Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2007-3379

    Unspecified vulnerability in the kernel in Red Hat Enterprise Linux (RHEL) 4 on the x86_64 platform allows local users to cause a denial of service (OOPS) via unspecified vectors related to the get_gate_vma function and the fuser command.... Read more

    Affected Products : enterprise_linux linux
    • EPSS Score: %0.06
    • Published: Sep. 17, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2013-2006

    OpenStack Identity (Keystone) Grizzly 2013.1.1, when DEBUG mode logging is enabled, logs the (1) admin_token and (2) LDAP password in plaintext, which allows local users to obtain sensitive by reading the log file.... Read more

    Affected Products : keystone
    • EPSS Score: %0.06
    • Published: May. 21, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2014-9585

    The vdso_addr function in arch/x86/vdso/vma.c in the Linux kernel through 3.18.2 does not properly choose memory locations for the vDSO area, which makes it easier for local users to bypass the ASLR protection mechanism by guessing a location at the end o... Read more

    • EPSS Score: %0.04
    • Published: Jan. 09, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2014-4460

    CFNetwork in Apple iOS before 8.1.1 and OS X before 10.10.1 does not properly clear the browsing cache upon a transition out of private-browsing mode, which makes it easier for physically proximate attackers to obtain sensitive information by reading cach... Read more

    Affected Products : mac_os_x iphone_os
    • EPSS Score: %0.07
    • Published: Nov. 18, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2007-5040

    Ghost Security Suite alpha 1.200 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via the (1) NtCreateKey,... Read more

    Affected Products : ghost_security_suite
    • EPSS Score: %0.06
    • Published: Sep. 24, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2014-4357

    Accounts Framework in Apple iOS before 8 and Apple TV before 7 allows attackers to obtain sensitive information by reading log data that was not intended to be present in a log.... Read more

    Affected Products : iphone_os tvos
    • EPSS Score: %0.08
    • Published: Sep. 18, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2012-0034

    The NonManagedConnectionFactory in JBoss Enterprise Application Platform (EAP) 5.1.2 and 5.2.0, Web Platform (EWP) 5.1.2 and 5.2.0, and BRMS Platform before 5.3.1 logs the username and password in cleartext when an exception is thrown, which allows local ... Read more

    • EPSS Score: %0.07
    • Published: Feb. 05, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2001-0406

    Samba before 2.2.0 allows local attackers to overwrite arbitrary files via a symlink attack using (1) a printer queue query, (2) the more command in smbclient, or (3) the mput command in smbclient.... Read more

    Affected Products : samba
    • EPSS Score: %0.30
    • Published: Jul. 02, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0568

    Digital Creations Zope 2.3.1 b1 and earlier allows a local attacker (Zope user) with through-the-web scripting capabilities to alter ZClasses class attributes.... Read more

    Affected Products : zope
    • EPSS Score: %0.11
    • Published: Aug. 22, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-1267

    Directory traversal vulnerability in GNU tar 1.13.19 and earlier allows local users to overwrite arbitrary files during archive extraction via a tar file whose filenames contain a .. (dot dot).... Read more

    Affected Products : tar
    • EPSS Score: %0.12
    • Published: Jul. 12, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2015-4910

    Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Memcached.... Read more

    Affected Products : enterprise_linux mysql
    • EPSS Score: %0.51
    • Published: Oct. 22, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2016-0605

    Unspecified vulnerability in Oracle MySQL 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors.... Read more

    Affected Products : enterprise_linux leap mysql opensuse
    • EPSS Score: %0.69
    • Published: Jan. 21, 2016
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2013-2030

    keystone/middleware/auth_token.py in OpenStack Nova Folsom, Grizzly, and Havana uses an insecure temporary directory for storing signing certificates, which allows local users to spoof servers by pre-creating this directory, which is reused by Nova, as de... Read more

    Affected Products : compute folsom grizzly havana
    • EPSS Score: %0.04
    • Published: Dec. 27, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2002-0568

    Oracle 9i Application Server stores XSQL and SOAP configuration files insecurely, which allows local users to obtain sensitive information including usernames and passwords by requesting (1) XSQLConfig.xml or (2) soapConfig.xml through a virtual directory... Read more

    Affected Products : application_server oracle8i oracle9i
    • EPSS Score: %4.80
    • Published: Jul. 03, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0715

    Sendmail before 8.12.1, without the RestrictQueueRun option enabled, allows local users to obtain potentially sensitive information about the mail queue by setting debugging flags to enable debug mode.... Read more

    Affected Products : sendmail
    • EPSS Score: %0.09
    • Published: Oct. 30, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-1109

    securetar, as used in AMaViS shell script 0.2.1 and earlier, allows users to cause a denial of service (CPU consumption) via a malformed TAR file, possibly via an incorrect file size parameter.... Read more

    Affected Products : virus_scanner
    • EPSS Score: %0.07
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0816

    Linux tmpwatch --fuser option allows local users to execute arbitrary commands by creating files whose names contain shell metacharacters.... Read more

    Affected Products : linux
    • EPSS Score: %0.22
    • Published: Oct. 06, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-1672

    Webmin 0.92, when installed from an RPM, creates /var/webmin with insecure permissions (world readable), which could allow local users to read the root user's cookie-based authentication credentials and possibly hijack the root user's session using the cr... Read more

    Affected Products : webmin
    • EPSS Score: %0.06
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-2105

    Microsoft Windows XP allows local users to prevent the system from booting via a corrupt explorer.exe.manifest file.... Read more

    Affected Products : windows_xp
    • EPSS Score: %0.53
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-1876

    Microsoft Exchange 2000 allows remote authenticated attackers to cause a denial of service via a large number of rapid requests, which consumes all of the licenses that are granted to Exchange by IIS.... Read more

    Affected Products : exchange_server
    • EPSS Score: %0.82
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025
Showing 20 of 292522 Results