Vulnerabilities > Low

DATE CVE VULNERABILITY TITLE RISK
2017-03-03 CVE-2015-2877 Information Exposure vulnerability in multiple products
Kernel Samepage Merging (KSM) in the Linux kernel 2.6.32 through 4.x does not prevent use of a write-timing side channel, which allows guest OS users to defeat the ASLR protection mechanism on other guest OS instances via a Cross-VM ASL INtrospection (CAIN) attack.
local
low complexity
linux redhat CWE-200
3.3
3.3
2017-02-27 CVE-2016-7553 Permission Issues vulnerability in Irssi Buf.Pl 2.13
The buf.pl script before 2.20 in Irssi before 0.8.20 uses weak permissions for the scrollbuffer dump file created between upgrades, which might allow local users to obtain sensitive information from private chat conversations by reading the file.
local
low complexity
irssi CWE-275
3.3
3.3
2017-02-27 CVE-2017-5928 Unspecified vulnerability in W3 High Resolution Time API
The W3C High Resolution Time API, as implemented in various web browsers, does not consider that memory-reference times can be measured by a performance.now "Time to Tick" approach even with the https://bugzilla.mozilla.org/show_bug.cgi?id=1167489#c9 protection mechanism in place, which makes it easier for remote attackers to conduct AnC attacks via crafted JavaScript code.
network
high complexity
w3
3.7
3.7
2017-02-24 CVE-2016-9009 Improper Input Validation vulnerability in IBM Websphere MQ
IBM WebSphere MQ 8.0 could allow an authenticated user with authority to create a cluster object to cause a denial of service to MQ clustering.
network
high complexity
ibm CWE-20
3.1
3.1
2017-02-20 CVE-2017-2357 Information Exposure vulnerability in Apple mac OS X
An issue was discovered in certain Apple products.
local
low complexity
apple CWE-200
3.3
3.3
2017-02-20 CVE-2017-2351 Improper Input Validation vulnerability in Apple Iphone OS
An issue was discovered in certain Apple products.
low complexity
apple CWE-20
2.4
2.4
2017-02-20 CVE-2016-7765 Information Exposure vulnerability in Apple Iphone OS
An issue was discovered in certain Apple products.
low complexity
apple CWE-200
2.4
2.4
2017-02-20 CVE-2016-7714 Information Exposure vulnerability in Apple Iphone OS
An issue was discovered in certain Apple products.
local
low complexity
apple CWE-200
3.3
3.3
2017-02-20 CVE-2016-7664 Information Exposure vulnerability in Apple Iphone OS
An issue was discovered in certain Apple products.
low complexity
apple CWE-200
2.4
2.4
2017-02-20 CVE-2016-7657 Improper Input Validation vulnerability in Apple mac OS X and Watchos
An issue was discovered in certain Apple products.
local
low complexity
apple CWE-20
3.3
3.3