Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2001-1302

    The change password option in the Windows Security interface for Windows 2000 allows attackers to use the option to attempt to change passwords of other users on other systems or identify valid accounts by monitoring error messages, possibly due to a prob... Read more

    Affected Products : windows_2000
    • EPSS Score: %0.72
    • Published: Jul. 18, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2003-1437

    BEA WebLogic Express and WebLogic Server 7.0 and 7.0.0.1, stores passwords in plaintext when a keystore is used to store a private key or trust certificate authorities, which allows local users to gain access.... Read more

    • EPSS Score: %0.03
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0605

    Blackboard CourseInfo 4.0 stores the local and SQL administrator user names and passwords in cleartext in a registry key whose access control allows users to access the passwords.... Read more

    Affected Products : courseinfo
    • EPSS Score: %0.13
    • Published: Jul. 10, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0531

    Linux gpm program allows local users to cause a denial of service by flooding the /dev/gpmctl device with STREAM sockets.... Read more

    Affected Products : linux openlinux openlinux_eserver
    • EPSS Score: %0.18
    • Published: Nov. 23, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0462

    ftpd in NetBSD 1.4.2 does not properly parse entries in /etc/ftpchroot and does not chroot the specified users, which allows those users to access other files outside of their home directory.... Read more

    Affected Products : netbsd
    • EPSS Score: %0.14
    • Published: May. 28, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-1731

    The System Request menu in IBM AS/400 allows local users to list valid user accounts by viewing the object names that are type USRPRF.... Read more

    Affected Products : os_400
    • EPSS Score: %0.76
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0129

    Buffer overflow in the SHGetPathFromIDList function of the Serv-U FTP server allows attackers to cause a denial of service by performing a LIST command on a malformed .lnk file.... Read more

    Affected Products : windows_95 windows_98 windows_nt
    • EPSS Score: %0.12
    • Published: Feb. 04, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-1500

    Format string vulnerability in the Lithtech engine, as used in multiple games, allows remote authenticated users to cause a denial of service (application crash) via format string specifiers in (1) a nickname or (2) a message.... Read more

    • EPSS Score: %1.35
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-3331

    viewpatch in mgdiff 1.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files.... Read more

    Affected Products : mgdiff_patch_viewer
    • EPSS Score: %0.09
    • Published: Oct. 27, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-0446

    Local users can perform a denial of service in NetBSD 1.3.3 and earlier versions by creating an unusual symbolic link with the ln command, triggering a bug in VFS.... Read more

    Affected Products : netbsd
    • EPSS Score: %0.08
    • Published: Apr. 12, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-1446

    Internet Explorer 3 records a history of all URL's that are visited by a user in DAT files located in the Temporary Internet Files and History folders, which are not cleared when the user selects the "Clear History" option, and are not visible when the us... Read more

    Affected Products : internet_explorer
    • EPSS Score: %1.02
    • Published: Aug. 05, 1997
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2014-5398

    Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 allows remote attackers to read arbitrary files or cause a denial of service via an XML external entity declaration in conjunction with an entity reference, related to an XM... Read more

    Affected Products : wonderware_information_server
    • EPSS Score: %0.11
    • Published: Aug. 28, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2004-1360

    Unknown vulnerability in conv_fix in Sun Solaris 7 through 9, when invoked by conv_lpd, allows local users to overwrite arbitrary files.... Read more

    Affected Products : solaris sunos
    • EPSS Score: %0.24
    • Published: Feb. 27, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2010-1358

    Cross-site scripting (XSS) vulnerability in the Bibliography (Biblio) module 5.x through 5.x-1.17 and 6.x through 6.x-1.9 for Drupal allows remote authenticated users, with "administer biblio" privileges, to inject arbitrary web script or HTML via unspeci... Read more

    Affected Products : drupal bibliography
    • EPSS Score: %0.21
    • Published: Apr. 13, 2010
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2001-0409

    vim (aka gvim) allows local users to modify files being edited by other users via a symlink attack on the backup and swap files, when the victim is editing the file in a world writable directory.... Read more

    Affected Products : vim
    • EPSS Score: %0.16
    • Published: Jun. 18, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2003-1174

    Buffer overflow in NullSoft Shoutcast Server 1.9.2 allows local users to cause a denial of service via (1) icy-name followed by a long server name or (2) icy-url followed by a long URL.... Read more

    Affected Products : shoutcast_server
    • EPSS Score: %0.46
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-1276

    IglooFTP 0.6.1, when recursively uploading a directory, allows local users to overwrite the files that are being uploaded by creating temporary files with names generated by the tmpnam function, before the files are opened by IglooFTP.... Read more

    Affected Products : iglooftp
    • EPSS Score: %0.06
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-0422

    DelphiTurk CodeBank (aka KodBank) 3.1 and earlier stores usernames and passwords in the Codebank registry key, which allows local users to gain privileges.... Read more

    Affected Products : codebank
    • EPSS Score: %0.15
    • Published: Apr. 27, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-0451

    Denial of service in Linux 2.0.36 allows local users to prevent any server from listening on any non-privileged port.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.21
    • Published: Jan. 19, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-0790

    clchkspuser and clpasswdremote in AIX expose an encrypted password in the cspoc.log file, which could allow local users to gain privileges.... Read more

    Affected Products : aix
    • EPSS Score: %0.12
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025
Showing 20 of 291741 Results