Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2023-29383

    In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \n is in the block list), it is possible... Read more

    Affected Products : shadow
    • EPSS Score: %0.03
    • Published: Apr. 14, 2023
    • Modified: Feb. 06, 2025

  • 3.3

    LOW
    CVE-2015-7758

    Gummi 0.6.5 allows local users to write to arbitrary files via a symlink attack on a temporary dot file that uses the name of an existing file and a (1) .aux, (2) .log, (3) .out, (4) .pdf, or (5) .toc extension for the file name, as demonstrated by .thesi... Read more

    Affected Products : leap opensuse gummi
    • EPSS Score: %0.05
    • Published: Jan. 08, 2016
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2007-4462

    lib/Locale/Po4a/Po.pm in po4a before 0.32 allows local users to overwrite arbitrary files via a symlink attack on the gettextization.failed.po temporary file.... Read more

    Affected Products : po4a
    • EPSS Score: %0.07
    • Published: Aug. 21, 2007
    • Modified: Apr. 09, 2025

  • 3.3

    LOW
    CVE-2016-6349

    The machinectl command in oci-register-machine allows local users to list running containers and possibly obtain sensitive information by running that command.... Read more

    Affected Products : oci-register-machine
    • EPSS Score: %0.13
    • Published: Mar. 29, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2012-3581

    Symantec Messaging Gateway (SMG) before 10.0 allows remote attackers to obtain potentially sensitive information about component versions via unspecified vectors.... Read more

    Affected Products : messaging_gateway
    • EPSS Score: %0.15
    • Published: Aug. 29, 2012
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2012-4291

    The CIP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (memory consumption) via a malformed packet.... Read more

    • EPSS Score: %0.90
    • Published: Aug. 16, 2012
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2018-12218

    Unhandled exception in User Mode Driver in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 potential... Read more

    Affected Products : graphics_driver
    • EPSS Score: %0.05
    • Published: Mar. 14, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-20310

    In Telecomm, there is a possible disclosure of registered self managed phone accounts due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation... Read more

    Affected Products : android
    • EPSS Score: %0.01
    • Published: Aug. 12, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-3766

    A vulnerability, which was classified as problematic, has been found in slowlyo OwlAdmin up to 3.5.7. Affected by this issue is some unknown functionality of the file /admin-api/upload_image of the component Image File Upload. The manipulation of the argu... Read more

    Affected Products :
    • Published: Apr. 15, 2024
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-0988

    In getLaunchedFromUid and getLaunchedFromPackage of ActivityClientController.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local informatio... Read more

    Affected Products : android
    • EPSS Score: %0.01
    • Published: Dec. 15, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2013-3368

    bin/rt in Request Tracker (RT) 3.8.x before 3.8.17 and 4.0.x before 4.0.13 allows local users to overwrite arbitrary files via a symlink attack on a temporary file with predictable name.... Read more

    Affected Products : rt request_tracker
    • EPSS Score: %0.04
    • Published: Aug. 23, 2013
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2018-6559

    The Linux kernel, as used in Ubuntu 18.04 LTS and Ubuntu 18.10, allows local users to obtain names of files in which they would not normally be able to access via an overlayfs mount inside of a user namespace.... Read more

    Affected Products : linux_kernel ubuntu_linux
    • EPSS Score: %0.08
    • Published: Oct. 26, 2018
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2016-9348

    An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions prior to 3.6, NPort 5200 Series versions prior to 2.8, NPort 5400 Series versions prior to 3.11, NPort 5600 Series versions prior to 3.7, NPort 5100A Series ... Read more

    • EPSS Score: %0.14
    • Published: Feb. 13, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2016-5498

    Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows local users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2016-5499.... Read more

    Affected Products : database_server
    • EPSS Score: %0.11
    • Published: Oct. 25, 2016
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2019-2577

    Vulnerability in the Oracle Solaris component of Oracle Sun Systems Products Suite (subcomponent: File Locking Services). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infra... Read more

    Affected Products : solaris solaris
    • EPSS Score: %0.19
    • Published: Apr. 23, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2012-5564

    android-tools 4.1.1 in Android Debug Bridge (ADB) allows local users to overwrite arbitrary files via a symlink attack on /tmp/adb.log.... Read more

    • EPSS Score: %0.02
    • Published: Feb. 14, 2013
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2012-4288

    Integer overflow in the dissect_xtp_ecntl function in epan/dissectors/packet-xtp.c in the XTP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop or application... Read more

    Affected Products : wireshark sunos opensuse
    • EPSS Score: %0.97
    • Published: Aug. 16, 2012
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2016-3344

    The Secure Kernel Mode feature in Microsoft Windows 10 Gold and 1511 allows local users to obtain sensitive information via a crafted application, aka "Windows Secure Kernel Mode Information Disclosure Vulnerability."... Read more

    Affected Products : windows_10
    • EPSS Score: %0.68
    • Published: Sep. 14, 2016
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2014-2667

    Race condition in the _get_masked_mode function in Lib/os.py in Python 3.2 through 3.5, when exist_ok is set to true and multiple threads are used, might allow local users to bypass intended file permissions by leveraging a separate application vulnerabil... Read more

    Affected Products : python
    • EPSS Score: %0.05
    • Published: Nov. 16, 2014
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2016-3469

    Unspecified vulnerability in the Siebel Core - Server Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows local users to affect confidentiality via vectors related to Services.... Read more

    • EPSS Score: %0.12
    • Published: Jul. 21, 2016
    • Modified: Apr. 12, 2025
Showing 20 of 291293 Results