Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2004-1204

    FluxBox 0.9.10 and earlier versions allows local users to cause a denial of service (application crash) by calling Xman with a long -title value, possibly triggering a buffer overflow.... Read more

    Affected Products : fluxbot
    • EPSS Score: %0.06
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0741

    Cisco Hot Standby Routing Protocol (HSRP) allows local attackers to cause a denial of service by spoofing HSRP packets.... Read more

    Affected Products : hsrp
    • EPSS Score: %1.91
    • Published: Oct. 18, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2008-0216

    The ptsname function in FreeBSD 6.0 through 7.0-PRERELEASE does not properly verify that a certain portion of a device name is associated with a pty of a user who is calling the pt_chown function, which might allow local users to read data from the pty fr... Read more

    Affected Products : freebsd
    • EPSS Score: %0.07
    • Published: Jan. 16, 2008
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2002-0712

    Entrust Authority Security Manager (EASM) 6.0 does not properly require multiple master users to change the password of a master user, which could allow a master user to perform operations that require multiple authorizations.... Read more

    • EPSS Score: %0.25
    • Published: Feb. 03, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-0852

    Microsoft Windows XP SP1 allows local users to cause a denial of service (system crash) via an empty datagram to a raw IP over IP socket (IP protocol 4), as originally demonstrated using code in Python 2.3.... Read more

    Affected Products : windows_xp
    • EPSS Score: %0.16
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0387

    The makelev program in the golddig game from the FreeBSD ports collection allows local users to overwrite arbitrary files.... Read more

    Affected Products : golddig
    • EPSS Score: %0.11
    • Published: May. 09, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-1297

    cmdtool in OpenWindows 3.0 and XView 3.0 in SunOS 4.1.4 and earlier allows attackers with physical access to the system to display unechoed characters (such as those from password prompts) via the L2/AGAIN key.... Read more

    Affected Products : sunos
    • EPSS Score: %0.13
    • Published: Jul. 15, 1998
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-1927

    Aquonics File Manager 1.5 allows users with edit privileges to modify user accounts by editing the userlist.cgi file.... Read more

    Affected Products : aquonics_file_manager
    • EPSS Score: %0.07
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2012-6648

    gdm/guest-session-cleanup.sh in gdm-guest-session 0.24 and earlier, as used in Ubuntu Linux 10.04 LTS, 10.10, and 11.04, allows local users to delete arbitrary files via a space in the name of a file in /tmp. NOTE: this identifier was SPLIT from CVE-2012-... Read more

    Affected Products : ubuntu_linux gdm-guest-session
    • EPSS Score: %0.06
    • Published: May. 22, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2010-2242

    Red Hat libvirt 0.2.0 through 0.8.2 creates iptables rules with improper mappings of privileged source ports, which allows guest OS users to bypass intended access restrictions by leveraging IP address and source-port values, as demonstrated by copying an... Read more

    Affected Products : libvirt
    • EPSS Score: %0.08
    • Published: Aug. 19, 2010
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2004-1110

    The mtink status monitor before 1.0.5 for Epson printers allows local users to overwrite arbitrary files via a symlink attack on the epson temporary file.... Read more

    Affected Products : linux mtink
    • EPSS Score: %0.06
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-1033

    Fcron 2.0.1, 2.9.4, and possibly earlier versions leak file descriptors of open files, which allows local users to bypass access restrictions and read fcron.allow and fcron.deny via the EDITOR environment variable.... Read more

    Affected Products : linux fcron
    • EPSS Score: %0.07
    • Published: Mar. 01, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2012-3160

    Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows local users to affect confidentiality via unknown vectors related to Server Installation.... Read more

    • EPSS Score: %0.15
    • Published: Oct. 16, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2015-1319

    The Unity Settings Daemon before 14.04.0+14.04.20150825-0ubuntu2 and 15.04.x before 15.04.1+15.04.20150408-0ubuntu1.2 does not properly detect if the screen is locked, which allows physically proximate attackers to mount removable media while the screen i... Read more

    Affected Products : ubuntu_linux
    • EPSS Score: %0.06
    • Published: Sep. 17, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2010-2928

    The vCenter Tomcat Management Application in VMware vCenter Server 4.1 before Update 1 stores log-on credentials in a configuration file, which allows local users to gain privileges by reading this file.... Read more

    Affected Products : vcenter_server
    • EPSS Score: %0.06
    • Published: Feb. 16, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2024-50349

    Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When Git asks for credentials via a terminal prompt (i.e. without using any credential h... Read more

    Affected Products : git
    • Published: Jan. 14, 2025
    • Modified: Jan. 21, 2025
    • Vuln Type: Information Disclosure

  • 2.1

    LOW
    CVE-2009-4269

    The password hash generation algorithm in the BUILTIN authentication functionality for Apache Derby before 10.6.1.0 performs a transformation that reduces the size of the set of inputs to SHA-1, which produces a small search space that makes it easier for... Read more

    Affected Products : derby
    • EPSS Score: %0.78
    • Published: Aug. 16, 2010
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2013-5173

    The random-number generator in the kernel in Apple Mac OS X before 10.9 provides lengthy exclusive access for processing of large requests, which allows local users to cause a denial of service (temporary generator outage) via an application that requires... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.13
    • Published: Oct. 24, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2005-0396

    Desktop Communication Protocol (DCOP) daemon, aka dcopserver, in KDE before 3.4 allows local users to cause a denial of service (dcopserver consumption) by "stalling the DCOP authentication process."... Read more

    • EPSS Score: %0.08
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2014-3637

    D-Bus 1.3.0 through 1.6.x before 1.6.24 and 1.8.x before 1.8.8 does not properly close connections for processes that have terminated, which allows local users to cause a denial of service via a D-bus message containing a D-Bus connection file descriptor.... Read more

    Affected Products : dbus opensuse
    • EPSS Score: %0.07
    • Published: Sep. 22, 2014
    • Modified: Apr. 12, 2025
Showing 20 of 291737 Results