Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2012-3203

    Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability, related to Gnome Display Manager GDM.... Read more

    Affected Products : sunos solaris
    • EPSS Score: %0.06
    • Published: Oct. 17, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2010-4171

    The staprun runtime tool in SystemTap 1.3 does not verify that a module to unload was previously loaded by SystemTap, which allows local users to cause a denial of service (unloading of arbitrary kernel modules).... Read more

    Affected Products : systemtap
    • EPSS Score: %0.06
    • Published: Dec. 07, 2010
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2010-3477

    The tcf_act_police_dump function in net/sched/act_police.c in the actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc4 does not properly initialize certain structure members, which allows local users to obtain... Read more

    Affected Products : linux_kernel ubuntu_linux debian_linux
    • EPSS Score: %0.08
    • Published: Sep. 21, 2010
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2006-1439

    NSSecureTextField in AppKit in Apple Mac OS X 10.4.6 does not re-enable secure event input under certain circumstances, which could allow other applications in the window session to monitor input characters and keyboard events.... Read more

    Affected Products : mac_os_x
    • EPSS Score: %0.08
    • Published: May. 12, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2010-2058

    setup.py in Prewikka 0.9.14 installs prewikka.conf with world-readable permissions, which allows local users to obtain the SQL database password.... Read more

    Affected Products : prewikka
    • EPSS Score: %0.05
    • Published: Jun. 07, 2010
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2005-2512

    Mail.app in Mac OS 10.4.2 and earlier, when printing or forwarding an HTML message, loads remote images even when the user's preferences state otherwise, which could result in a privacy leak.... Read more

    Affected Products : mac_os_x mail
    • EPSS Score: %0.06
    • Published: Aug. 19, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-3858

    IBM Informix Dynamic Server (IDS) before 9.40.xC8 and 10.00 before 10.00.xC4 stores passwords in plaintext in shared memory, which allows local users to obtain passwords by reading the memory (product defects 171893, 171894, 173772).... Read more

    Affected Products : informix_dynamic_server
    • EPSS Score: %0.07
    • Published: Aug. 08, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2013-6497

    clamscan in ClamAV before 0.98.5, when using -a option, allows remote attackers to cause a denial of service (crash) as demonstrated by the jwplayer.js file.... Read more

    Affected Products : clamav
    • EPSS Score: %0.45
    • Published: Dec. 01, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2010-0901

    Unspecified vulnerability in the Export component in Oracle Database Server 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, 11.1.0.7, and 11.2.0.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Select Any Dictionary.... Read more

    Affected Products : database_server
    • EPSS Score: %0.17
    • Published: Jul. 13, 2010
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2007-1856

    Vixie Cron before 4.1-r10 on Gentoo Linux is installed with insecure permissions, which allows local users to cause a denial of service (cron failure) by creating hard links, which results in a failed st_nlink check in database.c.... Read more

    Affected Products : linux vixie_cron
    • EPSS Score: %0.05
    • Published: Apr. 18, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2009-1173

    IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.3 uses weak permissions (777) for files associated with unspecified "interim fixes," which allows attackers to modify files that would not have been accessible if the intended 755 permissions were us... Read more

    Affected Products : websphere_application_server
    • EPSS Score: %0.05
    • Published: Mar. 31, 2009
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2007-2894

    The emulated floppy disk controller in Bochs 2.3 allows local users of the guest operating system to cause a denial of service (virtual machine crash) via unspecified vectors, resulting in a divide-by-zero error.... Read more

    Affected Products : bochs
    • EPSS Score: %0.11
    • Published: May. 30, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2009-0988

    Unspecified vulnerability in the Password Policy component in Oracle Database 11.1.0.6 allows remote authenticated users to affect confidentiality via unknown vectors.... Read more

    Affected Products : database_server database_11g
    • EPSS Score: %0.64
    • Published: Apr. 15, 2009
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2013-5872

    Unspecified vulnerability in Oracle Solaris 10 and 11.1 allows local users to affect availability via vectors related to Name Service Cache Daemon (NSCD).... Read more

    Affected Products : sunos solaris sunos
    • EPSS Score: %0.10
    • Published: Jan. 15, 2014
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2013-6480

    Libcloud 0.12.3 through 0.13.2 does not set the scrub_data parameter for the destroy DigitalOcean API, which allows local users to obtain sensitive information by leveraging a new VM.... Read more

    Affected Products : libcloud
    • EPSS Score: %0.56
    • Published: Jan. 07, 2014
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2007-6210

    zabbix_agentd 1.1.4 in ZABBIX before 1.4.3 runs "UserParameter" scripts with gid 0, which might allow local users to gain privileges.... Read more

    Affected Products : zabbix_agentd
    • EPSS Score: %0.18
    • Published: Dec. 04, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2005-2426

    FTPshell Server 3.38 allows remote authenticated users to cause a denial of service (application crash) by multiple connections and disconnections without using the QUIT command.... Read more

    Affected Products : ftpshell_server
    • EPSS Score: %1.11
    • Published: Aug. 03, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2011-4607

    PuTTY 0.59 through 0.61 does not clear sensitive process memory when managing user replies that occur during keyboard-interactive authentication, which might allow local users to read login passwords by obtaining access to the process' memory.... Read more

    Affected Products : putty putty
    • EPSS Score: %0.06
    • Published: Aug. 23, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2012-2669

    The main function in tools/hv/hv_kvp_daemon.c in hypervkvpd, as distributed in the Linux kernel before 3.4.5, does not validate the origin of Netlink messages, which allows local users to spoof Netlink communication via a crafted connector message.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.08
    • Published: Dec. 27, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2015-2661

    Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows local users to affect availability via unknown vectors related to Client.... Read more

    Affected Products : ubuntu_linux mysql
    • EPSS Score: %0.12
    • Published: Jul. 16, 2015
    • Modified: Apr. 12, 2025
Showing 20 of 291618 Results