Latest CVE Feed
-
1.9
LOWCVE-2007-4272
Multiple vulnerabilities in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allow local users to create arbitrary files via (1) unspecified vectors where an attacker's umask is honored, (2) /etc/ld.so.preload, (3) certain "cron data file locations"... Read more
Affected Products : db2_universal_database- EPSS Score: %0.06
- Published: Aug. 18, 2007
- Modified: Apr. 09, 2025
-
1.9
LOWCVE-2014-1446
The yam_ioctl function in drivers/net/hamradio/yam.c in the Linux kernel before 3.12.8 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability f... Read more
Affected Products : linux_kernel- EPSS Score: %0.20
- Published: Jan. 18, 2014
- Modified: Apr. 11, 2025
-
1.9
LOWCVE-2015-7829
Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows mishandle junctions in the Synchronizer direct... Read more
- EPSS Score: %0.40
- Published: Oct. 15, 2015
- Modified: Apr. 12, 2025
-
1.9
LOWCVE-2024-42155
In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe copies of protected- and secure-keys Although the clear-key of neither protected- nor secure-keys is accessible, this key material should only be visible to the calling ... Read more
Affected Products : linux_kernel- Published: Jul. 30, 2024
- Modified: Nov. 21, 2024
-
1.9
LOWCVE-2007-4751
RemoteDocs R-Viewer before 1.6.3768 stores encrypted RDZ file data in unencrypted temporary files, which allows local users to obtain sensitive information by reading the temporary files.... Read more
Affected Products : remotedocs_r-viewer- EPSS Score: %0.07
- Published: Sep. 18, 2007
- Modified: Apr. 09, 2025
-
1.9
LOWCVE-2014-2893
The GetHTMLRunDir function in the scan-build utility in Clang 3.5 and earlier allows local users to obtain sensitive information or overwrite arbitrary files via a symlink attack on temporary directories with predictable names.... Read more
- EPSS Score: %0.08
- Published: Apr. 23, 2014
- Modified: Apr. 12, 2025
-
1.9
LOWCVE-2014-1352
Lock Screen in Apple iOS before 7.1.2 does not properly enforce the limit on failed passcode attempts, which makes it easier for physically proximate attackers to conduct brute-force passcode-guessing attacks via unspecified vectors.... Read more
Affected Products : iphone_os- EPSS Score: %0.07
- Published: Jul. 01, 2014
- Modified: Apr. 12, 2025
-
1.9
LOWCVE-2007-5143
F-Secure Anti-Virus for Windows Servers 7.0 64-bit edition allows local users to bypass virus scanning by using the system32 directory to store a crafted (1) archive or (2) packed executable. NOTE: in many environments, this does not cross privilege boun... Read more
- EPSS Score: %0.07
- Published: Oct. 01, 2007
- Modified: Apr. 09, 2025
-
1.9
LOWCVE-2013-4481
Race condition in Luci 0.26.0 creates /var/lib/luci/etc/luci.ini with world-readable permissions before restricting the permissions, which allows local users to read the file and obtain sensitive information such as "authentication secrets."... Read more
- EPSS Score: %0.03
- Published: Nov. 23, 2013
- Modified: Apr. 11, 2025
-
1.9
LOWCVE-2012-3729
The Berkeley Packet Filter (BPF) interpreter implementation in the kernel in Apple iOS before 6 accesses uninitialized memory locations, which allows local users to obtain sensitive information about the layout of kernel memory via a crafted program that ... Read more
Affected Products : iphone_os- EPSS Score: %0.07
- Published: Sep. 20, 2012
- Modified: Apr. 11, 2025
-
1.9
LOWCVE-2014-0058
