Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2012-3457

    PNP4Nagios 0.6 through 0.6.16 uses world-readable permissions for process_perfdata.cfg, which allows local users to obtain the Gearman shared secret by reading the file.... Read more

    Affected Products : pnp4nagios
    • EPSS Score: %0.05
    • Published: Aug. 12, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2001-1551

    Linux kernel 2.2.19 enables CAP_SYS_RESOURCE for setuid processes, which allows local users to exceed disk quota restrictions during execution of setuid programs.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.08
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2007-1353

    The setsockopt function in the L2CAP and HCI Bluetooth support in the Linux kernel before 2.4.34.3 allows context-dependent attackers to read kernel memory and obtain sensitive information via unspecified vectors involving the copy_from_user function acce... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.08
    • Published: Apr. 24, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2013-1786

    Cross-site scripting (XSS) vulnerability in the 3 slide gallery in the Company theme before 7.x-1.4 for Drupal allows remote authenticated users with the administer themes permission to inject arbitrary web script or HTML via unspecified vectors.... Read more

    Affected Products : drupal company
    • EPSS Score: %0.23
    • Published: Mar. 27, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2002-0040

    Vulnerability in SGI IRIX 6.5.11 through 6.5.15f allows local users to cause privileged applications to dump core via the HOSTALIASES environment variable, which might allow the users to gain privileges.... Read more

    Affected Products : irix
    • EPSS Score: %0.06
    • Published: Mar. 28, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2007-3024

    libclamav/others.c in ClamAV before 0.90.3 and 0.91 before 0.91rc1 uses insecure permissions for temporary files that are created by the cli_gentempstream function in clamd/clamdscan, which might allow local users to read sensitive files.... Read more

    Affected Products : clamav clamav
    • EPSS Score: %0.06
    • Published: Jun. 07, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2007-0751

    A cleanup script in crontabs in Apple Mac OS X 10.3.9 and 10.4.9 might delete filesystems that have been mounted in /tmp, which might allow local users to cause a denial of service, related to the find command.... Read more

    Affected Products : mac_os_x mac_os_x_server mac_os_x
    • EPSS Score: %0.07
    • Published: May. 24, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2005-1762

    The ptrace call in the Linux kernel 2.6.8.1 and 2.6.10 for the AMD64 platform allows local users to cause a denial of service (kernel crash) via a "non-canonical" address.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.06
    • Published: Aug. 02, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-1503

    The finger daemon (in.fingerd) in Sun Solaris 2.5 through 8 and SunOS 5.5 through 5.8 allows remote attackers to list all accounts on a host by typing finger 'a b c d e f g h'@host.... Read more

    Affected Products : solaris sunos
    • EPSS Score: %0.22
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2013-2047

    The login page (aka index.php) in ownCloud before 5.0.6 does not disable the autocomplete setting for the password parameter, which makes it easier for physically proximate attackers to guess the password.... Read more

    Affected Products : owncloud owncloud_server
    • EPSS Score: %0.06
    • Published: Mar. 14, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2007-1448

    The Tape Engine in CA (formerly Computer Associates) BrightStor ARCserve Backup 11.5 and earlier allows remote attackers to cause a denial of service (disabled interface) by calling an unspecified RPC function.... Read more

    • EPSS Score: %1.35
    • Published: Mar. 16, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2005-2097

    xpdf and kpdf do not properly validate the "loca" table in PDF files, which allows local users to cause a denial of service (disk consumption and hang) via a PDF file with a "broken" loca table, which causes a large temporary file to be created when xpdf ... Read more

    Affected Products : xpdf kpdf
    • EPSS Score: %0.07
    • Published: Aug. 16, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2008-0993

    Podcast Capture in Podcast Producer for Apple Mac OS X 10.5.2 invokes a subtask with passwords in command line arguments, which allows local users to read the passwords via process listings.... Read more

    • EPSS Score: %0.07
    • Published: Mar. 18, 2008
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2009-1972

    Unspecified vulnerability in the Auditing component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote authenticated users to affect integrity, related to DBMS_SYS_SQL and DBMS_SQL.... Read more

    Affected Products : database_server
    • EPSS Score: %0.44
    • Published: Oct. 22, 2009
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2025-2574

    Out-of-bounds array write in Xpdf 4.05 and earlier, due to incorrect integer overflow checking in the PostScript function interpreter code.... Read more

    Affected Products : xpdf
    • Published: Mar. 20, 2025
    • Modified: Mar. 20, 2025
    • Vuln Type: Memory Corruption

  • 2.1

    LOW
    CVE-2011-3149

    The _expand_arg function in the pam_env module (modules/pam_env/pam_env.c) in Linux-PAM (aka pam) before 1.1.5 does not properly handle when environment variable expansion can overflow, which allows local users to cause a denial of service (CPU consumptio... Read more

    Affected Products : linux-pam linux-pam
    • EPSS Score: %0.06
    • Published: Jul. 22, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2010-0884

    Unspecified vulnerability in the Sun Cluster component in Oracle Sun Product Suite 3.1 and 3.2 allows local users to affect confidentiality via unknown vectors related to Data Service for Oracle E-Business Suite, a different vulnerability than CVE-2010-08... Read more

    Affected Products : sun_products_suite
    • EPSS Score: %0.25
    • Published: Apr. 13, 2010
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2010-2955

    The cfg80211_wext_giwessid function in net/wireless/wext-compat.c in the Linux kernel before 2.6.36-rc3-next-20100831 does not properly initialize certain structure members, which allows local users to leverage an off-by-one error in the ioctl_standard_iw... Read more

    • EPSS Score: %0.09
    • Published: Sep. 08, 2010
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2005-0400

    The ext2_make_empty function call in the Linux kernel before 2.6.11.6 does not properly initialize memory when creating a block for a new directory entry, which allows local users to obtain potentially sensitive information by reading the block.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.09
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-0342

    The Finder in Mac OS X and earlier allows local users to overwrite arbitrary files and gain privileges by creating a hard link from the .DS_Store file to an arbitrary file.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • EPSS Score: %0.20
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025
Showing 20 of 291712 Results