Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2006-2071

    Linux kernel 2.4.x and 2.6.x up to 2.6.16 allows local users to bypass IPC permissions and modify a readonly attachment of shared memory by using mprotect to give write permission to the attachment. NOTE: some original raw sources combined this issue wit... Read more

    Affected Products : linux_kernel enterprise_linux
    • EPSS Score: %0.11
    • Published: Apr. 27, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2010-3850

    The ec_dev_ioctl function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2 does not require the CAP_NET_ADMIN capability, which allows local users to bypass intended access restrictions and configure econet addresses via an SIOCSIFADDR ioctl ... Read more

    • EPSS Score: %0.09
    • Published: Dec. 30, 2010
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2005-3181

    The audit system in Linux kernel 2.6.6, and other versions before 2.6.13.4, when CONFIG_AUDITSYSCALL is enabled, uses an incorrect function to free names_cache memory, which prevents the memory from being tracked by AUDITSYSCALL code and leads to a memory... Read more

    • EPSS Score: %0.15
    • Published: Oct. 12, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2010-1636

    The btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the btrfs functionality in the Linux kernel 2.6.29 through 2.6.32, and possibly other versions, does not ensure that a cloned file descriptor has been opened for reading, which allows local users to re... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.24
    • Published: Jun. 08, 2010
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2005-1764

    Linux 2.6.11 on 64-bit x86 (x86_64) platforms does not use a guard page for the 47-bit address page to protect against an AMD K8 bug, which allows local users to cause a denial of service.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.06
    • Published: Oct. 07, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-3137

    The (1) cfmailfilter and (2) cfcron.in files for cfengine 1.6.5 allow local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CVE-2005-2960.... Read more

    Affected Products : cfengine
    • EPSS Score: %0.07
    • Published: Oct. 05, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2012-4833

    fuser in IBM AIX 6.1 and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, does not properly restrict the -k option, which allows local users to kill arbitrary processes via a crafted command line.... Read more

    Affected Products : aix vios
    • EPSS Score: %0.05
    • Published: Oct. 01, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2015-7872

    The key_gc_unused_keys function in security/keys/gc.c in the Linux kernel through 4.2.6 allows local users to cause a denial of service (OOPS) via crafted keyctl commands.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.06
    • Published: Nov. 16, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2014-3638

    The bus_connections_check_reply function in config-parser.c in D-Bus before 1.6.24 and 1.8.x before 1.8.8 allows local users to cause a denial of service (CPU consumption) via a large number of method calls.... Read more

    Affected Products : dbus opensuse d-bus
    • EPSS Score: %0.10
    • Published: Sep. 22, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2005-1856

    The CD-burning feature in backup-manager 0.5.8 and earlier uses a fixed filename in a world-writable directory for logging, which allows local users to overwrite files via a symlink attack.... Read more

    Affected Products : backup_manager
    • EPSS Score: %0.08
    • Published: Aug. 30, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2012-3478

    rssh 2.3.3 and earlier allows local users to bypass intended restricted shell access via crafted environment variables in the command line.... Read more

    Affected Products : rssh
    • EPSS Score: %0.06
    • Published: Aug. 31, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2006-4031

    MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to access a table through a previously created MERGE table, even after the user's privileges are revoked for the original table, which might violate intended security policy.... Read more

    Affected Products : mysql mysql
    • EPSS Score: %0.26
    • Published: Aug. 09, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2014-9731

    The UDF filesystem implementation in the Linux kernel before 3.18.2 does not ensure that space is available for storing a symlink target's name along with a trailing \0 character, which allows local users to obtain sensitive information via a crafted file... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.06
    • Published: Aug. 31, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2012-5530

    The (1) pcmd and (2) pmlogger init scripts in Performance Co-Pilot (PCP) before 3.6.10 allow local users to overwrite arbitrary files via a symlink attack on a /var/tmp/##### temporary file.... Read more

    Affected Products : performance_co-pilot
    • EPSS Score: %0.14
    • Published: Nov. 29, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2006-2110

    Virtual Private Server (Vserver) 2.0.x before 2.0.2-rc18 and 2.1.x before 2.1.1-rc18 provides certain context capabilities (ccaps) that allow local guest users to perform operations that were only intended to be allowed by the guest-root.... Read more

    Affected Products : vserver
    • EPSS Score: %0.09
    • Published: May. 01, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-2104

    sysreport before 1.3.7 allows local users to obtain sensitive information via a symlink attack on a temporary directory.... Read more

    Affected Products : sysreport
    • EPSS Score: %0.07
    • Published: Oct. 07, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2014-4702

    The check_icmp plugin in Nagios Plugins before 2.0.2 allows local users to obtain sensitive information from INI configuration files via the extra-opts flag, a different vulnerability than CVE-2014-4701.... Read more

    Affected Products : nagios
    • EPSS Score: %0.11
    • Published: Dec. 05, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2014-6501

    Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality via vectors related to SSH.... Read more

    Affected Products : sunos solaris
    • EPSS Score: %0.06
    • Published: Oct. 15, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2005-4176

    AWARD Bios Modular 4.50pg does not clear the keyboard buffer after reading the BIOS password during system startup, which allows local administrators or users to read the password directly from physical memory.... Read more

    Affected Products : award_bios_modular
    • EPSS Score: %0.94
    • Published: Dec. 11, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0679

    The CVS 1.10.8 client trusts pathnames that are provided by the CVS server, which allows the server to force the client to create arbitrary files.... Read more

    Affected Products : cvs
    • EPSS Score: %0.38
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025
Showing 20 of 291926 Results