Search
14,626 CVEs · Low severity
CVEs (14,626, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 451–475 of 14,626 (capped at 500)
| CVE ID | Severity | Patch | CVSS ↓ | Published | Description |
|---|---|---|---|---|---|
| CVE-2014-1420 | LOW | Patched | 3.8 | 2020-09-11 | On desktop, Ubuntu UI Toolkit's StateSaver would serialise data on tmp/ files which an attacker could use to expose potentially sensitive data. StateSaver would also open f… |
| CVE-2020-12829 | LOW | Patched | 3.8 | 2020-08-31 | In QEMU through 5.0.0, an integer overflow was found in the SM501 display driver implementation. This flaw occurs in the COPY_AREA macro while handling MMIO write operation… |
| CVE-2020-6653 | LOW | Patched | 3.8 | 2020-08-12 | Eaton's Secure connect mobile app v1.7.3 & prior stores the user login credentials in logcat file when user create or register the account on the Mobile app. A malicious ap… |
| CVE-2020-16092 | LOW | Patched | 3.8 | 2020-08-11 | In QEMU through 5.0.0, an assertion failure can occur in the network packet processing. This issue affects the e1000e and vmxnet3 network devices. A malicious guest user/pr… |
| CVE-2020-3970 | LOW | Patched | 3.8 | 2020-06-25 | VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x b… |
| CVE-2020-4066 | LOW | Patched | 3.8 | 2020-06-22 | In Limdu before 0.95, the trainBatch function has a command injection vulnerability. Clients of the Limdu library are unlikely to be aware of this, so they might unwittingl… |
| CVE-2020-6752 | LOW | Patched | 3.8 | 2020-06-17 | In OMERO before 5.6.1, group owners can access members' data in other groups. |
| CVE-2020-2023 | LOW | Patched | 3.8 | 2020-06-10 | Kata Containers doesn't restrict containers from accessing the guest's root filesystem device. Malicious containers can exploit this to gain code execution on the guest and… |
| CVE-2020-3951 | LOW | Patched | 3.8 | 2020-03-17 | VMware Workstation (15.x before 15.5.2) and Horizon Client for Windows (5.x and prior before 5.4.0) contain a denial-of-service vulnerability due to a heap-overflow issue i… |
| CVE-2019-11481 | LOW | 3.8 | 2020-02-08 | Kevin Backhouse discovered that apport would read a user-supplied configuration file with elevated privileges. By replacing the file with a symbolic link, a user could get … | |
| CVE-2019-12068 | LOW | 3.8 | 2019-09-24 | In QEMU 1:4.1-1, 1:2.1+dfsg-12+deb8u6, 1:2.8+dfsg-6+deb9u8, 1:3.1+dfsg-8~deb10u1, 1:3.1+dfsg-8+deb10u2, and 1:2.1+dfsg-12+deb8u12 (fixed), when executing script in lsi_exec… | |
| CVE-2017-18398 | LOW | Patched | 3.8 | 2019-08-02 | DnsUtils in cPanel before 68.0.15 allows zone creation for hostname and account subdomains (SEC-331). |
| CVE-2017-18384 | LOW | Patched | 3.8 | 2019-08-02 | cPanel before 68.0.15 allows jailed accounts to restore files that are outside of the jail (SEC-310). |
| CVE-2018-20927 | LOW | Patched | 3.8 | 2019-08-01 | cPanel before 70.0.23 allows jailshell escape because of incorrect crontab parsing (SEC-382). |
| CVE-2019-2791 | LOW | Patched | 3.8 | 2019-07-23 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Audit Plug-in). Supported versions that are affected are 5.7.26 and prior and 8.0.16 and … |
| CVE-2019-3868 | LOW | Patched | 3.8 | 2019-04-24 | Keycloak up to version 6.0.0 allows the end user token (access or id token JWT) to be used as the session cookie for browser sessions for OIDC. As a result an attacker with… |
| CVE-2011-3145 | LOW | 3.8 | 2019-04-22 | When mount.ecrpytfs_private before version 87-0ubuntu1.2 calls setreuid() it doesn't also set the effective group id. So when it creates the new version, mtab.tmp, it's cre… | |
| CVE-2019-0162 | LOW | 3.8 | 2019-04-17 | Memory access in virtual memory mapping for some microprocessors may allow an authenticated user to potentially enable information disclosure via local access. | |
| CVE-2018-15532 | LOW | Patched | 3.8 | 2019-03-21 | SynTP.sys in Synaptics Touchpad drivers before 2018-06-06 allows local users to obtain sensitive information about freed kernel addresses. |
| CVE-2019-2553 | LOW | Patched | 3.8 | 2019-01-16 | Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0… |
| CVE-2019-2501 | LOW | Patched | 3.8 | 2019-01-16 | Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0… |
| CVE-2019-2504 | LOW | Patched | 3.8 | 2019-01-16 | Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0… |
| CVE-2019-2505 | LOW | Patched | 3.8 | 2019-01-16 | Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0… |
| CVE-2019-2506 | LOW | Patched | 3.8 | 2019-01-16 | Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0… |
| CVE-2018-15774 | LOW | Patched | 3.8 | 2018-12-13 | Dell EMC iDRAC7/iDRAC8 versions prior to 2.61.60.60 and iDRAC9 versions prior to 3.20.21.20, 3.21.24.22, 3.21.26.22, and 3.23.23.23 contain a privilege escalation vulnerabi… |