Latest CVE Feed
-
1.8
LOWCVE-2023-21928
Vulnerability in the Oracle Solaris product of Oracle Systems (component: IPS repository daemon). The supported version that is affected is 11. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Ora... Read more
- EPSS Score: %0.04
- Published: Apr. 18, 2023
- Modified: Nov. 21, 2024
-
1.8
LOWCVE-2007-2999
Microsoft Windows Server 2003, when time restrictions are in effect for user accounts, generates different error messages for failed login attempts with a valid user name than for those with an invalid user name, which allows context-dependent attackers t... Read more
- EPSS Score: %1.25
- Published: Jun. 04, 2007
- Modified: Apr. 09, 2025
-
1.8
LOWCVE-2024-5532
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in OpenText™ Operations Agent. The XSS vulnerability could allow an attacker with local admin permissions to manipulate the content of the internal... Read more
Affected Products :- Published: Oct. 28, 2024
- Modified: Oct. 29, 2024
-
1.8
LOWCVE-2025-32382
Metabase is an open source Business Intelligence and Embedded Analytics tool. When admins change Snowflake connection details in Metabase (either updating a password or changing password to private key or vice versa), Metabase would not always purge older... Read more
Affected Products : metabase- Published: Apr. 10, 2025
- Modified: Apr. 11, 2025
- Vuln Type: Information Disclosure
-
1.8
LOWCVE-2014-4812
The installer in IBM Security AppScan Source 8.x and 9.x through 9.0.1 has an open network port for a debug service, which allows remote attackers to obtain sensitive information by connecting to this port.... Read more
Affected Products : security_appscan_source- EPSS Score: %0.11
- Published: Oct. 26, 2014
- Modified: Apr. 12, 2025
-
1.8
LOWCVE-2024-36119
Statamic is a, Laravel + Git powered CMS designed for building websites. In affected versions users registering via the `user:register_form` tag will have their password confirmation stored in plain text in their user file. This only affects sites matchin... Read more
Affected Products : statamic- Published: May. 30, 2024
- Modified: Nov. 21, 2024
-
1.8
LOWCVE-2015-0875
The Ogaki Kyoritsu Bank Smartphone Passbook application 1.0.0 for Android creates a log file containing input data from the user, which allows attackers to obtain sensitive information by reading a file.... Read more
- EPSS Score: %0.09
- Published: Feb. 15, 2015
- Modified: Apr. 12, 2025
-
1.8
LOWCVE-2012-2424
The intu-help-qb (aka Intuit Help System Async Pluggable Protocol) handlers in HelpAsyncPluggableProtocol.dll in Intuit QuickBooks 2009 through 2012, when Internet Explorer is used, allow remote attackers to cause a denial of service (NULL pointer derefer... Read more
- EPSS Score: %0.18
- Published: Apr. 25, 2012
- Modified: Apr. 11, 2025
-
1.8
LOWCVE-2013-7291
memcached before 1.4.17, when running in verbose mode, allows remote attackers to cause a denial of service (crash) via a request that triggers an "unbounded key print" during logging, related to an issue that was "quickly grepped out of the source tree,"... Read more
Affected Products : memcached- EPSS Score: %0.21
- Published: Jan. 13, 2014
- Modified: Apr. 11, 2025
-
1.8
LOWCVE-2012-2425
The intu-help-qb (aka Intuit Help System Async Pluggable Protocol) handlers in HelpAsyncPluggableProtocol.dll in Intuit QuickBooks 2009 through 2012, when Internet Explorer is used, allow remote attackers to cause a denial of service (application crash) v... Read more
- EPSS Score: %0.21
- Published: Apr. 25, 2012
- Modified: Apr. 11, 2025
-
1.8
LOWCVE-2013-7290
The do_item_get function in items.c in memcached 1.4.4 and other versions before 1.4.17, when running in verbose mode, allows remote attackers to cause a denial of service (segmentation fault) via a request to delete a key, which does not account for the ... Read more
Affected Products : memcached- EPSS Score: %0.21
- Published: Jan. 13, 2014
- Modified: Apr. 11, 2025
-
1.8
LOWCVE-2016-0453
Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 3.1.2 allows remote attackers to affect integrity via unknown vectors related to Embedded Server.... Read more
- EPSS Score: %0.52
- Published: Jan. 21, 2016
- Modified: Apr. 12, 2025
-
1.8
LOWCVE-2025-47278
Flask is a web server gateway interface (WSGI) web application framework. In Flask 3.1.0, the way fallback key configuration was handled resulted in the last fallback key being used for signing, rather than the current signing key. Signing is provided by ... Read more
Affected Products : flask- Published: May. 13, 2025
- Modified: May. 13, 2025
- Vuln Type: Cryptography
-
1.8
LOWCVE-2018-3270
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). The supported version that is affected is 11.3. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where S... Read more
- EPSS Score: %0.19
- Published: Oct. 17, 2018
- Modified: Nov. 21, 2024
-
1.8
LOWCVE-2025-0885
Incorrect Authorization vulnerability in OpenText™ GroupWise allows Exploiting Incorrectly Configured Access Control Security Levels. The vulnerability could allow unauthorized access to calendar items marked private. This issue affects GroupWise versio... Read more
Affected Products :- Published: Jul. 03, 2025
- Modified: Jul. 03, 2025
- Vuln Type: Authorization
-
1.8
LOWCVE-2024-12057
User credentials (login & password) are inserted into log files when a user tries to authenticate using a version of a Web client that is not compatible with that of the PcVue Web back end. By exploiting this vulnerability, an attacker could retrieve the ... Read more
Affected Products :- Published: Dec. 09, 2024
- Modified: Dec. 09, 2024
-
1.8
LOWCVE-2025-23206
The AWS Cloud Development Kit (AWS CDK) is an open-source software development framework to define cloud infrastructure in code and provision it through AWS CloudFormation. Users who use IAM OIDC custom resource provider package will download CA Thumbprin... Read more
Affected Products : aws_cloud_development_kit- Published: Jan. 17, 2025
- Modified: Jan. 17, 2025
- Vuln Type: Misconfiguration
-
1.8
LOWCVE-2013-0179
The process_bin_delete function in memcached.c in memcached 1.4.4 and other versions before 1.4.17, when running in verbose mode, allows remote attackers to cause a denial of service (segmentation fault) via a request to delete a key, which does not accou... Read more
Affected Products : memcached- EPSS Score: %1.34
- Published: Jan. 13, 2014
- Modified: Apr. 11, 2025
-
1.8
LOWCVE-2016-8284
Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows local users to affect availability via vectors related to Server: Replication.... Read more
Affected Products : mysql- EPSS Score: %0.08
- Published: Oct. 25, 2016
- Modified: Apr. 12, 2025
-
1.8
LOWCVE-2015-1798
The symmetric-key feature in the receive function in ntp_proto.c in ntpd in NTP 4.x before 4.2.8p2 requires a correct MAC only if the MAC field has a nonzero length, which makes it easier for man-in-the-middle attackers to spoof packets by omitting the MA... Read more
Affected Products : ntp- EPSS Score: %0.68
- Published: Apr. 08, 2015
- Modified: Apr. 12, 2025