Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2001-1270

    Directory traversal vulnerability in the console version of PKZip (pkzipc) 4.00 and earlier allows attackers to overwrite arbitrary files during archive extraction with the -rec (recursive) option via a .. (dot dot) attack on the archived files.... Read more

    Affected Products : pkzip
    • EPSS Score: %0.14
    • Published: Jul. 12, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2014-2381

    Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 uses weak encryption, which allows local users to obtain sensitive information by reading a credential file.... Read more

    Affected Products : wonderware_information_server
    • EPSS Score: %0.03
    • Published: Aug. 28, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2005-4755

    BEA WebLogic Server and WebLogic Express 8.1 SP3 and earlier (1) stores the private key passphrase (CustomTrustKeyStorePassPhrase) in cleartext in nodemanager.config; or, during domain creation with the Configuration Wizard, renders an SSL private key pas... Read more

    Affected Products : weblogic_server
    • EPSS Score: %0.08
    • Published: Dec. 31, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-2321

    BEA WebLogic Server and Express 8.1 SP1 and earlier allows local users in the Operator role to obtain administrator passwords via MBean attributes, including (1) ServerStartMBean.Password and (2) NodeManagerMBean.CertificatePassword.... Read more

    Affected Products : weblogic_server
    • EPSS Score: %0.03
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-1137

    The permissions for the /dev/audio device on Solaris 2.2 and earlier, and SunOS 4.1.x, allow any local user to read from the device, which could be used by an attacker to monitor conversations happening near a machine that has a microphone.... Read more

    Affected Products : solaris sunos
    • EPSS Score: %0.08
    • Published: Oct. 01, 1993
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-5204

    Cross-site scripting (XSS) vulnerability in action_admin/member.php in Invision Power Board (IPB) 2.1.7 and earlier allows remote authenticated users to inject arbitrary web script or HTML via a reference to a script in the avatar setting, which can be le... Read more

    Affected Products : invision_power_board
    • EPSS Score: %0.48
    • Published: Oct. 10, 2006
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-1999-1297

    cmdtool in OpenWindows 3.0 and XView 3.0 in SunOS 4.1.4 and earlier allows attackers with physical access to the system to display unechoed characters (such as those from password prompts) via the L2/AGAIN key.... Read more

    Affected Products : sunos
    • EPSS Score: %0.13
    • Published: Jul. 15, 1998
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-0694

    Denial of service in AIX ptrace system call allows local users to crash the system.... Read more

    Affected Products : aix
    • EPSS Score: %0.06
    • Published: Aug. 11, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2007-1194

    Norman SandBox Analyzer does not use the proper range for Interrupt Descriptor Table (IDT) entries, which allows local users to determine that the local machine is an emulator, or a similar environment not based on a physical Intel processor, which allows... Read more

    Affected Products : norman_sandbox_analyzer
    • EPSS Score: %0.07
    • Published: Mar. 02, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2008-0216

    The ptsname function in FreeBSD 6.0 through 7.0-PRERELEASE does not properly verify that a certain portion of a device name is associated with a pty of a user who is calling the pt_chown function, which might allow local users to read data from the pty fr... Read more

    Affected Products : freebsd
    • EPSS Score: %0.07
    • Published: Jan. 16, 2008
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2012-3223

    Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 5.0.2, 5.0.5, 5.1.0, 5.2.0, 5.3.0 through 5.3.4, and 6.0.1 allows remote authenticated users to affect confidentiality, related to BASE.... Read more

    Affected Products : financial_services_software
    • EPSS Score: %0.22
    • Published: Oct. 17, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2007-6150

    The "internal state tracking" code for the random and urandom devices in FreeBSD 5.5, 6.1 through 6.3, and 7.0 beta 4 allows local users to obtain portions of previously-accessed random values, which could be leveraged to bypass protection mechanisms that... Read more

    Affected Products : freebsd
    • EPSS Score: %0.07
    • Published: Nov. 30, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2009-5100

    Pentaho BI Server 1.7.0.1062 and earlier does not set the autocomplete tag to off on web pages using a password field, which might allow physically proximate attackers to obtain the password.... Read more

    Affected Products : bi_server
    • EPSS Score: %0.08
    • Published: Sep. 13, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2016-3888

    internal/telephony/SMSDispatcher.java in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 allows physically proximate attackers to bypass the Factory Reset Protection protection mechanism, ... Read more

    Affected Products : android
    • EPSS Score: %0.02
    • Published: Sep. 11, 2016
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2000-0458

    The MSWordView application in IMP creates world-readable files in the /tmp directory, which allows other local users to read potentially sensitive information.... Read more

    Affected Products : imp
    • EPSS Score: %0.12
    • Published: Apr. 22, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2003-1295

    Unspecified vulnerability in xscreensaver 4.12, and possibly other versions, allows attackers to cause xscreensaver to crash via unspecified vectors "while verifying the user-password."... Read more

    Affected Products : enterprise_linux suse_linux
    • EPSS Score: %0.06
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-1285

    Linux 2.1.132 and earlier allows local users to cause a denial of service (resource exhaustion) by reading a large buffer from a random device (e.g. /dev/urandom), which cannot be interrupted until the read has completed.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.08
    • Published: Dec. 27, 1998
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2014-2466

    Unspecified vulnerability in the Oracle Agile PLM Framework component in Oracle Supply Chain Products Suite 9.3.3 allows remote authenticated users to affect confidentiality via unknown vectors related to Security.... Read more

    Affected Products : supply_chain_products_suite
    • EPSS Score: %0.17
    • Published: Apr. 16, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-1999-1271

    Macromedia Dreamweaver uses weak encryption to store FTP passwords, which could allow local users to easily decrypt the passwords of other users.... Read more

    Affected Products : dreamweaver
    • EPSS Score: %0.01
    • Published: Jun. 11, 1998
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-5483

    p1003_1b.c in FreeBSD 6.1 allows local users to cause an unspecified denial of service by setting a scheduler policy, which should only be settable by root.... Read more

    Affected Products : freebsd
    • EPSS Score: %0.25
    • Published: Oct. 24, 2006
    • Modified: Apr. 09, 2025
Showing 20 of 292316 Results