Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2023-3044

    An excessively large PDF page size (found in fuzz testing, unlikely in normal PDF files) can result in a divide-by-zero in Xpdf's text extraction code. This is related to CVE-2022-30524, but the problem here is caused by a very large page size, rather... Read more

    Affected Products : xpdf
    • EPSS Score: %0.02
    • Published: Jun. 02, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2013-5164

    Multiple race conditions in the Phone app in Apple iOS before 7.0.3 allow physically proximate attackers to bypass the locked state, and dial the telephone numbers in arbitrary Contacts entries, by visiting the Contacts pane.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.05
    • Published: Oct. 24, 2013
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2017-5081

    Lack of verification of an extension's locale folder in Google Chrome prior to 59.0.3071.86 for Mac, Windows, and Linux, and 59.0.3071.92 for Android, allowed an attacker with local write access to modify extensions by modifying extension files.... Read more

    • EPSS Score: %0.02
    • Published: Oct. 27, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2009-3304

    GForge 4.5.14, 4.7 rc2, and 4.8.2 allows local users to overwrite arbitrary files via a symlink attack on authorized_keys files in users' home directories, related to deb-specific/ssh_dump_update.pl and cronjobs/cvs-cron/ssh_create.php.... Read more

    Affected Products : gforge
    • EPSS Score: %0.03
    • Published: Dec. 04, 2009
    • Modified: Apr. 09, 2025

  • 3.3

    LOW
    CVE-2010-2285

    The SMB PIPE dissector in Wireshark 0.8.20 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (NULL pointer dereference) via unknown vectors.... Read more

    Affected Products : wireshark
    • EPSS Score: %0.49
    • Published: Jun. 15, 2010
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2020-1736

    A flaw was found in Ansible Engine when a file is moved using atomic_move primitive as the file mode cannot be specified. This sets the destination files world-readable if the destination file does not exist and if the file exists, the file could be chang... Read more

    • EPSS Score: %0.04
    • Published: Mar. 16, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2010-0156

    Puppet 0.24.x before 0.24.9 and 0.25.x before 0.25.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/daemonout, (2) /tmp/puppetdoc.txt, (3) /tmp/puppetdoc.tex, or (4) /tmp/puppetdoc.aux temporary file.... Read more

    Affected Products : puppet
    • EPSS Score: %0.04
    • Published: Mar. 03, 2010
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2009-5080

    The (1) contrib/eqn2graph/eqn2graph.sh, (2) contrib/grap2graph/grap2graph.sh, and (3) contrib/pic2graph/pic2graph.sh scripts in GNU troff (aka groff) 1.21 and earlier do not properly handle certain failed attempts to create temporary directories, which mi... Read more

    Affected Products : groff
    • EPSS Score: %0.14
    • Published: Jun. 30, 2011
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2010-2794

    The SPICE (aka spice-xpi) plug-in 2.2 for Firefox allows local users to overwrite arbitrary files via a symlink attack on an unspecified log file.... Read more

    Affected Products : firefox spice-xpi
    • EPSS Score: %0.03
    • Published: Aug. 30, 2010
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2013-4477

    The LDAP backend in OpenStack Identity (Keystone) Grizzly and Havana, when removing a role on a tenant for a user who does not have that role, adds the role to the user, which allows local users to gain privileges.... Read more

    Affected Products : grizzly havana
    • EPSS Score: %0.06
    • Published: Nov. 02, 2013
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2014-2667

    Race condition in the _get_masked_mode function in Lib/os.py in Python 3.2 through 3.5, when exist_ok is set to true and multiple threads are used, might allow local users to bypass intended file permissions by leveraging a separate application vulnerabil... Read more

    Affected Products : python
    • EPSS Score: %0.05
    • Published: Nov. 16, 2014
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2021-20263

    A flaw was found in the virtio-fs shared file system daemon (virtiofsd) of QEMU. The new 'xattrmap' option may cause the 'security.capability' xattr in the guest to not drop on file write, potentially leading to a modified, privileged executable in the gu... Read more

    Affected Products : qemu
    • EPSS Score: %0.14
    • Published: Mar. 09, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-33981

    drivers/block/floppy.c in the Linux kernel before 5.17.6 is vulnerable to a denial of service, because of a concurrency use-after-free flaw after deallocating raw_cmd in the raw_cmd_ioctl function.... Read more

    Affected Products : linux_kernel debian_linux
    • EPSS Score: %0.02
    • Published: Jun. 18, 2022
    • Modified: May. 05, 2025

  • 3.3

    LOW
    CVE-2021-26309

    Information disclosure in the TeamCity plugin for IntelliJ before 2020.2.2.85899 was possible because a local temporary file had Insecure Permissions.... Read more

    Affected Products : teamcity
    • EPSS Score: %0.00
    • Published: May. 11, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2010-4337

    The configure script in gnash 0.8.8 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/gnash-configure-errors.$$, (2) /tmp/gnash-configure-warnings.$$, or (3) /tmp/gnash-configure-recommended.$$ files.... Read more

    Affected Products : gnash
    • EPSS Score: %0.03
    • Published: Jan. 14, 2011
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2017-3590

    Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/Python). Supported versions that are affected are 2.1.5 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with logon to the infrastructur... Read more

    • EPSS Score: %0.07
    • Published: Apr. 24, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2007-4129

    CoolKey 1.1.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files in the /tmp/.pk11ipc1/ directory.... Read more

    Affected Products : enterprise_linux coolkey
    • EPSS Score: %0.04
    • Published: Nov. 08, 2007
    • Modified: Apr. 09, 2025

  • 3.3

    LOW
    CVE-2016-0493

    Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect integrity and availability via unknown vectors related to Kernel Cryptography.... Read more

    Affected Products : solaris
    • EPSS Score: %0.09
    • Published: Jan. 21, 2016
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2011-1675

    mount in util-linux 2.19 and earlier attempts to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small RLIMIT_FSIZE ... Read more

    Affected Products : util-linux util-linux
    • EPSS Score: %0.03
    • Published: Apr. 10, 2011
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2001-0131

    htpasswd and htdigest in Apache 2.0a9, 1.3.14, and others allows local users to overwrite arbitrary files via a symlink attack.... Read more

    Affected Products : debian_linux http_server
    • EPSS Score: %0.13
    • Published: Mar. 12, 2001
    • Modified: Apr. 03, 2025
Showing 20 of 291712 Results