Latest CVE Feed
-
2.1
LOWCVE-1999-1348
Linuxconf on Red Hat Linux 6.0 and earlier does not properly disable PAM-based access to the shutdown command, which could allow local users to cause a denial of service.... Read more
Affected Products : linux- EPSS Score: %0.08
- Published: Jun. 30, 1999
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2014-9740
Cross-site scripting (XSS) vulnerability in the Rules Link module 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with the "administer rules links" permission to inject arbitrary web script or HTML via unspecified vectors, which are no... Read more
Affected Products : rules_link- EPSS Score: %0.21
- Published: Jul. 06, 2015
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2015-5488
Cross-site scripting (XSS) vulnerability in the MailChimp Signup submodule in the MailChimp module 7.x-3.x before 7.x-3.3 for Drupal allows remote authenticated users with the "administer mailchimp" permission to inject arbitrary web script or HTML via un... Read more
Affected Products : mailchimp- EPSS Score: %0.21
- Published: Aug. 18, 2015
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2005-3112
The "reset password" feature in Macromedia Breeze 5.0 stores passwords in plaintext in the database instead of the hash, which allows attackers with access to the database to obtain the passwords.... Read more
Affected Products : breeze- EPSS Score: %0.02
- Published: Sep. 30, 2005
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2005-4778
The powersave daemon in SUSE Linux 10.0 before 20051007 has an unspecified "configuration problem," which allows local users to suspend the computer and possibly perform certain other unauthorized actions.... Read more
- EPSS Score: %0.06
- Published: Dec. 31, 2005
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-1999-1102
lpr on SunOS 4.1.1, BSD 4.3, A/UX 2.0.1, and other BSD-based operating systems allows local users to create or overwrite arbitrary files via a symlink attack that is triggered after invoking lpr 1000 times.... Read more
- EPSS Score: %0.12
- Published: Dec. 31, 1999
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2005-2134
The (1) clcs and (2) emuxki drivers in NetBSD 1.6 through 2.0.2 allow local users to cause a denial of service (kernel crash) by using the set-parameters ioctl on an audio device to change the block size and set the pause state to "unpaused" in the same i... Read more
Affected Products : netbsd- EPSS Score: %0.06
- Published: Jul. 05, 2005
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2006-0516
Unspecified vulnerability in the kernel processing in Solaris 10 64 bit platform, when running in 64-bit mode, allows local users to cause a denial of service (system panic) via unknown attack vectors.... Read more
Affected Products : solaris- EPSS Score: %0.06
- Published: Feb. 02, 2006
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2013-1822
Multiple cross-site scripting (XSS) vulnerabilities in ownCloud 4.5.x before 4.5.8 allow remote authenticated users with administrator privileges to inject arbitrary web script or HTML via the (1) quota parameter to /core/settings/ajax/setquota.php, or re... Read more
- EPSS Score: %0.18
- Published: Mar. 14, 2014
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-1999-1218
Vulnerability in finger in Commodore Amiga UNIX 2.1p2a and earlier allows local users to read arbitrary files.... Read more
Affected Products : amiga_unix- EPSS Score: %0.16
- Published: Feb. 18, 1993
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2013-4380
Cross-site scripting (XSS) vulnerability in the MediaFront module 6.x-1.x before 6.x-1.6, 7.x-1.x before 7.x-1.6, and 7.x-2.x before 7.x-2.1 for Drupal allows remote authenticated users with the "administer mediafront" permission to inject arbitrary web s... Read more
- EPSS Score: %0.23
- Published: May. 20, 2014
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2005-1424
StumbleInside GoText 1.01 stores sensitive username, mail address,and phone number information in plaintext in the GoText.bin file, which allows local users to obtain that information.... Read more
Affected Products : gotext- EPSS Score: %0.17
- Published: May. 03, 2005
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2009-1292
UCM-CQ in IBM Rational ClearCase 7.0.0.x before 7.0.0.5, 7.0.1.x before 7.0.1.4, and 7.1.x before 7.1.0.1 on Linux and AIX places a username and password on the command line, which allows local users to obtain credentials by listing the process.... Read more
- EPSS Score: %0.05
- Published: Apr. 14, 2009
- Modified: Apr. 09, 2025
-
2.1
LOWCVE-2005-4344
Adobe (formerly Macromedia) ColdFusion MX 7.0 does not honor when the CFOBJECT /CreateObject(Java) setting is disabled, which allows local users to create an object despite the specified configuration.... Read more
Affected Products : coldfusion- EPSS Score: %0.02
- Published: Dec. 19, 2005
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2009-4829
Cross-site scripting (XSS) vulnerability in the Automated Logout module 6.x-1.x before 6.x-1.7 and 6.x-2.x before 6.x-2.3 for Drupal allows remote authenticated users with administer autologout privileges to inject arbitrary web script or HTML via unspeci... Read more
- EPSS Score: %0.34
- Published: Apr. 27, 2010
- Modified: Apr. 11, 2025
-
2.1
LOWCVE-2016-3002
IBM Connections 4.0 through CR4, 4.5 through CR5, and 5.0 before CR4 allows physically proximate attackers to obtain sensitive information by reading cached data on a client device.... Read more
Affected Products : connections- EPSS Score: %0.06
- Published: Nov. 30, 2016
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2008-1970
muCommander before 0.8.2 stores credentials.xml with insecure permissions, which allows local users to obtain credentials.... Read more
Affected Products : mucommander- EPSS Score: %0.05
- Published: Apr. 27, 2008
- Modified: Apr. 09, 2025
-
2.1
LOWCVE-2015-4949
IBM Tivoli Storage Manager for Databases: Data Protection for Microsoft SQL Server 7.1 before 7.1.2, Tivoli Storage Manager for Mail: Data Protection for Microsoft Exchange Server 7.1 before 7.1.2, and Tivoli Storage FlashCopy Manager 4.1 before 4.1.2 pla... Read more
- EPSS Score: %0.06
- Published: Aug. 23, 2015
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2013-0265
The redirect_stderr function in xnbd_common.c in xnbd-server and xndb-wrapper in xNBD 0.1.0 allow local users to overwrite arbitrary files via a symlink attack on /tmp/xnbd.log.... Read more
Affected Products : xnbd- EPSS Score: %0.07
- Published: Feb. 13, 2013
- Modified: Apr. 11, 2025
-
2.1
LOWCVE-2004-0838
Lexar Safe Guard for JumpDrive Secure 1.0 stores the password insecurely in memory using XOR encryption, which allows local users to read the password directly from the device and access the password protected part of the drive.... Read more
Affected Products : jumpdrive_secure- EPSS Score: %0.04
- Published: Sep. 13, 2004
- Modified: Apr. 03, 2025