Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2004-0602

    The binary compatibility mode for FreeBSD 4.x and 5.x does not properly handle certain Linux system calls, which could allow local users to access kernel memory to gain privileges or cause a system panic.... Read more

    Affected Products : freebsd
    • EPSS Score: %0.06
    • Published: Dec. 06, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-2752

    An unspecified kernel interface in Mac OS X 10.4.2 and earlier does not properly clear memory before reusing it, which could allow attackers to obtain sensitive information, a different vulnerability than CVE-2005-1126 and CVE-2005-1406.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • EPSS Score: %0.09
    • Published: Nov. 01, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-0851

    The (1) write_list and (2) dump_curr_list functions in Net-Acct before 0.71 allows local users to overwrite arbitrary files via a symlink attack on temporary files.... Read more

    Affected Products : net-acct
    • EPSS Score: %0.07
    • Published: Sep. 08, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-1108

    qpkg in Gentoolkit 0.2.0_pre10 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary directory.... Read more

    Affected Products : linux
    • EPSS Score: %0.07
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-0970

    The (1) gzexe, (2) zdiff, and (3) znew scripts in the gzip package, as used by other packages such as ncompress, allows local users to overwrite files via a symlink attack on temporary files. NOTE: the znew vulnerability may overlap CVE-2003-0367.... Read more

    Affected Products : gzip
    • EPSS Score: %0.10
    • Published: Feb. 09, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-1081

    The Application Framework (AppKit) for Apple Mac OS X 10.2.8 and 10.3.6 does not properly restrict access to a secure text input field, which allows local users to read keyboard input from other applications within the same window session.... Read more

    • EPSS Score: %0.08
    • Published: Dec. 02, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-1087

    Terminal for Apple Mac OS X 10.3.6 may indicate that "Secure Keyboard Entry" is enabled even when it is not, which could result in a false sense of security for the user.... Read more

    • EPSS Score: %0.09
    • Published: Dec. 02, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-2100

    The rw_vm function in usercopy.c in the 4GB split patch for the Linux kernel in Red Hat Enterprise Linux 4 does not perform proper bounds checking, which allows local users to cause a denial of service (crash).... Read more

    • EPSS Score: %0.06
    • Published: Oct. 25, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-2036

    iOpus Secure Email Attachments (SEA), probably 1.0, does not properly handle passwords that consist of repetitions of a substring, which allows attackers to decrypt files by entering only the substring.... Read more

    Affected Products : secure_email_attachments
    • EPSS Score: %0.09
    • Published: Apr. 26, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2025-0883

    Improper Neutralization of Script in an Error Message Web Page vulnerability in OpenText™ Service Manager.  The vulnerability could reveal sensitive information retained by the browser. This issue affects Service Manager: 9.70, 9.71, 9.72, 9.80.... Read more

    Affected Products :
    • Published: Mar. 12, 2025
    • Modified: Mar. 12, 2025
    • Vuln Type: Information Disclosure

  • 2.1

    LOW
    CVE-2012-3214

    Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.7.0 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters.... Read more

    Affected Products : fusion_middleware
    • EPSS Score: %0.83
    • Published: Oct. 17, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2005-1166

    The DNTUS26 process in Dameware NT Utilities and the DWRCS process in MiniRemote Control 4.9 and earlier stores the username and password in cleartext in memory, which could allow attackers to obtain sensitive information.... Read more

    • EPSS Score: %0.08
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2012-4530

    The load_script function in fs/binfmt_script.c in the Linux kernel before 3.7.2 does not properly handle recursion, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.36
    • Published: Feb. 18, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2005-1270

    The (1) check_update.sh and (2) rkhunter script in Rootkit Hunter before 1.2.3-r1 create temporary files with predictable file names, which allows local users to overwrite arbitrary files via a symlink attack.... Read more

    Affected Products : rootkit_hunter
    • EPSS Score: %0.08
    • Published: Apr. 26, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2012-4539

    Xen 4.0 through 4.2, when running 32-bit x86 PV guests on 64-bit hypervisors, allows local guest OS administrators to cause a denial of service (infinite loop and hang or crash) via invalid arguments to GNTTABOP_get_status_frames, aka "Grant table hyperca... Read more

    Affected Products : xen
    • EPSS Score: %0.07
    • Published: Nov. 21, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-1999-0732

    The logging facility of the Debian smtp-refuser package allows local users to delete arbitrary files using symbolic links.... Read more

    Affected Products : debian_linux
    • EPSS Score: %0.14
    • Published: Aug. 19, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-0531

    The atm_get_addr function in addr.c for Linux kernel 2.6.10 and 2.6.11 before 2.6.11-rc4 may allow local users to trigger a buffer overflow via negative arguments.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.13
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-0365

    The dcopidlng script in KDE 3.2.x and 3.3.x creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack.... Read more

    Affected Products : enterprise_linux kde
    • EPSS Score: %0.07
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2013-4463

    OpenStack Compute (Nova) Folsom, Grizzly, and Havana does not properly verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service (host file system disk consumption) via a compressed QCOW2 image. NOTE: this issue is d... Read more

    Affected Products : nova folsom grizzly havana
    • EPSS Score: %0.06
    • Published: Feb. 06, 2014
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2011-1356

    IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.39 and 7.0 before 7.0.0.19 allows local users to obtain sensitive stack-trace information via a crafted Administration Console request.... Read more

    Affected Products : websphere_application_server
    • EPSS Score: %0.06
    • Published: Jul. 19, 2011
    • Modified: Apr. 11, 2025
Showing 20 of 292055 Results