
- Published: Dec. 31, 2005
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2016-3002
IBM Connections 4.0 through CR4, 4.5 through CR5, and 5.0 before CR4 allows physically proximate attackers to obtain sensitive information by reading cached data on a client device.... Read more
Affected Products : connections- EPSS Score: %0.06
- Published: Nov. 30, 2016
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2013-0265
The redirect_stderr function in xnbd_common.c in xnbd-server and xndb-wrapper in xNBD 0.1.0 allow local users to overwrite arbitrary files via a symlink attack on /tmp/xnbd.log.... Read more
Affected Products : xnbd- EPSS Score: %0.07
- Published: Feb. 13, 2013
- Modified: Apr. 11, 2025
-
2.1
LOWCVE-2004-0320
Unknown vulnerability in nCipher Hardware Security Modules (HSM) 1.67.x through 1.99.x allows local users to access secrets stored in the module's run-time memory via certain sequences of commands.... Read more
Affected Products : nshield- EPSS Score: %0.07
- Published: Nov. 23, 2004
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2015-3949
Sinapsi eSolar Light with firmware before 2.0.3970_schsl_2.2.85 allows attackers to discover cleartext passwords by reading the HTML source code of the mail-configuration page.... Read more
- EPSS Score: %0.06
- Published: Jun. 13, 2015
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2002-2165
The IMHO Webmail module 0.97.3 and earlier for Roxen leaks the REFERER from the browser's previous login session in an error page, which allows local users to read another user's inbox.... Read more
Affected Products : imho_webmail- EPSS Score: %0.38
- Published: Dec. 31, 2002
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2008-1970
muCommander before 0.8.2 stores credentials.xml with insecure permissions, which allows local users to obtain credentials.... Read more
Affected Products : mucommander- EPSS Score: %0.05
- Published: Apr. 27, 2008
- Modified: Apr. 09, 2025
-
2.1
LOWCVE-2008-3902
HP firmware 68DTT F.0D stores pre-boot authentication passwords in the BIOS Keyboard buffer and does not clear this buffer after use, which allows local users to obtain sensitive information by reading the physical memory locations associated with this bu... Read more
Affected Products : 68dtt- EPSS Score: %0.11
- Published: Sep. 03, 2008
- Modified: Apr. 09, 2025