Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-1999-1229

    Quake 2 server 3.13 on Linux does not properly check file permissions for the config.cfg configuration file, which allows local users to read arbitrary files via a symlink from config.cfg to the target file.... Read more

    Affected Products : quake_2_server
    • EPSS Score: %0.06
    • Published: Feb. 25, 1998
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-2127

    Integrity Protection Driver (IPD) 1.2 and earlier blocks access to \Device\PhysicalMemory by its name, which could allow local privileged processes to overwrite kernel memory by accessing the device through a symlink.... Read more

    Affected Products : integrity_protection_driver
    • EPSS Score: %0.08
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2008-0732

    The init script for Apache Geronimo on SUSE Linux follows symlinks when performing a chown operation, which might allow local users to obtain access to unspecified files or directories.... Read more

    Affected Products : suse_linux geronimo
    • EPSS Score: %0.05
    • Published: Feb. 12, 2008
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2004-0471

    BEA WebLogic Server and WebLogic Express 7.0 through SP5 and 8.1 through SP2 does not enforce site restrictions for starting and stopping servers for users in the Admin and Operator security roles, which allows unauthorized users to cause a denial of serv... Read more

    Affected Products : weblogic_server
    • EPSS Score: %0.06
    • Published: Jul. 07, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0219

    Vulnerability in Support Tools Manager (xstm,cstm,stm) in HP-UX 11.11 and earlier allows local users to cause a denial of service.... Read more

    Affected Products : hp-ux
    • EPSS Score: %0.10
    • Published: Mar. 26, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0274

    The Linux trustees kernel patch allows attackers to cause a denial of service by accessing a file or directory with a long name.... Read more

    Affected Products : linux_trustees
    • EPSS Score: %0.78
    • Published: Apr. 10, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0642

    Directory traversal vulnerability in IncrediMail version 1400185 and earlier allows local users to overwrite files on the local hard drive by appending .. (dot dot) sequences to filenames listed in the content.ini file.... Read more

    Affected Products : incredimail
    • EPSS Score: %0.12
    • Published: Sep. 20, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-3696

    filtnt.sys in Outpost Firewall Pro before 3.51.759.6511 (462) allows local users to cause a denial of service (crash) via long arguments to mshta.exe.... Read more

    Affected Products : outpost_firewall
    • EPSS Score: %0.30
    • Published: Jul. 21, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-2410

    Unknown vulnerability in sh_hash_compdata for Samhain 1.8.9 through 2.0.1 might allow attackers to cause a denial of service (null pointer dereference).... Read more

    Affected Products : samhain
    • EPSS Score: %0.07
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-2365

    Memory leak in Microsoft Windows XP and Windows Server 2003 allows local users to cause a denial of service (memory exhaustion) by repeatedly creating and deleting directories using a non-standard tool such as smbmount.... Read more

    Affected Products : windows_2003_server windows_xp
    • EPSS Score: %0.24
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-0172

    /dev/ipfilter on SGI IRIX 6.5 is installed by /dev/MAKEDEV with insecure default permissions (644), which could allow a local user to cause a denial of service (traffic disruption).... Read more

    Affected Products : irix
    • EPSS Score: %0.22
    • Published: May. 16, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-1449

    SunOS 4.1.4 on a Sparc 20 machine allows local users to cause a denial of service (kernel panic) by reading from the /dev/tcx0 TCX device.... Read more

    Affected Products : sunos
    • EPSS Score: %0.05
    • Published: May. 19, 1997
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-1520

    Xircom REX 6000 allows local users to obtain the 10 digit PIN by starting a serial monitor, connecting to the personal digital assistant (PDA) via Rextools, and capturing the cleartext PIN.... Read more

    Affected Products : xircom_rex_6000
    • EPSS Score: %0.15
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-1527

    easyNews 1.5 and earlier stores administration passwords in cleartext in settings.php, which allows local users to obtain the passwords and gain access.... Read more

    Affected Products : easynews
    • EPSS Score: %0.06
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2003-1265

    Netscape 7.0 and Mozilla 5.0 do not immediately delete messages in the trash folder when users select the 'Empty Trash' option, which could allow local users to access deleted messages.... Read more

    Affected Products : mozilla navigator
    • EPSS Score: %0.14
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2014-7835

    webservice/upload.php in Moodle 2.6.x before 2.6.6 and 2.7.x before 2.7.3 does not ensure that a file upload is for a private or draft area, which allows remote authenticated users to upload files containing JavaScript, and consequently conduct cross-site... Read more

    Affected Products : moodle
    • EPSS Score: %0.18
    • Published: Nov. 24, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2006-5204

    Cross-site scripting (XSS) vulnerability in action_admin/member.php in Invision Power Board (IPB) 2.1.7 and earlier allows remote authenticated users to inject arbitrary web script or HTML via a reference to a script in the avatar setting, which can be le... Read more

    Affected Products : invision_power_board
    • EPSS Score: %0.48
    • Published: Oct. 10, 2006
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2004-1346

    The Sun Solaris Volume Manager (SVM) on Solaris 9 allows local users to cause a denial of service (kernel panic) via a malformed probe request to the SVM.... Read more

    Affected Products : solaris
    • EPSS Score: %0.09
    • Published: Jun. 19, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-0690

    Gene6 FTP Server does not properly restrict access to the control console, which allows local users to modify the server configuration and gain privileges, as demonstrated by defining a SITE command.... Read more

    Affected Products : g6_ftp_server
    • EPSS Score: %0.09
    • Published: Mar. 07, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2013-3272

    EMC Replication Manager (RM) before 5.4.4 places encoded passwords in application log files, which makes it easier for local users to obtain sensitive information by reading a file and conducting an unspecified decoding attack.... Read more

    Affected Products : replication_manager
    • EPSS Score: %0.06
    • Published: Jul. 08, 2013
    • Modified: Apr. 11, 2025
Showing 20 of 291779 Results