Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2001-1041

    oracle program in Oracle 8.0.x, 8.1.x and 9.0.1 allows local users to overwrite arbitrary files via a symlink attack on an Oracle log trace (.trc) file that is created in an alternate home directory identified by the ORACLE_HOME environment variable.... Read more

    Affected Products : database_server
    • EPSS Score: %0.29
    • Published: Aug. 31, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-0458

    L0phtcrack 2.5 used temporary files in the system TEMP directory which could contain password information.... Read more

    Affected Products : l0phtcrack
    • EPSS Score: %0.13
    • Published: Jan. 06, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-0110

    Nevrona Designs MiraMail 1.04 and earlier stores authentication information such as POP usernames and passwords in plaintext in a .ini file, which allows an attacker to gain privileges by reading the passwords from the file.... Read more

    Affected Products : miramail
    • EPSS Score: %0.20
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-1000

    rlmadmin RADIUS management utility in Merit AAA Server 3.8M, 5.01, and possibly other versions, allows local users to read arbitrary files via a symlink attack on the rlmadmin.help file.... Read more

    Affected Products : aaa_radius_server
    • EPSS Score: %0.17
    • Published: Sep. 07, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-1517

    RunAs (runas.exe) in Windows 2000 stores cleartext authentication information in memory, which could allow attackers to obtain usernames and passwords by executing a process that is allocated the same memory page after termination of a RunAs command. NOT... Read more

    Affected Products : windows_2000
    • EPSS Score: %2.27
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-1092

    msgchk in Digital UNIX 4.0G and earlier allows a local user to read the first line of arbitrary files via a symlink attack on the .mh_profile file.... Read more

    Affected Products : tru64
    • EPSS Score: %0.18
    • Published: Sep. 10, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0993

    sendmsg function in NetBSD 1.3 through 1.5 allows local users to cause a denial of service (kernel trap or panic) via a msghdr structure with a large msg_controllen length.... Read more

    Affected Products : netbsd
    • EPSS Score: %0.06
    • Published: Jul. 24, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-1795

    Info Touch Surfnet kiosk allows local users to access the underlying filesystem via a 'file://' URI.... Read more

    Affected Products : surfnet
    • EPSS Score: %0.06
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-6182

    The Gabriele Teotino GNotebook 0.7.0.1 gadget for Google Desktop stores Gmail passwords in plaintext in the %SYSTEMDRIVE%\temp\Gnotebook.txt log file, which allows local users to obtain passwords by reading the file.... Read more

    Affected Products : gnotebook
    • EPSS Score: %0.07
    • Published: Dec. 01, 2006
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-1999-0372

    The installer for BackOffice Server includes account names and passwords in a setup file (reboot.ini) which is not deleted.... Read more

    Affected Products : windows_2000 windows_nt backoffice
    • EPSS Score: %4.75
    • Published: Feb. 12, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-0129

    efax 0.9 and earlier, when installed setuid root, allows local users to read arbitrary files via the -d option, which prints the contents of the file in a warning message.... Read more

    Affected Products : efax
    • EPSS Score: %0.21
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-0480

    Local attackers can conduct a denial of service in Midnight Commander 4.x with a symlink attack.... Read more

    Affected Products : midnight_commander
    • EPSS Score: %0.08
    • Published: Apr. 01, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-6013

    Integer signedness error in the fw_ioctl (FW_IOCTL) function in the FireWire (IEEE-1394) drivers (dev/firewire/fwdev.c) in various BSD kernels, including DragonFlyBSD, FreeBSD 5.5, MidnightBSD 0.1-CURRENT before 20061115, NetBSD-current before 20061116, N... Read more

    • EPSS Score: %0.08
    • Published: Nov. 21, 2006
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-1999-0483

    OpenBSD crash using nlink value in FFS and EXT2FS filesystems.... Read more

    Affected Products : openbsd
    • EPSS Score: %0.08
    • Published: Feb. 25, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0744

    Horde IMP 2.2.4 and earlier allows local users to overwrite files via a symlink attack on a temporary file.... Read more

    Affected Products : imp
    • EPSS Score: %0.09
    • Published: Oct. 18, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-1387

    iptables-save in iptables before 1.2.4 records the "--reject-with icmp-host-prohibited" rule as "--reject-with tcp-reset," which causes iptables to generate different responses than specified by the administrator, possibly leading to an information leak.... Read more

    Affected Products : linux iptables
    • EPSS Score: %0.11
    • Published: Nov. 05, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-0137

    Unknown vulnerability in init for IRIX 6.5.20 through 6.5.24 allows local users to cause a denial of service (system panic) as a result of "page invalidation issues."... Read more

    Affected Products : irix
    • EPSS Score: %0.07
    • Published: Aug. 06, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0837

    DeltaThree Pc-To-Phone 3.0.3 places sensitive data in world-readable locations in the installation directory, which allows local users to read the information in (1) temp.html, (2) the log folder, and (3) the PhoneBook folder.... Read more

    Affected Products : pc-to-phone
    • EPSS Score: %0.07
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0832

    Vulnerability in Oracle 8.0.x through 9.0.1 on Unix allows local users to overwrite arbitrary files, possibly via a symlink attack or incorrect file permissions in (1) the ORACLE_HOME/rdbms/log directory or (2) an alternate directory as specified in the O... Read more

    Affected Products : database_server
    • EPSS Score: %0.24
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0890

    Certain backend drivers in the SANE library 1.0.3 and earlier, as used in frontend software such as XSane, allows local users to modify files via a symlink attack on temporary files.... Read more

    Affected Products : linux sane
    • EPSS Score: %0.09
    • Published: Dec. 11, 2001
    • Modified: Apr. 03, 2025
Showing 20 of 291741 Results