Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2004-1335

    Memory leak in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (memory consumption) by repeatedly calling the ip_cmsg_send function.... Read more

    Affected Products : linux_kernel linux fedora_core
    • EPSS Score: %0.19
    • Published: Dec. 15, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-1765

    syscall in the Linux kernel 2.6.8.1 and 2.6.10 for the AMD64 platform, when running in 32-bit compatibility mode, allows local users to cause a denial of service (kernel hang) via crafted arguments.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.06
    • Published: May. 31, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-1333

    Integer overflow in the vc_resize function in the Linux kernel 2.4 and 2.6 before 2.6.10 allows local users to cause a denial of service (kernel crash) via a short new screen value, which leads to a buffer overflow.... Read more

    Affected Products : linux_kernel linux fedora_core
    • EPSS Score: %0.23
    • Published: Dec. 15, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2014-6160

    IBM WebSphere Service Registry and Repository (WSRR) 8.5 before 8.5.0.1, when Chrome and WebSEAL are used, does not properly process ServiceRegistryDashboard logout actions, which allows remote attackers to bypass intended access restrictions by leveragin... Read more

    • EPSS Score: %0.11
    • Published: Dec. 29, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2004-1377

    The (1) fixps (aka fixps.in) and (2) psmandup (aka psmandup.in) scripts in a2ps before 4.13 allow local users to overwrite arbitrary files via a symlink attack on temporary files.... Read more

    • EPSS Score: %0.07
    • Published: Dec. 27, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-1395

    Internet Message (IM) 141-18 and earlier uses predictable file and directory names, which allows local users to (1) obtain unauthorized directory permissions via a temporary directory used by impwagent, and (2) overwrite and create arbitrary files via imm... Read more

    Affected Products : internet_message
    • EPSS Score: %0.08
    • Published: Jan. 17, 2003
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2012-2669

    The main function in tools/hv/hv_kvp_daemon.c in hypervkvpd, as distributed in the Linux kernel before 3.4.5, does not validate the origin of Netlink messages, which allows local users to spoof Netlink communication via a crafted connector message.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.08
    • Published: Dec. 27, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2013-5186

    Power Management in Apple Mac OS X before 10.9 does not properly handle the interaction between locking and power assertions, which allows physically proximate attackers to obtain sensitive information by reading a screen that should have transitioned int... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.13
    • Published: Oct. 24, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2005-1410

    The tsearch2 module in PostgreSQL 7.4 through 8.0.x declares the (1) dex_init, (2) snb_en_init, (3) snb_ru_init, (4) spell_init, and (5) syn_init functions as "internal" even when they do not take an internal argument, which allows attackers to cause a de... Read more

    Affected Products : postgresql secure_linux
    • EPSS Score: %0.10
    • Published: May. 03, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-2800

    Memory leak in the seq_file implementation in the SCSI procfs interface (sg.c) in Linux kernel 2.6.13 and earlier allows local users to cause a denial of service (memory consumption) via certain repeated reads from the /proc/scsi/sg/devices file, which is... Read more

    Affected Products : linux_kernel enterprise_linux
    • EPSS Score: %0.16
    • Published: Sep. 06, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-0095

    dm-crypt in Linux kernel 2.6.15 and earlier does not clear a structure before it is freed, which leads to a memory disclosure that could allow local users to obtain sensitive information about a cryptographic key.... Read more

    Affected Products : linux_kernel enterprise_linux
    • EPSS Score: %0.13
    • Published: Jan. 06, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-0334

    xtell (xtelld) 1.91.1 and earlier, and 2.x before 2.7, allows local users to modify files via a symlink attack on the .xtell-log file.... Read more

    Affected Products : xtell
    • EPSS Score: %0.09
    • Published: Jun. 25, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-0118

    helvis 1.8h2_1 and earlier stores recovery files in world readable directories with world readable permissions, which allows local users to read the recovered files of other users.... Read more

    Affected Products : helvis
    • EPSS Score: %0.05
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2014-3639

    The dbus-daemon in D-Bus before 1.6.24 and 1.8.x before 1.8.8 does not properly close old connections, which allows local users to cause a denial of service (incomplete connection consumption and prevention of new connections) via a large number of incomp... Read more

    Affected Products : dbus opensuse d-bus
    • EPSS Score: %0.09
    • Published: Sep. 22, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2012-5483

    tools/sample_data.sh in OpenStack Keystone 2012.1.3, when access to Amazon Elastic Compute Cloud (Amazon EC2) is configured, uses world-readable permissions for /etc/keystone/ec2rc, which allows local users to obtain access to EC2 services by reading admi... Read more

    Affected Products : keystone
    • EPSS Score: %0.11
    • Published: Dec. 26, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2012-1586

    mount.cifs in cifs-utils 2.6 allows local users to determine the existence of arbitrary files or directories via the file path in the second argument, which reveals their existence in an error message.... Read more

    Affected Products : cifs-utils
    • EPSS Score: %0.51
    • Published: Aug. 27, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2004-0976

    Multiple scripts in the perl package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files.... Read more

    Affected Products : perl
    • EPSS Score: %0.08
    • Published: Feb. 09, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2014-0199

    The setup script in ovirt-engine-reports, as used in the Red Hat Enterprise Virtualization reports (rhevm-reports) package before 3.3.3, stores the reports database password in cleartext, which allows local users to obtain sensitive information by reading... Read more

    Affected Products : rhevm-reports
    • EPSS Score: %0.06
    • Published: May. 29, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2011-1886

    win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP3 does not properly validate the arguments to functions, which allows local users to read arbitrary data from kernel memory via a crafted application that triggers a NULL pointer dereference,... Read more

    Affected Products : windows_xp
    • EPSS Score: %0.36
    • Published: Jul. 13, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2009-4145

    nm-connection-editor in NetworkManager (NM) 0.7.x exports connection objects over D-Bus upon actions in the connection editor GUI, which allows local users to obtain sensitive information by reading D-Bus signals, as demonstrated by using dbus-monitor to ... Read more

    Affected Products : networkmanager
    • EPSS Score: %0.06
    • Published: Dec. 23, 2009
    • Modified: Apr. 09, 2025
Showing 20 of 291887 Results