Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2006-3785

    Symantec pcAnywhere 12.5 obfuscates the passwords in a GUI textbox with asterisks but does not encrypt them in the associated .cif (aka caller or CallerID) file, which allows local users to obtain the passwords from the window using tools such as Nirsoft ... Read more

    Affected Products : pcanywhere
    • EPSS Score: %0.08
    • Published: Jul. 24, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-1827

    Sendmail 8.9.0 through 8.12.3 allows local users to cause a denial of service by obtaining an exclusive lock on the (1) alias, (2) map, (3) statistics, and (4) pid files.... Read more

    Affected Products : sendmail
    • EPSS Score: %0.41
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2007-3724

    The process scheduler in the Microsoft Windows XP kernel does not make use of the process statistics kept by the kernel, performs scheduling based on CPU billing gathered from periodic process sampling ticks, and gives preference to "interactive" processe... Read more

    Affected Products : windows_xp
    • EPSS Score: %0.26
    • Published: Jul. 12, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2010-2158

    Multiple cross-site scripting (XSS) vulnerabilities in the Storm module 5.x and 6.x before 6.x-1.33 for Drupal allow remote authenticated users, with certain module privileges, to inject arbitrary web script or HTML via the (1) fullname, (2) phone, or (3)... Read more

    Affected Products : drupal storm
    • EPSS Score: %0.16
    • Published: Jun. 07, 2010
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2015-4949

    IBM Tivoli Storage Manager for Databases: Data Protection for Microsoft SQL Server 7.1 before 7.1.2, Tivoli Storage Manager for Mail: Data Protection for Microsoft Exchange Server 7.1 before 7.1.2, and Tivoli Storage FlashCopy Manager 4.1 before 4.1.2 pla... Read more

    • EPSS Score: %0.06
    • Published: Aug. 23, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-1999-0473

    The rsync command before rsync 2.3.1 may inadvertently change the permissions of the client's working directory to the permissions of the directory being transferred.... Read more

    Affected Products : rsync
    • EPSS Score: %0.10
    • Published: Apr. 07, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-1348

    Linuxconf on Red Hat Linux 6.0 and earlier does not properly disable PAM-based access to the shutdown command, which could allow local users to cause a denial of service.... Read more

    Affected Products : linux
    • EPSS Score: %0.08
    • Published: Jun. 30, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-0377

    Gaim 0.57 stores sensitive information in world-readable and group-writable files in the /tmp directory, which allows local users to access MSN web email accounts of other users who run Gaim by reading authentication information from the files.... Read more

    Affected Products : gaim
    • EPSS Score: %0.12
    • Published: May. 29, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-1554

    /usr/sbin/Mail on SGI IRIX 3.3 and 3.3.1 does not properly set the group ID to the group ID of the user who started Mail, which allows local users to read the mail of other users.... Read more

    Affected Products : irix
    • EPSS Score: %0.90
    • Published: Oct. 31, 1990
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-0234

    NetScreen ScreenOS before 2.6.1 does not support a maximum number of concurrent sessions for a system, which allows an attacker on the trusted network to cause a denial of service (resource exhaustion) via a port scan to an external network, which consume... Read more

    Affected Products : netscreen_screenos
    • EPSS Score: %0.08
    • Published: May. 29, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-1617

    Willings WebCam and WebCam Lite 2.8 and earlier stores the password in memory in plaintext, which allows local users to gain sensitive information.... Read more

    Affected Products : webcam webcam_lite
    • EPSS Score: %0.06
    • Published: May. 16, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-0114

    vsdatant.sys in Zone Lab ZoneAlarm before 5.5.062.011, ZoneAlarm Wireless before 5.5.080.000, Check Point Integrity Client 4.x before 4.5.122.000 and 5.x before 5.1.556.166 do not properly verify that the ServerPortName argument to the NtConnectPort funct... Read more

    • EPSS Score: %0.06
    • Published: Feb. 11, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-0577

    Vulnerability in passwd for HP-UX 11.00 and 11.11 allows local users to corrupt the password file and cause a denial of service.... Read more

    Affected Products : hp-ux
    • EPSS Score: %0.10
    • Published: Jun. 18, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-0516

    Unspecified vulnerability in the kernel processing in Solaris 10 64 bit platform, when running in 64-bit mode, allows local users to cause a denial of service (system panic) via unknown attack vectors.... Read more

    Affected Products : solaris
    • EPSS Score: %0.06
    • Published: Feb. 02, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-0761

    bzip2 before 1.0.2 in FreeBSD 4.5 and earlier, OpenLinux 3.1 and 3.1.1, and possibly systems, uses the permissions of symbolic links instead of the actual files when creating an archive, which could cause the files to be extracted with less restrictive pe... Read more

    Affected Products : bzip2
    • EPSS Score: %0.16
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-3620

    The management interface for VMware ESX Server 2.0.x before 2.0.2 patch 1, 2.1.x before 2.1.3 patch 1, and 2.x before 2.5.3 patch 2 records passwords in cleartext in URLs that are stored in world-readable web server log files, which allows local users to ... Read more

    Affected Products : esx
    • EPSS Score: %0.11
    • Published: Dec. 31, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-4789

    resmgr in SUSE Linux 9.2 and 9.3, and possibly other distributions, does not properly enforce class-specific exclude rules in some situations, which allows local users to bypass intended access restrictions for USB devices that set their class ID at the i... Read more

    Affected Products : suse_linux
    • EPSS Score: %0.06
    • Published: Dec. 31, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-0421

    DelphiTurk FTP 1.0 stores usernames and passwords in the profile.dat file, which allows local users to gain privileges.... Read more

    Affected Products : delphiturk_ftp
    • EPSS Score: %0.15
    • Published: Apr. 27, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0417

    Kerberos 4 (aka krb4) allows local users to overwrite arbitrary files via a symlink attack on new ticket files.... Read more

    Affected Products : kerberos_5 kerberos
    • EPSS Score: %0.11
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-0355

    netstat in SGI IRIX before 6.5.12 allows local users to determine the existence of files on the system, even if the users do not have the appropriate permissions.... Read more

    Affected Products : irix
    • EPSS Score: %0.16
    • Published: May. 29, 2002
    • Modified: Apr. 03, 2025
Showing 20 of 291712 Results