Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2015-3284

    pioctls in OpenAFS 1.6.x before 1.6.13 allows local users to read kernel memory via crafted commands.... Read more

    Affected Products : openafs
    • EPSS Score: %0.06
    • Published: Aug. 12, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2013-6436

    The lxcDomainGetMemoryParameters method in lxc/lxc_driver.c in libvirt 1.0.5 through 1.2.0 does not properly check the status of LXC guests when reading memory tunables, which allows local users to cause a denial of service (NULL pointer dereference and l... Read more

    Affected Products : libvirt
    • EPSS Score: %0.07
    • Published: Jan. 07, 2014
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2014-6551

    Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidentiality via vectors related to CLIENT:MYSQLADMIN.... Read more

    • EPSS Score: %0.16
    • Published: Oct. 15, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2014-0164

    openshift-origin-broker-util, as used in Red Hat OpenShift Enterprise 1.2.7 and 2.0.5, uses world-readable permissions for the mcollective client.cfg configuration file, which allows local users to obtain credentials and other sensitive information by rea... Read more

    Affected Products : openshift openshift
    • EPSS Score: %0.04
    • Published: May. 05, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2015-5864

    IOAudioFamily in Apple OS X before 10.11 allows local users to obtain sensitive kernel memory-layout information via unspecified vectors.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.10
    • Published: Oct. 09, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2024-42193

    HCL BigFix Web Reports' service communicates over HTTPS but exhibits a weakness in its handling of SSL certificate validation. This scenario presents a possibility of man-in-the-middle (MITM) attacks and data exposure as, if exploited, this vulnerability ... Read more

    Affected Products : bigfix_platform
    • Published: Apr. 15, 2025
    • Modified: Apr. 16, 2025
    • Vuln Type: Misconfiguration

  • 2.1

    LOW
    CVE-2012-3107

    Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than... Read more

    Affected Products : fusion_middleware
    • EPSS Score: %0.62
    • Published: Jul. 17, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2012-0948

    DistUpgrade/DistUpgradeMain.py in Update Manager, as used by Ubuntu 12.04 LTS, 11.10, and 11.04, uses weak permissions for (1) apt-clone_system_state.tar.gz and (2) system_state.tar.gz, which allows local users to obtain repository credentials.... Read more

    Affected Products : ubuntu_linux update-manager-core
    • EPSS Score: %0.05
    • Published: Jun. 07, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2012-4574

    Pulp in Red Hat CloudForms before 1.1 uses world-readable permissions for pulp.conf, which allows local users to read the administrative password by reading this file.... Read more

    • EPSS Score: %0.08
    • Published: Jan. 04, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2011-0279

    HP Multifunction Peripheral (MFP) Digital Sending Software (DSS) 4.91.00 does not properly configure authentication settings of managed devices within device templates, which allows attackers to access these devices via actions that were intended to requi... Read more

    • EPSS Score: %0.08
    • Published: Mar. 07, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2012-1923

    RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x store passwords in cleartext under adm_b_db\users\, which allows local users to obtain sensitive information by reading a database.... Read more

    Affected Products : helix_server helix_mobile_server
    • EPSS Score: %0.24
    • Published: Apr. 17, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2010-3735

    The "Query Compiler, Rewrite, Optimizer" component in IBM DB2 UDB 9.5 before FP6a allows remote authenticated users to cause a denial of service (CPU consumption) via a crafted query involving certain UNION ALL views, leading to an indefinitely large amou... Read more

    Affected Products : db2
    • EPSS Score: %0.41
    • Published: Oct. 05, 2010
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2012-5658

    rhc-chk.rb in Red Hat OpenShift Origin before 1.1, when -d (debug mode) is used, outputs the password and other sensitive information in cleartext, which allows context-dependent attackers to obtain sensitive information, as demonstrated by including log ... Read more

    Affected Products : openshift openshift_origin
    • EPSS Score: %0.06
    • Published: Feb. 24, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2012-5605

    Grinder in Red Hat CloudForms before 1.1 uses world-writable permissions for /var/lib/pulp/cache/grinder/, which allows local users to modify grinder cache files.... Read more

    • EPSS Score: %0.08
    • Published: Jan. 04, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2011-1828

    usb-creator-helper in usb-creator before 0.2.28.3 does not enforce intended PolicyKit restrictions, which allows local users to perform arbitrary unmount operations via the UnmountFile method in a dbus-send command.... Read more

    Affected Products : usb-creator
    • EPSS Score: %0.06
    • Published: May. 16, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2011-2286

    Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows remote authenticated users to affect availability, related to ZFS.... Read more

    Affected Products : solaris
    • EPSS Score: %0.36
    • Published: Oct. 18, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2012-5516

    Red Hat Enterprise Virtualization Manager (RHEV-M) before 3.1, when moving disks between storage domains, does not properly wipe-after-delete, which prevents disks from being securely deleted and might allow local users to obtain sensitive information via... Read more

    • EPSS Score: %0.07
    • Published: Jan. 04, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2013-2190

    The translate_hierarchy_event function in x11/clutter-device-manager-xi2.c in Clutter, when resuming the system, does not properly handle XIQueryDevice errors when a device has "disappeared," which causes the gnome-shell to crash and allows physically pro... Read more

    Affected Products : opensuse clutter
    • EPSS Score: %0.08
    • Published: Oct. 17, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2013-1764

    The Zypper (aka zypp) backend in PackageKit before 0.8.8 allows local users to downgrade packages via the "install updates" method.... Read more

    Affected Products : packagekit
    • EPSS Score: %0.06
    • Published: Apr. 16, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2013-1810

    Multiple cross-site scripting (XSS) vulnerabilities in core/summary_api.php in MantisBT 1.2.12 allow remote authenticated users with manager or administrator permissions to inject arbitrary web script or HTML via a (1) category name in the summary_print_b... Read more

    Affected Products : mantisbt
    • EPSS Score: %0.15
    • Published: May. 15, 2014
    • Modified: Apr. 12, 2025
Showing 20 of 291394 Results