Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2006-2563

    The cURL library (libcurl) in PHP 4.4.2 and 5.1.4 allows attackers to bypass safe mode and read files via a file:// request containing null characters.... Read more

    Affected Products : php
    • EPSS Score: %0.24
    • Published: May. 29, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2011-4623

    Integer overflow in the rsCStrExtendBuf function in runtime/stringbuf.c in the imfile module in rsyslog 4.x before 4.6.6, 5.x before 5.7.4, and 6.x before 6.1.4 allows local users to cause a denial of service (daemon hang) via a large file, which triggers... Read more

    Affected Products : rsyslog
    • EPSS Score: %0.09
    • Published: Sep. 25, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2006-3458

    Zope 2.7.0 to 2.7.8, 2.8.0 to 2.8.7, and 2.9.0 to 2.9.3 (Zope2) does not disable the "raw" command when providing untrusted users with restructured text (reStructuredText) functionality from docutils, which allows local users to read arbitrary files.... Read more

    Affected Products : zope
    • EPSS Score: %0.10
    • Published: Jul. 07, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2010-3861

    The ethtool_get_rxnfc function in net/core/ethtool.c in the Linux kernel before 2.6.36 does not initialize a certain block of heap memory, which allows local users to obtain potentially sensitive information via an ETHTOOL_GRXCLSRLALL ethtool command with... Read more

    • EPSS Score: %0.05
    • Published: Dec. 10, 2010
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2000-0615

    LPRng 3.6.x improperly installs lpd as setuid root, which can allow local users to append lpd trace and logging messages to files.... Read more

    Affected Products : lprng
    • EPSS Score: %0.10
    • Published: Jul. 19, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-4380

    MySQL before 4.1.13 allows local users to cause a denial of service (persistent replication slave crash) via a query with multiupdate and subselects.... Read more

    Affected Products : mysql
    • EPSS Score: %0.07
    • Published: Aug. 28, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2013-4361

    The fbld instruction emulation in Xen 3.3.x through 4.3.x does not use the correct variable for the source effective address, which allows local HVM guests to obtain hypervisor stack information by reading the values used by the instruction.... Read more

    Affected Products : xen
    • EPSS Score: %0.11
    • Published: Oct. 01, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2006-6921

    Unspecified versions of the Linux kernel allow local users to cause a denial of service (unrecoverable zombie process) via a program with certain instructions that prevent init from properly reaping a child whose parent has died.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.06
    • Published: Jan. 12, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2008-3619

    Time Machine in Apple Mac OS X 10.5 through 10.5.4 uses weak permissions for Time Machine Backup log files, which allows local users to obtain sensitive information by reading these files.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • EPSS Score: %0.05
    • Published: Sep. 16, 2008
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2013-4463

    OpenStack Compute (Nova) Folsom, Grizzly, and Havana does not properly verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service (host file system disk consumption) via a compressed QCOW2 image. NOTE: this issue is d... Read more

    Affected Products : nova folsom grizzly havana
    • EPSS Score: %0.06
    • Published: Feb. 06, 2014
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2011-0710

    The task_show_regs function in arch/s390/kernel/traps.c in the Linux kernel before 2.6.38-rc4-next-20110216 on the s390 platform allows local users to obtain the values of the registers of an arbitrary process by reading a status file under /proc/.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.11
    • Published: Feb. 18, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2011-0685

    The Delete Private Data feature in Opera before 11.01 does not properly implement the "Clear all email account passwords" option, which might allow physically proximate attackers to access an e-mail account via an unattended workstation.... Read more

    Affected Products : opera_browser
    • EPSS Score: %0.07
    • Published: Jan. 31, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2008-7258

    The standardise function in Anibal Monsalve Salazar sSMTP 2.61 and 2.62 allows local users to cause a denial of service (application exit) via an e-mail message containing a long line that begins with a . (dot) character. NOTE: CVE disputes this issue be... Read more

    Affected Products : ssmtp
    • EPSS Score: %0.07
    • Published: Aug. 20, 2010
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2011-0016

    Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha does not properly manage key data in memory, which might allow local users to obtain sensitive information by leveraging the ability to read memory that was previously used by a different process.... Read more

    Affected Products : tor tor
    • EPSS Score: %0.06
    • Published: Jan. 19, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2013-2148

    The fill_event_metadata function in fs/notify/fanotify/fanotify_user.c in the Linux kernel through 3.9.4 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a read operation on th... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.08
    • Published: Jun. 07, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2013-4576

    GnuPG 1.x before 1.4.16 generates RSA keys using sequences of introductions with certain patterns that introduce a side channel, which allows physically proximate attackers to extract RSA keys via a chosen-ciphertext attack and acoustic cryptanalysis duri... Read more

    Affected Products : gnupg
    • EPSS Score: %0.11
    • Published: Dec. 20, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-1999-1496

    Sudo 1.5 in Debian Linux 2.1 and Red Hat 6.0 allows local users to determine the existence of arbitrary files by attempting to execute the target filename as a program, which generates a different error message when the file does not exist.... Read more

    Affected Products : debian_linux linux sudo
    • EPSS Score: %0.09
    • Published: Jun. 08, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0156

    VShell SSH gateway 1.0.1 and earlier has a default port forwarding rule of 0.0.0.0/0.0.0.0, which could allow local users to conduct arbitrary port forwarding to other systems.... Read more

    Affected Products : vshell
    • EPSS Score: %0.10
    • Published: Jun. 02, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-0957

    MajorCool mj_key_cache program allows local users to modify files via a symlink attack.... Read more

    Affected Products : majorcool
    • EPSS Score: %0.11
    • Published: Jun. 18, 1997
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-0417

    64 bit Solaris 7 procfs allows local users to perform a denial of service.... Read more

    Affected Products : solaris sunos
    • EPSS Score: %0.20
    • Published: Mar. 09, 1999
    • Modified: Apr. 03, 2025
Showing 20 of 291736 Results