Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.0

    MEDIUM
    CVE-2014-4239

    Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Common Agent Container (Cacao).... Read more

    Affected Products : sunos solaris sunos
    • EPSS Score: %0.58
    • Published: Jul. 17, 2014
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2009-3229

    The core server component in PostgreSQL 8.4 before 8.4.1, 8.3 before 8.3.8, and 8.2 before 8.2.14 allows remote authenticated users to cause a denial of service (backend shutdown) by "re-LOAD-ing" libraries from a certain plugins directory.... Read more

    Affected Products : postgresql
    • EPSS Score: %1.33
    • Published: Sep. 17, 2009
    • Modified: Apr. 09, 2025

  • 4.0

    MEDIUM
    CVE-2008-2611

    Unspecified vulnerability in the Core RDBMS component in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.6 has unknown impact and remote authenticated attack vectors.... Read more

    • EPSS Score: %0.87
    • Published: Jul. 15, 2008
    • Modified: Apr. 09, 2025

  • 4.0

    MEDIUM
    CVE-2011-0418

    The glob implementation in Pure-FTPd before 1.0.32, and in libc in NetBSD 5.1, does not properly expand expressions containing curly brackets, which allows remote authenticated users to cause a denial of service (memory consumption) via a crafted FTP STAT... Read more

    Affected Products : pure-ftpd netbsd
    • EPSS Score: %14.23
    • Published: May. 24, 2011
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2010-3677

    Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a join query that uses a table with a unique SET column.... Read more

    Affected Products : mysql mysql
    • EPSS Score: %1.01
    • Published: Jan. 11, 2011
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2016-9338

    An issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 controller 1763-L16AWA, Series A and B, Version 14.000 and prior versions; 1763-L16BBB, Series A and B, Version 14.000 and prior versions; 1763-L16BWA, Series A and B, Version 14... Read more

    • EPSS Score: %0.04
    • Published: Feb. 13, 2017
    • Modified: Apr. 20, 2025

  • 4.0

    MEDIUM
    CVE-2015-0174

    The SNMP implementation in IBM WebSphere Application Server (WAS) 8.5 before 8.5.5.5 does not properly handle configuration data, which allows remote authenticated users to obtain sensitive information via unspecified vectors.... Read more

    Affected Products : websphere_application_server
    • EPSS Score: %0.27
    • Published: Apr. 27, 2015
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2014-4291

    Unspecified vulnerability in the JPublisher component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2014-4... Read more

    Affected Products : database_server
    • EPSS Score: %0.17
    • Published: Oct. 15, 2014
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2013-6737

    IBM System Storage Storwize V7000 Unified 1.3.x and 1.4.x before 1.4.3.0 does not properly restrict the content of a dump file upon encountering a 1691 hardware fault, which allows remote authenticated users to obtain sensitive customer-data fragments by ... Read more

    • EPSS Score: %0.29
    • Published: Jun. 21, 2014
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2010-4755

    The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5.8 and earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, OpenBSD 4.7, and other products, allow remote authenticated users to cause a denial of service... Read more

    Affected Products : openssh freebsd netbsd openbsd
    • EPSS Score: %0.55
    • Published: Mar. 02, 2011
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2012-5329

    Buffer overflow in TYPSoft FTP Server 1.1 allows remote authenticated users to cause a denial of service (application crash) via a long string in an APPE command.... Read more

    Affected Products : typsoft_ftp_server
    • EPSS Score: %5.92
    • Published: Oct. 08, 2012
    • Modified: Apr. 11, 2025

  • 4.0

    MEDIUM
    CVE-2019-3687

    The permission package in SUSE Linux Enterprise Server allowed all local users to run dumpcap in the "easy" permission profile and sniff network traffic. This issue affects: SUSE Linux Enterprise Server permissions versions starting from 85c83fef7e017f8ab... Read more

    Affected Products : linux_enterprise_server
    • EPSS Score: %0.08
    • Published: Jan. 24, 2020
    • Modified: Nov. 21, 2024

  • 4.0

    MEDIUM
    CVE-2020-2572

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Audit Plugin). Supported versions that are affected are 5.7.28 and prior and 8.0.18 and prior. Easily exploitable vulnerability allows high privileged attacker with network acce... Read more

    • EPSS Score: %0.32
    • Published: Jan. 15, 2020
    • Modified: Nov. 21, 2024

  • 4.0

    MEDIUM
    CVE-2020-15703

    There is no input validation on the Locale property in an apt transaction. An unprivileged user can supply a full path to a writable directory, which lets aptd read a file as root. Having a symlink in place results in an error message if the file exists, ... Read more

    Affected Products : aptdaemon
    • EPSS Score: %0.04
    • Published: Oct. 31, 2020
    • Modified: Nov. 21, 2024

  • 4.0

    MEDIUM
    CVE-2008-5009

    Race condition in the s_xout kernel module in Sun Solstice X.25 9.2, when running on a multiple CPU machine, allows local users to cause a denial of service (panic) via vectors involving reading the /dev/xty file.... Read more

    Affected Products : sunos solstice_x.25
    • EPSS Score: %0.04
    • Published: Nov. 10, 2008
    • Modified: Apr. 09, 2025

  • 4.0

    MEDIUM
    CVE-2016-0595

    Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier allows remote authenticated users to affect availability via vectors related to DML.... Read more

    • EPSS Score: %0.72
    • Published: Jan. 21, 2016
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2021-20286

    A flaw was found in libnbd 1.7.3. An assertion failure in nbd_unlocked_opt_go in ilb/opt.c may lead to denial of service.... Read more

    Affected Products : enterprise_linux libnbd
    • EPSS Score: %0.13
    • Published: Mar. 15, 2021
    • Modified: Nov. 21, 2024

  • 4.0

    MEDIUM
    CVE-2014-4238

    Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect availability via vectors related to SROPTZR.... Read more

    Affected Products : mysql
    • EPSS Score: %0.80
    • Published: Jul. 17, 2014
    • Modified: Apr. 12, 2025

  • 4.0

    MEDIUM
    CVE-2025-20960

    Improper handling of insufficient permission in CocktailBarService prior to SMR May-2025 Release 1 allows local attackers to use the privileged api.... Read more

    Affected Products : android
    • Published: May. 07, 2025
    • Modified: May. 21, 2025
    • Vuln Type: Authorization

  • 4.0

    MEDIUM
    CVE-2025-25194

    Lemmy, a link aggregator and forum for the fediverse, is vulnerable to server-side request forgery via a dependency on activitypub_federation, a framework for ActivityPub federation in Rust. This vulnerability, which is present in versions 0.6.2 and prior... Read more

    Affected Products : lemmy
    • Published: Feb. 10, 2025
    • Modified: Feb. 10, 2025
    • Vuln Type: Server-Side Request Forgery
Showing 20 of 291641 Results