Search
14,631 CVEs · Low severity
CVEs (14,631, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 426–450 of 14,631 (capped at 500)
| CVE ID | Severity | Patch | CVSS ↑ | Published | Description |
|---|---|---|---|---|---|
| CVE-2013-7336 | LOW | Patched | 1.9 | 2014-05-07 | The qemuMigrationWaitForSpice function in qemu/qemu_migration.c in libvirt before 1.1.3 does not properly enter a monitor when performing seamless SPICE migration, which al… |
| CVE-2014-2893 | LOW | Patched | 1.9 | 2014-04-23 | The GetHTMLRunDir function in the scan-build utility in Clang 3.5 and earlier allows local users to obtain sensitive information or overwrite arbitrary files via a symlink … |
| CVE-2011-3154 | LOW | Patched | 1.9 | 2014-04-17 | DistUpgrade/DistUpgradeViewKDE.py in Update Manager before 1:0.87.31.1, 1:0.134.x before 1:0.134.11.1, 1:0.142.x before 1:0.142.23.1, 1:0.150.x before 1:0.150.5.1, and 1:0.… |
| CVE-2014-1515 | LOW | Patched | 1.9 | 2014-03-25 | Mozilla Firefox before 28.0.1 on Android processes a file: URL by copying a local file onto the SD card, which allows attackers to obtain sensitive information from the Fir… |
| CVE-2014-0076 | LOW | Patched | 1.9 | 2014-03-25 | The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local u… |
| CVE-2014-0017 | LOW | Patched | 1.9 | 2014-03-14 | The RAND_bytes function in libssh before 0.6.3, when forking is enabled, does not properly reset the state of the OpenSSL pseudo-random number generator (PRNG), which cause… |
| CVE-2014-1281 | LOW | Patched | 1.9 | 2014-03-14 | Photos Backend in Apple iOS before 7.1 does not properly manage the asset-library cache during deletions, which allows physically proximate attackers to obtain sensitive ph… |
| CVE-2011-3153 | LOW | Patched | 1.9 | 2014-03-06 | dmrc.c in Light Display Manager (aka LightDM) before 1.1.1 allows local users to read arbitrary files via a symlink attack on ~/.dmrc. |
| CVE-2014-0890 | LOW | 1.9 | 2014-03-06 | The Connect client in IBM Sametime 8.5.1, 8.5.1.1, 8.5.1.2, 8.5.2, 8.5.2.1, 9.0, and 9.0.0.1, when a certain com.ibm.collaboration.realtime.telephony.*.level setting is use… | |
| CVE-2014-0058 | LOW | Patched | 1.9 | 2014-02-26 | The security audit functionality in Red Hat JBoss Enterprise Application Platform (EAP) 6.x before 6.2.1 logs request parameters in plaintext, which might allow local users… |
| CVE-2014-0018 | LOW | 1.9 | 2014-02-14 | Red Hat JBoss Enterprise Application Platform (JBEAP) 6.2.0 and JBoss WildFly Application Server, when run under a security manager, do not properly restrict access to the … | |
| CVE-2014-0019 | LOW | 1.9 | 2014-02-04 | Stack-based buffer overflow in socat 1.3.0.0 through 1.7.2.2 and 2.0.0-b1 through 2.0.0-b6 allows local users to cause a denial of service (segmentation fault) via a long s… | |
| CVE-2014-1446 | LOW | Patched | 1.9 | 2014-01-18 | The yam_ioctl function in drivers/net/hamradio/yam.c in the Linux kernel before 3.12.8 does not initialize a certain structure member, which allows local users to obtain se… |
| CVE-2010-5292 | LOW | Patched | 1.9 | 2014-01-10 | Amberdms Billing System (ABS) before 1.4.1, when a multi-instance installation is configured, might allow local users to obtain sensitive information by reading the cache i… |
| CVE-2013-4509 | LOW | Patched | 1.9 | 2013-11-23 | The default configuration of IBUS 1.5.4, and possibly 1.5.2 and earlier, when IBus.InputPurpose.PASSWORD is not set and used with GNOME 3, does not obscure the entered pass… |
| CVE-2013-0223 | LOW | 1.9 | 2013-11-23 | The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string to the join… | |
| CVE-2013-6384 | LOW | Patched | 1.9 | 2013-11-23 | (1) impl_db2.py and (2) impl_mongodb.py in OpenStack Ceilometer 2013.2 and earlier, when the logging level is set to INFO, logs the connection string from ceilometer.conf, … |
| CVE-2013-4481 | LOW | 1.9 | 2013-11-23 | Race condition in Luci 0.26.0 creates /var/lib/luci/etc/luci.ini with world-readable permissions before restricting the permissions, which allows local users to read the fi… | |
| CVE-2013-4425 | LOW | Patched | 1.9 | 2013-11-18 | The DICOM listener in OsiriX before 5.8 and before 2.5-MD, when starting up, encrypts the TLS private key file using "SuperSecretPassword" as the hardcoded password, which … |
| CVE-2013-3287 | LOW | Patched | 1.9 | 2013-11-02 | EMC Unisphere for VMAX before 1.6.1.6, when using an unspecified level of debug logging in LDAP configurations, allows local users to discover the cleartext LDAP bind passw… |
| CVE-2013-4469 | LOW | 1.9 | 2013-11-02 | OpenStack Compute (Nova) Folsom, Grizzly, and Havana, when use_cow_images is set to False, does not verify the virtual size of a QCOW2 image, which allows local users to ca… | |
| CVE-2013-1056 | LOW | 1.9 | 2013-10-28 | X.org X server 1.13.3 and earlier, when not run as root, allows local users to cause a denial of service (crash) or possibly gain privileges via vectors involving cached xkb files. | |
| CVE-2013-5187 | LOW | Patched | 1.9 | 2013-10-24 | The Screen Lock implementation in Apple Mac OS X before 10.9 does not immediately accept Keychain Status menu Lock Screen commands, and instead incorrectly relies on a cert… |
| CVE-2013-5169 | LOW | Patched | 1.9 | 2013-10-24 | CoreGraphics in Apple Mac OS X before 10.9, when display-sleep mode is used, does not ensure that screen locking blocks the visibility of all windows, which allows physical… |
| CVE-2013-4368 | LOW | Patched | 1.9 | 2013-10-17 | The outs instruction emulation in Xen 3.1.x, 4.2.x, 4.3.x, and earlier, when using FS: or GS: segment override, uses an uninitialized variable as a segment base, which allo… |