Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-1999-1554

    /usr/sbin/Mail on SGI IRIX 3.3 and 3.3.1 does not properly set the group ID to the group ID of the user who started Mail, which allows local users to read the mail of other users.... Read more

    Affected Products : irix
    • EPSS Score: %0.90
    • Published: Oct. 31, 1990
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-1439

    gcc 2.7.2 allows local users to overwrite arbitrary files via a symlink attack on temporary .i, .s, or .o files.... Read more

    Affected Products : gcc
    • EPSS Score: %0.12
    • Published: Jan. 02, 1998
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-1314

    Vulnerability in union file system in FreeBSD 2.2 and earlier, and possibly other operating systems, allows local users to cause a denial of service (system reload) via a series of certain mount_union commands.... Read more

    Affected Products : freebsd
    • EPSS Score: %0.06
    • Published: May. 17, 1996
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-1102

    lpr on SunOS 4.1.1, BSD 4.3, A/UX 2.0.1, and other BSD-based operating systems allows local users to create or overwrite arbitrary files via a symlink attack that is triggered after invoking lpr 1000 times.... Read more

    Affected Products : sunos bsd irix a_ux
    • EPSS Score: %0.12
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-0377

    Gaim 0.57 stores sensitive information in world-readable and group-writable files in the /tmp directory, which allows local users to access MSN web email accounts of other users who run Gaim by reading authentication information from the files.... Read more

    Affected Products : gaim
    • EPSS Score: %0.12
    • Published: May. 29, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-1023

    Kerio Winroute Firewall before 6.0.9, ServerFirewall before 1.0.1, and MailServer before 6.0.5, when installed on Windows based systems, do not modify the ACLs for critical files, which allows local users with Power Users privileges to modify programs, in... Read more

    • EPSS Score: %0.06
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-1876

    Microsoft Exchange 2000 allows remote authenticated attackers to cause a denial of service via a large number of rapid requests, which consumes all of the licenses that are granted to Exchange by IIS.... Read more

    Affected Products : exchange_server
    • EPSS Score: %0.82
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-0893

    userOsa in SCO OpenServer allows local users to corrupt files via a symlink attack.... Read more

    Affected Products : openserver
    • EPSS Score: %0.20
    • Published: Oct. 11, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-1294

    Office Shortcut Bar (OSB) in Windows 3.51 enables backup and restore permissions, which are inherited by programs such as File Manager that are started from the Shortcut Bar, which could allow local users to read folders for which they do not have permiss... Read more

    Affected Products : windows_nt
    • EPSS Score: %0.64
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-1682

    JavaMail API, as used by Solstice Internet Mail Server POP3 2.0, does not properly validate the message number in the MimeMessage constructor in javax.mail.internet.InternetHeaders, which allows remote authenticated users to read other users' e-mail messa... Read more

    Affected Products : solstice_internet_mail_server
    • EPSS Score: %0.13
    • Published: May. 20, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2007-3724

    The process scheduler in the Microsoft Windows XP kernel does not make use of the process statistics kept by the kernel, performs scheduling based on CPU billing gathered from periodic process sampling ticks, and gives preference to "interactive" processe... Read more

    Affected Products : windows_xp
    • EPSS Score: %0.26
    • Published: Jul. 12, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2002-2039

    /bin/su in QNX realtime operating system (RTOS) 4.25 and 6.1.0 allows local users to obtain sensitive information from core dump files by sending the SIGSERV (invalid memory reference) signal.... Read more

    Affected Products : rtos
    • EPSS Score: %0.17
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2007-4931

    HP System Management Homepage (SMH) for Windows, when used in conjunction with HP Version Control Agent or Version Control Repository Manager, leaves old OpenSSL software active after an OpenSSL update, which has unknown impact and attack vectors, probabl... Read more

    Affected Products : system_management_homepage
    • EPSS Score: %0.17
    • Published: Sep. 18, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2002-0798

    Vulnerability in swinstall for HP-UX 11.00 and 11.11 allows local users to view obtain data views for files that cannot be directly read by the user, which reportedly can be used to cause a denial of service.... Read more

    Affected Products : hp-ux
    • EPSS Score: %0.25
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2003-0872

    Certain scripts in OpenServer before 5.0.6 allow local users to overwrite files and conduct other unauthorized activities via a symlink attack on temporary files.... Read more

    Affected Products : openserver
    • EPSS Score: %0.10
    • Published: Nov. 17, 2003
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-0761

    bzip2 before 1.0.2 in FreeBSD 4.5 and earlier, OpenLinux 3.1 and 3.1.1, and possibly systems, uses the permissions of symbolic links instead of the actual files when creating an archive, which could cause the files to be extracted with less restrictive pe... Read more

    Affected Products : bzip2
    • EPSS Score: %0.16
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-0421

    DelphiTurk FTP 1.0 stores usernames and passwords in the profile.dat file, which allows local users to gain privileges.... Read more

    Affected Products : delphiturk_ftp
    • EPSS Score: %0.15
    • Published: Apr. 27, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0368

    Classic Cisco IOS 9.1 and later allows attackers with access to the login prompt to obtain portions of the command history of previous users, which may allow the attacker to access sensitive data.... Read more

    Affected Products : ios
    • EPSS Score: %0.10
    • Published: Mar. 12, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-1667

    The virtual memory management system in FreeBSD 4.5-RELEASE and earlier does not properly check the existence of a VM object during page invalidation, which allows local users to cause a denial of service (crash) by calling msync on an unaccessed memory m... Read more

    Affected Products : freebsd
    • EPSS Score: %0.06
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-0473

    The rsync command before rsync 2.3.1 may inadvertently change the permissions of the client's working directory to the permissions of the directory being transferred.... Read more

    Affected Products : rsync
    • EPSS Score: %0.10
    • Published: Apr. 07, 1999
    • Modified: Apr. 03, 2025
Showing 20 of 291728 Results