The security audit functionality in Red Hat JBoss Enterprise Application Platform (EAP) 6.x before 6.2.1 logs request parameters in plaintext, which might allow local users to obtain passwords by reading the log files.... Read more
Affected Products : jboss_enterprise_application_platform- EPSS Score: %0.06
- Published: Feb. 26, 2014
- Modified: Apr. 12, 2025
-
1.9
LOWCVE-2013-7336
The qemuMigrationWaitForSpice function in qemu/qemu_migration.c in libvirt before 1.1.3 does not properly enter a monitor when performing seamless SPICE migration, which allows local users to cause a denial of service (NULL pointer dereference and libvirt... Read more
- EPSS Score: %0.07
- Published: May. 07, 2014
- Modified: Apr. 12, 2025
-
1.9
LOWCVE-2013-5187
The Screen Lock implementation in Apple Mac OS X before 10.9 does not immediately accept Keychain Status menu Lock Screen commands, and instead incorrectly relies on a certain timeout setting, which allows physically proximate attackers to obtain sensitiv... Read more
- EPSS Score: %0.13
- Published: Oct. 24, 2013
- Modified: Apr. 11, 2025
-
1.9
LOWCVE-2008-0049
AppKit in Apple Mac OS X 10.4.11 inadvertently makes an NSApplication mach port available for inter-process communication instead of inter-thread communication, which allows local users to execute arbitrary code via crafted messages to privileged applicat... Read more
- EPSS Score: %0.19
- Published: Mar. 18, 2008
- Modified: Apr. 09, 2025
-
1.9
LOWCVE-2012-4693
Invensys Wonderware InTouch 2012 R2 and earlier and Siemens ProcessSuite use a weak encryption algorithm for data in Ps_security.ini, which makes it easier for local users to discover passwords by reading this file.... Read more
- EPSS Score: %0.08
- Published: Dec. 18, 2012
- Modified: Apr. 11, 2025
-
1.9
LOWCVE-2016-0436
Unspecified vulnerability in the Oracle Retail Point-of-Service component in Oracle Retail Applications 13.4, 14.0, and 14.1 allows local users to affect confidentiality via vectors related to Mobile POS, a different vulnerability than CVE-2016-0434, CVE-... Read more
Affected Products : retail_applications- EPSS Score: %0.28
- Published: Jan. 21, 2016
- Modified: Apr. 12, 2025
-
1.9
LOWCVE-2014-6195
The (1) Java GUI and (2) Web GUI components in the IBM Tivoli Storage Manager (TSM) Backup-Archive client 5.4 and 5.5 before 5.5.4.4 on AIX, Linux, and Solaris; 5.4.x and 5.5.x on Windows and z/OS; 6.1 before 6.1.5.7 on z/OS; 6.1 and 6.2 before 6.2.5.2 on... Read more
- EPSS Score: %0.04
- Published: Feb. 14, 2015
- Modified: Apr. 12, 2025
-
1.9
LOWCVE-2013-3287
EMC Unisphere for VMAX before 1.6.1.6, when using an unspecified level of debug logging in LDAP configurations, allows local users to discover the cleartext LDAP bind password by reading the console.... Read more
- EPSS Score: %0.06
- Published: Nov. 02, 2013
- Modified: Apr. 11, 2025
-
1.9
LOWCVE-2013-4025
IBM Data Studio Web Console 3.x before 3.2, Optim Performance Manager 5.x before 5.2, InfoSphere Optim Configuration Manager 2.x before 2.2, and DB2 Recovery Expert 2.x do not have an off autocomplete attribute for the login-password field, which makes it... Read more
- EPSS Score: %0.08
- Published: Sep. 25, 2013
- Modified: Apr. 11, 2025
-
1.9
LOWCVE-2009-5084
IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.2, when com.tivoli.am.fim.infocard.delegates.InfoCardSTSDelegate tracing is enabled, creates a cleartext log entry containing a password, which might allow local users to obtain sensitive inf... Read more
Affected Products : tivoli_federated_identity_manager- EPSS Score: %0.05
- Published: Aug. 12, 2011
- Modified: Apr. 11, 2025