Latest CVE Feed
-
1.9
LOWCVE-2014-9415
Huawei eSpace Desktop before V100R001C03 allows local users to cause a denial of service (program exit) via a crafted QES file.... Read more
Affected Products : espace_desktop- EPSS Score: %0.11
- Published: Dec. 24, 2014
- Modified: Apr. 12, 2025
-
1.9
LOWCVE-2013-2168
The _dbus_printf_string_upper_bound function in dbus/dbus-sysdeps-unix.c in D-Bus (aka DBus) 1.4.x before 1.4.26, 1.6.x before 1.6.12, and 1.7.x before 1.7.4 allows local users to cause a denial of service (service crash) via a crafted message.... Read more
- EPSS Score: %0.09
- Published: Jul. 03, 2013
- Modified: Apr. 11, 2025
-
1.9
LOWCVE-2013-2635
The rtnl_fill_ifinfo function in net/core/rtnetlink.c in the Linux kernel before 3.8.4 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.... Read more
Affected Products : linux_kernel- EPSS Score: %0.03
- Published: Mar. 22, 2013
- Modified: Apr. 11, 2025
-
1.9
LOWCVE-2011-1019
The dev_load function in net/core/dev.c in the Linux kernel before 2.6.38 allows local users to bypass an intended CAP_SYS_MODULE capability requirement and load arbitrary modules by leveraging the CAP_NET_ADMIN capability.... Read more
Affected Products : linux_kernel- EPSS Score: %0.06
- Published: Mar. 01, 2013
- Modified: Apr. 11, 2025
-
1.9
LOWCVE-2009-2911
SystemTap 1.0, when the --unprivileged option is used, does not properly restrict certain data sizes, which allows local users to (1) cause a denial of service or gain privileges via a print operation with a large number of arguments that trigger a kernel... Read more
Affected Products : systemtap- EPSS Score: %0.08
- Published: Oct. 22, 2009
- Modified: Apr. 09, 2025
-
1.9
LOWCVE-2013-4259
runner/connection_plugins/ssh.py in Ansible before 1.2.3, when using ControlPersist, allows local users to redirect a ssh session via a symlink attack on a socket file with a predictable name in /tmp/.... Read more
Affected Products : ansible- EPSS Score: %0.05
- Published: Sep. 16, 2013
- Modified: Apr. 11, 2025
-
1.9
LOWCVE-2013-4242
GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x and possibly other products, allows local users to obtain private RSA keys via a cache side-channel attack involving the L3 cache, aka Flush+Reload.... Read more
- EPSS Score: %0.16
- Published: Aug. 19, 2013
- Modified: Apr. 11, 2025
-
1.9
LOWCVE-2013-2162
Race condition in the post-installation script (mysql-server-5.5.postinst) for MySQL Server 5.5 for Debian GNU/Linux and Ubuntu Linux creates a configuration file with world-readable permissions before restricting the permissions, which allows local users... Read more
Affected Products : ubuntu_linux- EPSS Score: %0.03
- Published: Aug. 19, 2013
- Modified: Apr. 11, 2025
-
1.9
LOWCVE-2013-2634
net/dcb/dcbnl.c in the Linux kernel before 3.8.4 does not initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.... Read more
Affected Products : linux_kernel- EPSS Score: %0.03
- Published: Mar. 22, 2013
- Modified: Apr. 11, 2025
-
1.9
LOWCVE-2010-4074
The USB subsystem in the Linux kernel before 2.6.36-rc5 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to TIOCGICOUNT ioctl calls, a... Read more
- EPSS Score: %0.08
- Published: Nov. 29, 2010
- Modified: Apr. 11, 2025
-
1.9
LOWCVE-2013-1056
X.org X server 1.13.3 and earlier, when not run as root, allows local users to cause a denial of service (crash) or possibly gain privileges via vectors involving cached xkb files.... Read more
Affected Products : ubuntu_linux- EPSS Score: %0.05
- Published: Oct. 28, 2013
- Modified: Apr. 11, 2025
-
1.9
LOWCVE-2010-4078
The sisfb_ioctl function in drivers/video/sis/sis_main.c in the Linux kernel before 2.6.36-rc6 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an FB... Read more
- EPSS Score: %0.07
- Published: Nov. 29, 2010
- Modified: Apr. 11, 2025
-
1.9
LOWCVE-2010-4075
The uart_get_count function in drivers/serial/serial_core.c in the Linux kernel before 2.6.37-rc1 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a ... Read more
Affected Products : linux_kernel- EPSS Score: %0.09
- Published: Nov. 29, 2010
- Modified: Apr. 11, 2025
-
1.9
LOWCVE-2007-5496
Cross-site scripting (XSS) vulnerability in setroubleshoot 2.0.5 allows local users to inject arbitrary web script or HTML via a crafted (1) file or (2) process name, which triggers an Access Vector Cache (AVC) log entry in a log file used during composit... Read more
- EPSS Score: %0.07
- Published: May. 23, 2008
- Modified: Apr. 09, 2025
-
1.9
LOWCVE-2011-3154
DistUpgrade/DistUpgradeViewKDE.py in Update Manager before 1:0.87.31.1, 1:0.134.x before 1:0.134.11.1, 1:0.142.x before 1:0.142.23.1, 1:0.150.x before 1:0.150.5.1, and 1:0.152.x before 1:0.152.25.5 does not properly create temporary files, which allows lo... Read more
- EPSS Score: %0.05
- Published: Apr. 17, 2014
- Modified: Apr. 12, 2025
-
1.9
LOWCVE-2010-4077
The ntty_ioctl_tiocgicount function in drivers/char/nozomi.c in the Linux kernel 2.6.36.1 and earlier does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory vi... Read more
Affected Products : linux_kernel- EPSS Score: %0.48
- Published: Nov. 29, 2010
- Modified: Apr. 11, 2025
-
1.9
LOWCVE-2013-1917
Xen 3.1 through 4.x, when running 64-bit hosts on Intel CPUs, does not clear the NT flag when using an IRET after a SYSENTER instruction, which allows PV guest users to cause a denial of service (hypervisor crash) by triggering a #GP fault, which is not p... Read more
Affected Products : xen- EPSS Score: %0.07
- Published: May. 13, 2013
- Modified: Apr. 11, 2025
-
1.9
LOWCVE-2013-5150
The history-clearing feature in Safari in Apple iOS before 7 does not clear the back/forward history of an open tab, which allows physically proximate attackers to obtain sensitive information by leveraging an unattended workstation.... Read more
Affected Products : iphone_os- EPSS Score: %0.07
- Published: Sep. 19, 2013
- Modified: Apr. 11, 2025
-
1.9
LOWCVE-2008-3230
The ffmpeg lavf demuxer allows user-assisted attackers to cause a denial of service (application crash) via a crafted GIF file, possibly related to gstreamer, as demonstrated by lol-giftopnm.gif.... Read more
Affected Products : lavf_demuxer- EPSS Score: %0.12
- Published: Jul. 18, 2008
- Modified: Apr. 09, 2025
-
1.9
LOWCVE-2007-0120
Acunetix Web Vulnerability Scanner (WVS) 4.0 Build 20060717 and earlier allows remote attackers to cause a denial of service (application crash) via multiple HTTP requests containing invalid Content-Length values.... Read more
Affected Products : web_vulnerability_scanner- EPSS Score: %0.58
- Published: Jan. 09, 2007
- Modified: Apr. 09, 2025