Latest CVE Feed
-
1.5
LOWCVE-2010-3321
RSA Authentication Client 2.0.x, 3.0, and 3.5.x before 3.5.3 does not properly handle a SENSITIVE or NON-EXTRACTABLE tag on a secret key object that is stored on a SecurID 800 authenticator, which allows local users to bypass intended access restrictions ... Read more
Affected Products : authentication_client- EPSS Score: %0.05
- Published: Oct. 07, 2010
- Modified: Apr. 11, 2025
-
1.5
LOWCVE-2007-0409
BEA WebLogic 7.0 through 7.0 SP6, 8.1 through 8.1 SP4, and 9.0 initial release does not encrypt passwords stored in the JDBCDataSourceFactory MBean Properties, which allows local administrative users to read the cleartext password.... Read more
Affected Products : weblogic_server- EPSS Score: %0.08
- Published: Jan. 23, 2007
- Modified: Apr. 09, 2025
-
1.5
LOWCVE-2015-4811
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows local users to affect availability via vectors related to Outside In PDF Export SDKutside In PDF Export SDK, a different vul... Read more
Affected Products : fusion_middleware- EPSS Score: %0.09
- Published: Oct. 21, 2015
- Modified: Apr. 12, 2025
-
1.5
LOWCVE-2012-5616
Apache CloudStack 4.0.0-incubating and Citrix CloudPlatform (formerly Citrix CloudStack) before 3.0.6 stores sensitive information in the log4j.conf log file, which allows local users to obtain (1) the SSH private key as recorded by the createSSHKeyPair A... Read more
- EPSS Score: %0.15
- Published: Jan. 22, 2013
- Modified: Apr. 11, 2025
-
1.4
LOWCVE-2014-2485
Unspecified vulnerability in the Siebel Core - EAI component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows local users to affect confidentiality via unknown vectors related to Integration Business Services.... Read more
Affected Products : siebel_crm- EPSS Score: %0.18
- Published: Jul. 17, 2014
- Modified: Apr. 12, 2025
-
1.4
LOWCVE-2016-0618
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality via unknown vectors related to Zones.... Read more
Affected Products : solaris- EPSS Score: %0.08
- Published: Jan. 21, 2016
- Modified: Apr. 12, 2025
-
1.3
LOWCVE-2025-53374
Dokploy is a self-hostable Platform as a Service (PaaS) that simplifies the deployment and management of applications and databases. An authenticated low-privileged account can retrieve detailed profile information about another users in the same organiza... Read more
Affected Products :- Published: Jul. 07, 2025
- Modified: Jul. 08, 2025
- Vuln Type: Information Disclosure
-
1.3
LOWCVE-2025-53904
The Scratch Channel is a news website that is under development as of time of this writing. The file `/api/admin.js` contains code that could make the website vulnerable to cross-site scripting. No known patches exist as of time of publication.... Read more
Affected Products :- Published: Jul. 16, 2025
- Modified: Jul. 17, 2025
- Vuln Type: Cross-Site Scripting
-
1.3
LOWCVE-2025-46826
insa-auth is an authentication server for INSA Rouen. A minor issue allowed third-party websites to access the server's secondary authentication bridge, potentially revealing basic student information (name and number). However, the issue posed minimal ri... Read more
Affected Products :- Published: May. 07, 2025
- Modified: May. 08, 2025
- Vuln Type: Information Disclosure
-
1.3
LOWCVE-2011-2242
Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.2.0.1 and 11.2.0.2 allows local users to affect confidentiality, related to XML DB FTP.... Read more
Affected Products : database_server- EPSS Score: %0.30
- Published: Jul. 20, 2011
- Modified: Apr. 11, 2025
-
1.3
LOWCVE-2025-53903
The Scratch Channel is a news website that is under development as of time of this writing. The file `/api/users.js` doesn't properly sanitize text box inputs, leading to a potential vulnerability to cross-site scripting attacks. Commit 90b39eb56b27b2bac2... Read more
Affected Products :- Published: Jul. 15, 2025
- Modified: Jul. 15, 2025
- Vuln Type: Cross-Site Scripting
-
1.3
LOWCVE-2015-5464
The Gemalto SafeNet Luna HSM allows remote authenticated users to bypass intended key-export restrictions by leveraging (1) crypto-user or (2) crypto-officer access to an HSM partition.... Read more
- EPSS Score: %0.06
- Published: Jul. 22, 2015
- Modified: Apr. 12, 2025
-
1.2
LOWCVE-2007-0832
VMware Workstation 5.5.3 34685 does not immediately change the availability of a shared clipboard when the "Enable copy and paste to and from this virtual machine" checkbox is changed, which allows local users to obtain sensitive information or conduct ce... Read more
Affected Products : workstation- EPSS Score: %0.05
- Published: Feb. 07, 2007
- Modified: Apr. 09, 2025
-
1.2
LOWCVE-2015-4823
Unspecified vulnerability in the Hyperion Installation Technology component in Oracle Hyperion 11.1.2.3 allows local users to affect confidentiality via unknown vectors related to Essbase Rapid Deploy.... Read more
Affected Products : hyperion- EPSS Score: %0.17
- Published: Oct. 21, 2015
- Modified: Apr. 12, 2025
-
1.2
LOWCVE-1999-0475
A race condition in how procmail handles .procmailrc files allows a local user to read arbitrary files available to the user who is running procmail.... Read more
Affected Products : procmail- EPSS Score: %0.18
- Published: Apr. 05, 1999
- Modified: Apr. 03, 2025
-
1.2
LOWCVE-2005-4660
Race condition in IPCop (aka IPCop Firewall) before 1.4.10 might allow local users to overwrite system configuration files and gain privileges by replacing a backup archive during the time window when the archive is owned by "nobody" but not yet encrypted... Read more
Affected Products : ipcop- EPSS Score: %0.07
- Published: Dec. 31, 2005
- Modified: Apr. 03, 2025
-
1.2
LOWCVE-2006-4676
TIBCO RendezVous 7.4.11 and earlier logs base64-encoded usernames and passwords in rvrd.db, which allows local users to obtain sensitive information by decoding the log file.... Read more
Affected Products : rendezvous- EPSS Score: %0.44
- Published: Sep. 11, 2006
- Modified: Apr. 03, 2025
-
1.2
LOWCVE-2001-1301
rcs2log, as used in Emacs 20.4, xemacs 21.1.10 and other versions before 21.4, and possibly other packages, allows local users to modify files of other users via a symlink attack on a temporary file.... Read more
- EPSS Score: %0.19
- Published: Aug. 07, 2001
- Modified: Apr. 03, 2025
-
1.2
LOWCVE-2006-1167
SGI ProPack 3 SP6 kernel displays the frame buffer contents of the last session after a reboot, which might allow local users to obtain sensitive information.... Read more
Affected Products : propack- EPSS Score: %0.07
- Published: Feb. 06, 2007
- Modified: Apr. 09, 2025
-
1.2
LOWCVE-2000-0224
ARCserve agent in SCO UnixWare 7.x allows local attackers to gain root privileges via a symlink attack.... Read more
Affected Products : unixware- EPSS Score: %0.25
- Published: Feb. 15, 2000
- Modified: Apr. 03, 2025