Search
14,631 CVEs · Low severity
CVEs (14,631, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 401–425 of 14,631 (capped at 500)
| CVE ID | Severity | Patch | CVSS ↑ | Published | Description |
|---|---|---|---|---|---|
| CVE-2014-7170 | LOW | 1.9 | 2014-12-17 | Race condition in Puppet Server 0.2.0 allows local users to obtain sensitive information by accessing it in between package installation or upgrade and the start of the service. | |
| CVE-2014-8595 | LOW | 1.9 | 2014-11-19 | arch/x86/x86_emulate/x86_emulate.c in Xen 3.2.1 through 4.4.x does not properly check privileges, which allows local HVM guest users to gain privileges or cause a denial of… | |
| CVE-2014-6146 | LOW | 1.9 | 2014-11-08 | IBM Sterling B2B Integrator 5.2.x through 5.2.4, when the Connect:Direct Server Adapter is configured, does not properly process the logging configuration, which allows loc… | |
| CVE-2014-3636 | LOW | Patched | 1.9 | 2014-10-25 | D-Bus 1.3.0 through 1.6.x before 1.6.24 and 1.8.x before 1.8.8 allows local users to (1) cause a denial of service (prevention of new connections and connection drop) by qu… |
| CVE-2014-4448 | LOW | Patched | 1.9 | 2014-10-22 | House Arrest in Apple iOS before 8.1 relies on the hardware UID for its encryption key, which makes it easier for physically proximate attackers to obtain sensitive informa… |
| CVE-2014-4450 | LOW | Patched | 1.9 | 2014-10-22 | The QuickType feature in the Keyboards subsystem in Apple iOS before 8.1 collects typing-prediction data from fields with an off autocomplete attribute, which makes it easi… |
| CVE-2014-5423 | LOW | Patched | 1.9 | 2014-10-19 | CareFusion Pyxis SupplyStation 8.1 with hardware test tool before 1.0.16 allows local users to obtain potentially sensitive information by reading a temporary (1) debugging… |
| CVE-2014-4822 | LOW | Patched | 1.9 | 2014-10-19 | IBM WebSphere MQ classes for Java libraries 8.0 before 8.0.0.1 and Websphere MQ Explorer 7.5 before 7.5.0.5 and 8.0 before 8.0.0.2 allow local users to discover preconfigur… |
| CVE-2014-4447 | LOW | Patched | 1.9 | 2014-10-18 | Profile Manager in Apple OS X Server before 4.0 allows local users to discover cleartext passwords by reading a file after a (1) profile setup or (2) profile edit occurs. |
| CVE-2014-6540 | LOW | Patched | 1.9 | 2014-10-15 | Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.1.34, before 4.2.26, and before 4.3.14 allows local users to af… |
| CVE-2014-4419 | LOW | Patched | 1.9 | 2014-09-18 | The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive m… |
| CVE-2014-4420 | LOW | Patched | 1.9 | 2014-09-18 | The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive m… |
| CVE-2014-4421 | LOW | Patched | 1.9 | 2014-09-18 | The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive m… |
| CVE-2014-4371 | LOW | Patched | 1.9 | 2014-09-18 | The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive m… |
| CVE-2014-4384 | LOW | Patched | 1.9 | 2014-09-18 | Directory traversal vulnerability in the App Installation feature in Apple iOS before 8 allows local users to install unverified apps by triggering code-signature validatio… |
| CVE-2014-4386 | LOW | Patched | 1.9 | 2014-09-18 | Race condition in the App Installation feature in Apple iOS before 8 allows local users to gain privileges and install unverified apps by leveraging /tmp write access. |
| CVE-2014-5036 | LOW | Patched | 1.9 | 2014-09-05 | The Storage Controller (SC) component in Eucalyptus 3.4.2 through 4.0.x before 4.0.1, when Dell Equallogic SAN is used, logs the CHAP user credentials, which allows local u… |
| CVE-2014-0974 | LOW | 1.9 | 2014-08-25 | The boot_linux_from_mmc function in app/aboot/aboot.c in the Little Kernel (LK) bootloader, as distributed with Qualcomm Innovation Center (QuIC) Android contributions for … | |
| CVE-2014-0179 | LOW | Patched | 1.9 | 2014-08-03 | libvirt 0.7.5 through 1.2.x before 1.2.5 allows local users to cause a denial of service (read block and hang) via a crafted XML document containing an XML external entity … |
| CVE-2014-5030 | LOW | Patched | 1.9 | 2014-07-29 | CUPS before 2.0 allows local users to read arbitrary files via a symlink attack on (1) index.html, (2) index.class, (3) index.pl, (4) index.php, (5) index.pyc, or (6) index.py. |
| CVE-2014-4652 | LOW | Patched | 1.9 | 2014-07-03 | Race condition in the tlv handler functionality in the snd_ctl_elem_user_tlv function in sound/core/control.c in the ALSA control implementation in the Linux kernel before … |
| CVE-2014-1352 | LOW | Patched | 1.9 | 2014-07-01 | Lock Screen in Apple iOS before 7.1.2 does not properly enforce the limit on failed passcode attempts, which makes it easier for physically proximate attackers to conduct b… |
| CVE-2014-3956 | LOW | Patched | 1.9 | 2014-06-04 | The sm_close_on_exec function in conf.c in sendmail before 8.14.9 has arguments in the wrong order, and consequently skips setting expected FD_CLOEXEC flags, which allows l… |
| CVE-2014-3716 | LOW | 1.9 | 2014-05-19 | Xen 4.4.x does not properly check alignment, which allows local users to cause a denial of service (crash) via an unspecified field in a DTB header in a 32-bit guest kernel. | |
| CVE-2014-0135 | LOW | Patched | 1.9 | 2014-05-08 | Kafo before 0.3.17 and 0.4.x before 0.5.2, as used by Foreman, uses world-readable permissions for default_values.yaml, which allows local users to obtain passwords and oth… |