Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2000-0879

    LPPlus programs dccsched, dcclpdser, dccbkst, dccshut, dcclpdshut, and dccbkstshut are installed setuid root and world executable, which allows arbitrary local users to start and stop various LPD services.... Read more

    Affected Products : lpplus
    • EPSS Score: %0.06
    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-1173

    Corel Word Perfect 8 for Linux creates a temporary working directory with world-writable permissions, which allows local users to (1) modify Word Perfect behavior by modifying files in the working directory, or (2) modify files of other users via a symlin... Read more

    Affected Products : wordperfect
    • EPSS Score: %0.14
    • Published: Dec. 18, 1998
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-0374

    Debian GNU/Linux cfengine package is susceptible to a symlink attack.... Read more

    Affected Products : debian_linux
    • EPSS Score: %0.12
    • Published: Feb. 16, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0361

    The PPP wvdial.lxdialog script in wvdial 1.4 and earlier creates a .config file with world readable permissions, which allows a local attacker in the dialout group to access login and password information.... Read more

    Affected Products : suse_linux
    • EPSS Score: %0.09
    • Published: Dec. 14, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-1968

    Com21 DOXport 1100 series cable modem running firmware 2.1.1.106, and possibly other versions before 2.1.1.108.003, downloads a DOCSIS configuration file from a TFTP server running on the internal network, which allows local users to modify configuration ... Read more

    Affected Products : doxport_1100
    • EPSS Score: %0.07
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0227

    The Linux 2.2.x kernel does not restrict the number of Unix domain sockets as defined by the wmem_max parameter, which allows local users to cause a denial of service by requesting a large number of sockets.... Read more

    Affected Products : linux_kernel linux
    • EPSS Score: %0.17
    • Published: Mar. 23, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-2180

    gen-index in GNATS 4.0, 4.1.0, and possibly earlier versions, when installed setuid, does not properly check files passed to the -o argument and opens the file with write access, which allows local users to overwrite arbitrary files.... Read more

    Affected Products : gnats
    • EPSS Score: %0.07
    • Published: Jul. 11, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-6744

    phpProfiles before 2.1.1 does not have an index.php or other index file in the (1) image_data, (2) graphics/comm, or (3) users read/write directories, which might allow remote attackers to list directory contents or have other unknown impacts.... Read more

    Affected Products : phpprofiles
    • EPSS Score: %0.10
    • Published: Dec. 26, 2006
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2005-1671

    The Logfile feature in Yahoo! Messenger 5.x through 6.0 can be activated by a YMSGR: URL and writes all output to a single ypager.log file, even when there are multiple users, and does not properly warn later users that the feature has been enabled, which... Read more

    Affected Products : messenger
    • EPSS Score: %0.03
    • Published: May. 19, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-2051

    The processor_web plugin for ModLogAn 0.5.0 through 0.7.11, when used with the splitby option, allows local users to overwrite arbitrary files via a symlink attack on files specified as hostnames in a log file.... Read more

    Affected Products : modlogan
    • EPSS Score: %0.15
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-4151

    The Wipe Free Space utility in PGP Desktop Home 8.0 and Desktop Professional 9.0.3 Build 2932 and earlier does not clear file slack space in the last cluster for the file, which allows local users to access the previous contents of the disk.... Read more

    Affected Products : desktop
    • EPSS Score: %0.10
    • Published: Dec. 10, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-6656

    Unspecified vulnerability in ptrace in NetBSD-current before 20061027, NetBSD 3.0 and 3.0.1 before 20061027, and NetBSD 2.x before 20061119 allows local users to read kernel memory and obtain sensitive information via certain manipulations of a PT_LWPINFO... Read more

    Affected Products : netbsd
    • EPSS Score: %0.06
    • Published: Dec. 20, 2006
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2002-1589

    Unknown vulnerability in Solaris 8, when the 0x02 bit (aka TEST, KMF_DEADBEEF, or deadbeef) is set in the kmem_flags kernel parameter, allows local users to cause a denial of service (system panic).... Read more

    Affected Products : solaris sunos
    • EPSS Score: %0.06
    • Published: Oct. 24, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-1939

    FlashFXP 1.4 prints FTP passwords in plaintext when there are transfers in the queue, which allows attackers to obtain FTP passwords of other users by editing the queue properties.... Read more

    Affected Products : flashfxp
    • EPSS Score: %0.08
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-1540

    shell-lock in Cactus Software Shell Lock uses weak encryption (trivial encoding) which allows attackers to easily decrypt and obtain the source code.... Read more

    Affected Products : shell-lock
    • EPSS Score: %0.07
    • Published: Oct. 04, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-1364

    Windows NT 4.0 allows local users to cause a denial of service (crash) via an illegal kernel mode address to the functions (1) GetThreadContext or (2) SetThreadContext.... Read more

    Affected Products : windows_nt
    • EPSS Score: %0.37
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2003-0175

    SGI IRIX before 6.5.21 allows local users to cause a denial of service (kernel panic) via a certain call to the PIOCSWATCH ioctl.... Read more

    Affected Products : irix
    • EPSS Score: %0.10
    • Published: Feb. 03, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-1499

    named in ISC BIND 4.9 and 8.1 allows local users to destroy files via a symlink attack on (1) named_dump.db when root kills the process with a SIGINT, or (2) named.stats when SIGIOT is used.... Read more

    Affected Products : bind
    • EPSS Score: %0.19
    • Published: Apr. 10, 1998
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-0837

    IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 has world-readable permissions for (1) /etc/neusecure.conf, (2) /opt/NeuSecure/etc/cms-3.0.236.buildconf, and (3) /opt/NeuSecure/bin/ns_archiver.log, which allows local users to read sensitive information suc... Read more

    Affected Products : netcool_neusecure
    • EPSS Score: %0.06
    • Published: Feb. 22, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-1774

    WEB-DAV Linux File System (davfs2) 0.2.3 does not properly enforce Unix permissions, which allows local users to write arbitrary files on a davfs2 mounted filesystem.... Read more

    Affected Products : davfs2
    • EPSS Score: %0.05
    • Published: May. 31, 2005
    • Modified: Apr. 03, 2025
Showing 20 of 291601 Results