Latest CVE Feed
-
1.9
LOWCVE-2013-3287
EMC Unisphere for VMAX before 1.6.1.6, when using an unspecified level of debug logging in LDAP configurations, allows local users to discover the cleartext LDAP bind password by reading the console.... Read more
- EPSS Score: %0.06
- Published: Nov. 02, 2013
- Modified: Apr. 11, 2025
-
1.9
LOWCVE-2014-0974
The boot_linux_from_mmc function in app/aboot/aboot.c in the Little Kernel (LK) bootloader, as distributed with Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not properly validate a certain address value,... Read more
Affected Products : little_kernel_bootloader- EPSS Score: %0.06
- Published: Aug. 25, 2014
- Modified: Apr. 12, 2025
-
1.9
LOWCVE-2009-2490
Unspecified vulnerability in the utaudiod daemon in Sun Ray Server Software (SRSS) 4.0, when Solaris Trusted Extensions is enabled, allows local users to cause a denial of service (audio outage) or possibly gain privileges via unknown vectors related to "... Read more
Affected Products : ray_server_software- EPSS Score: %0.06
- Published: Jul. 16, 2009
- Modified: Apr. 09, 2025
-
1.9
LOWCVE-2009-1296
The eCryptfs support utilities (ecryptfs-utils) 73-0ubuntu6.1 on Ubuntu 9.04 stores the mount passphrase in installation logs, which might allow local users to obtain access to the filesystem by reading the log files from disk. NOTE: the log files are on... Read more
- EPSS Score: %0.07
- Published: Jun. 09, 2009
- Modified: Apr. 09, 2025
-
1.9
LOWCVE-2010-0106
The on-demand scanning in Symantec AntiVirus 10.0.x and 10.1.x before MR9, AntiVirus 10.2.x, and Client Security 3.0.x and 3.1.x before MR9, when Tamper protection is disabled, allows remote attackers to cause a denial of service (prevention of on-demand ... Read more
- EPSS Score: %0.30
- Published: Feb. 19, 2010
- Modified: Apr. 11, 2025
-
1.9
LOWCVE-2008-0049
AppKit in Apple Mac OS X 10.4.11 inadvertently makes an NSApplication mach port available for inter-process communication instead of inter-thread communication, which allows local users to execute arbitrary code via crafted messages to privileged applicat... Read more
- EPSS Score: %0.19
- Published: Mar. 18, 2008
- Modified: Apr. 09, 2025
-
1.9
LOWCVE-2007-0004
The NFS client implementation in the kernel in Red Hat Enterprise Linux (RHEL) 3, when a filesystem is mounted with the noacl option, checks permissions for the open system call via vfs_permission (mode bits) data rather than an NFS ACCESS call to the ser... Read more
Affected Products : enterprise_linux- EPSS Score: %0.04
- Published: Sep. 18, 2007
- Modified: Apr. 09, 2025
-
1.9
LOWCVE-2007-4972
RegMon 7.04 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via kernel SSDT hooks to the (1) NtCreateKey ... Read more
Affected Products : regmon- EPSS Score: %0.07
- Published: Sep. 19, 2007
- Modified: Apr. 09, 2025
-
1.9
LOWCVE-2024-42155
In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe copies of protected- and secure-keys Although the clear-key of neither protected- nor secure-keys is accessible, this key material should only be visible to the calling ... Read more
Affected Products : linux_kernel- Published: Jul. 30, 2024
- Modified: Nov. 21, 2024
-
1.9
LOWCVE-2015-2534
Hyper-V in Microsoft Windows 8.1, Windows Server 2012 R2, and Windows 10 improperly processes ACL settings, which allows local users to bypass intended network-traffic restrictions via a crafted application, aka "Hyper-V Security Feature Bypass Vulnerabil... Read more
- EPSS Score: %0.60
- Published: Sep. 09, 2015
- Modified: Apr. 12, 2025
-
1.9
LOWCVE-2017-10120
Vulnerability in the RDBMS Security component of Oracle Database Server. The supported version that is affected is 12.1.0.2. Difficult to exploit vulnerability allows high privileged attacker having Create Session, Select Any Dictionary privilege with log... Read more
- EPSS Score: %0.08
- Published: Aug. 08, 2017
- Modified: Apr. 20, 2025
-
1.9
LOWCVE-2015-2580
Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows local users to affect availability via vectors related to NFSv4.... Read more
Affected Products : solaris- EPSS Score: %0.22
- Published: Jul. 16, 2015
- Modified: Apr. 12, 2025
-
1.9
LOWCVE-2015-0001
The Windows Error Reporting (WER) component in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to bypass the Protected Process Light protection mechanism and read the contents of arbitrary ... Read more
- EPSS Score: %0.55
- Published: Jan. 13, 2015
- Modified: Apr. 12, 2025
-
1.9
LOWCVE-2009-0434
PerfServlet in the PMI/Performance Tools component in IBM WebSphere Application Server (WAS) 6.0.x before 6.0.2.31, 6.1.x before 6.1.0.21, and 7.0.x before 7.0.0.1, when Performance Monitoring Infrastructure (PMI) is enabled, allows local users to obtain ... Read more
Affected Products : websphere_application_server- EPSS Score: %0.06
- Published: Feb. 10, 2009
- Modified: Apr. 09, 2025
-
1.9
LOWCVE-2010-4079
The ivtvfb_ioctl function in drivers/media/video/ivtv/ivtvfb.c in the Linux kernel before 2.6.36-rc8 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via... Read more
- EPSS Score: %0.08
- Published: Nov. 29, 2010
- Modified: Apr. 11, 2025
-
1.9
LOWCVE-2010-2803
The drm_ioctl function in drivers/gpu/drm/drm_drv.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 2.6.27.53, 2.6.32.x before 2.6.32.21, 2.6.34.x before 2.6.34.6, and 2.6.35.x before 2.6.35.4 allows local users to obtain potent... Read more
- EPSS Score: %0.08
- Published: Sep. 08, 2010
- Modified: Apr. 11, 2025
-
1.9
LOWCVE-2010-2192
The make_lockdir_name function in policy.c in pmount 0.9.18 allow local users to overwrite arbitrary files via a symlink attack on a file in /var/lock/.... Read more
Affected Products : pmount- EPSS Score: %0.03
- Published: Jun. 18, 2010
- Modified: Apr. 11, 2025
-
1.9
LOWCVE-2011-3153
dmrc.c in Light Display Manager (aka LightDM) before 1.1.1 allows local users to read arbitrary files via a symlink attack on ~/.dmrc.... Read more
- EPSS Score: %0.05
- Published: Mar. 06, 2014
- Modified: Apr. 12, 2025
-
1.9
LOWCVE-2010-3431
The privilege-dropping implementation in the (1) pam_env and (2) pam_mail modules in Linux-PAM (aka pam) 1.1.2 does not check the return value of the setfsuid system call, which might allow local users to obtain sensitive information by leveraging an unin... Read more
- EPSS Score: %0.08
- Published: Jan. 24, 2011
- Modified: Apr. 11, 2025
-
1.9
LOWCVE-2009-3556
A certain Red Hat configuration step for the qla2xxx driver in the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5, when N_Port ID Virtualization (NPIV) hardware is used, sets world-writable permissions for the (1) vport_create and (2) vport_dele... Read more
- EPSS Score: %0.03
- Published: Jan. 27, 2010
- Modified: Apr. 11, 2025