Latest CVE Feed
-
2.1
LOWCVE-2005-2032
Unknown vulnerability in lpadmin on Sun Solaris 7, 8, and 9 allows local users to overwrite arbitrary files.... Read more
- EPSS Score: %0.06
- Published: Jun. 16, 2005
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2005-1765
syscall in the Linux kernel 2.6.8.1 and 2.6.10 for the AMD64 platform, when running in 32-bit compatibility mode, allows local users to cause a denial of service (kernel hang) via crafted arguments.... Read more
Affected Products : linux_kernel- EPSS Score: %0.06
- Published: May. 31, 2005
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2006-1056
The Linux kernel before 2.6.16.9 and the FreeBSD kernel, when running on AMD64 and other 7th and 8th generation AuthenticAMD processors, only save/restore the FOP, FIP, and FDP x87 registers in FXSAVE/FXRSTOR when an exception is pending, which allows one... Read more
- EPSS Score: %0.08
- Published: Apr. 20, 2006
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2004-2436
Computer Associates Unicenter Common Services 3.0 and earlier stores the database "SA" password in cleartext in the TndAddNspTmp.bat file, which could allow local users to gain privileges.... Read more
- EPSS Score: %0.08
- Published: Dec. 31, 2004
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2015-4981
IBM General Parallel File System (GPFS) 3.5.x before 3.5.0.27 and 4.1.x before 4.1.1.2 and Spectrum Scale 4.1.1.x before 4.1.1.2 allow local users to obtain sensitive information from system memory via unspecified vectors.... Read more
- EPSS Score: %0.06
- Published: Oct. 26, 2015
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2003-0875
Symbolic link vulnerability in the slpd script slpd.all_init for OpenSLP before 1.0.11 allows local users to overwrite arbitrary files via the route.check temporary file.... Read more
Affected Products : openslp- EPSS Score: %0.24
- Published: Nov. 17, 2003
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2011-1886
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP3 does not properly validate the arguments to functions, which allows local users to read arbitrary data from kernel memory via a crafted application that triggers a NULL pointer dereference,... Read more
Affected Products : windows_xp- EPSS Score: %0.36
- Published: Jul. 13, 2011
- Modified: Apr. 11, 2025
-
2.1
LOWCVE-2024-9101
A reflected cross-site scripting (XSS) vulnerability in the 'Entry Chooser' of phpLDAPadmin (version 1.2.1 through the latest version, 1.2.6.7) allows attackers to execute arbitrary JavaScript in the user's browser via the 'element' parameter, which is un... Read more
Affected Products :- Published: Dec. 19, 2024
- Modified: Dec. 19, 2024
-
2.1
LOWCVE-2005-0596
PHP 4 (PHP4) allows attackers to cause a denial of service (daemon crash) by using the readfile function on a file whose size is a multiple of the page size.... Read more
Affected Products : php- EPSS Score: %0.07
- Published: May. 02, 2005
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2013-4229
Cross-site scripting (XSS) vulnerability in the Monster Menus module 7.x-1.x before 7.x-1.12 for Drupal allows remote authenticated users with permissions to add pages to inject arbitrary web script or HTML via a title in the page settings.... Read more
- EPSS Score: %0.25
- Published: Aug. 21, 2013
- Modified: Aug. 27, 2025
-
2.1
LOWCVE-2009-4080
Multiple unspecified vulnerabilities in ldap_cachemgr (aka the LDAP client configuration cache daemon) in Sun Solaris 9 and 10, and OpenSolaris before snv_78, allow local users to cause a denial of service (daemon crash) via vectors involving multiple ser... Read more
- EPSS Score: %0.06
- Published: Nov. 29, 2009
- Modified: Apr. 09, 2025
-
2.1
LOWCVE-2024-53699
An out-of-bounds write vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to modify or corrupt memory. We have already fixed ... Read more
- Published: Mar. 07, 2025
- Modified: Mar. 07, 2025
- Vuln Type: Memory Corruption
-
2.1
LOWCVE-2024-53698
A double free vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to modify memory. We have already fixed the vulnerability in... Read more
- Published: Mar. 07, 2025
- Modified: Mar. 07, 2025
- Vuln Type: Memory Corruption
-
2.1
LOWCVE-2011-1307
The installer in IBM WebSphere Application Server (WAS) before 7.0.0.15 uses 777 permissions for a temporary log directory, which allows local users to have unintended access to log files via standard filesystem operations, a different vulnerability than ... Read more
Affected Products : websphere_application_server- EPSS Score: %0.05
- Published: Mar. 08, 2011
- Modified: Apr. 11, 2025
-
2.1
LOWCVE-2024-53697
An out-of-bounds write vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to modify or corrupt memory. We have already fixed ... Read more
- Published: Mar. 07, 2025
- Modified: Mar. 07, 2025
- Vuln Type: Memory Corruption
-
2.1
LOWCVE-2024-38638
An out-of-bounds write vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to modify or corrupt memory. QTS 5.2.x/QuTS hero h5... Read more
- Published: Mar. 07, 2025
- Modified: Mar. 07, 2025
- Vuln Type: Memory Corruption
-
2.1
LOWCVE-2025-46729
julmud/phpDVDProfiler is an adoption of the defunct phpDVDProfiler project, which allows users to display on the web their DVD collections maintained with Invelos's DVDProfiler software. Starting in v_20230807 and prior to v_20250511, cross-site scripting... Read more
Affected Products :- Published: May. 12, 2025
- Modified: May. 12, 2025
- Vuln Type: Cross-Site Scripting
-
2.1
LOWCVE-2025-30371
Metabase is a business intelligence and embedded analytics tool. Versions prior to v0.52.16.4, v1.52.16.4, v0.53.8, and v1.53.8 are vulnerable to circumvention of local link access protection in GeoJson endpoint. Self hosted Metabase instances that are us... Read more
Affected Products : metabase- Published: Mar. 28, 2025
- Modified: Mar. 28, 2025
- Vuln Type: Misconfiguration
-
2.1
LOWCVE-2014-5240
Cross-site scripting (XSS) vulnerability in wp-includes/pluggable.php in WordPress before 3.9.2, when Multisite is enabled, allows remote authenticated administrators to inject arbitrary web script or HTML, and obtain Super Admin privileges, via a crafted... Read more
- EPSS Score: %0.33
- Published: Aug. 18, 2014
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2005-2097
xpdf and kpdf do not properly validate the "loca" table in PDF files, which allows local users to cause a denial of service (disk consumption and hang) via a PDF file with a "broken" loca table, which causes a large temporary file to be created when xpdf ... Read more
- EPSS Score: %0.07
- Published: Aug. 16, 2005
- Modified: Apr. 03, 2025