Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2015-4981

    IBM General Parallel File System (GPFS) 3.5.x before 3.5.0.27 and 4.1.x before 4.1.1.2 and Spectrum Scale 4.1.1.x before 4.1.1.2 allow local users to obtain sensitive information from system memory via unspecified vectors.... Read more

    • EPSS Score: %0.06
    • Published: Oct. 26, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2004-1190

    SUSE Linux before 9.1 and SUSE Linux Enterprise Server before 9 do not properly check commands sent to CD devices that have been opened read-only, which could allow local users to conduct unauthorized write activities to modify the firmware of associated ... Read more

    Affected Products : enterprise_linux suse_linux
    • EPSS Score: %0.08
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2015-8025

    driver/subprocs.c in XScreenSaver before 5.34 does not properly perform an internal consistency check, which allows physically proximate attackers to bypass the lock screen by hot swapping monitors.... Read more

    Affected Products : ubuntu_linux xscreensaver
    • EPSS Score: %0.07
    • Published: Nov. 10, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2000-0461

    The undocumented semconfig system call in BSD freezes the state of semaphores, which allows local users to cause a denial of service of the semaphore system by using the semconfig call.... Read more

    Affected Products : freebsd netbsd
    • EPSS Score: %0.08
    • Published: May. 29, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-2851

    smb4k 0.4 and other versions before 0.6.3 allows local users to read sensitive files via a symlink attack on the (1) smb4k.tmp or (2) sudoers temporary files.... Read more

    Affected Products : smb4k
    • EPSS Score: %0.08
    • Published: Sep. 08, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2011-2176

    GNOME NetworkManager before 0.8.6 does not properly enforce the auth_admin element in PolicyKit, which allows local users to bypass intended wireless network sharing restrictions via unspecified vectors.... Read more

    Affected Products : networkmanager
    • EPSS Score: %0.05
    • Published: Sep. 02, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-1999-0106

    Finger redirection allows finger bombs.... Read more

    Affected Products :
    • EPSS Score: %0.17
    • Published: Mar. 01, 1997
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2008-5690

    The Kerberos credential renewal feature in Sun Solaris 8, 9, and 10, and OpenSolaris build snv_01 through snv_104, allows local users to cause a denial of service (authentication failure) via unspecified vectors related to incorrect cache file permissions... Read more

    Affected Products : solaris opensolaris
    • EPSS Score: %0.04
    • Published: Dec. 19, 2008
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2006-1526

    Buffer overflow in the X render (Xrender) extension in X.org X server 6.8.0 up to allows attackers to cause a denial of service (crash), as demonstrated by the (1) XRenderCompositeTriStrip and (2) XRenderCompositeTriFan requests in the rendertest from XCB... Read more

    Affected Products : x11r6
    • EPSS Score: %0.44
    • Published: May. 02, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2015-2157

    The (1) ssh2_load_userkey and (2) ssh2_save_userkey functions in PuTTY 0.51 through 0.63 do not properly wipe SSH-2 private keys from memory, which allows local users to obtain sensitive information by reading the memory.... Read more

    Affected Products : fedora debian_linux opensuse putty putty
    • EPSS Score: %0.27
    • Published: Mar. 27, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2011-3564

    Unspecified vulnerability in Oracle GlassFish Enterprise Server 2.1.1 allows local users to affect confidentiality via unknown vectors related to Administration.... Read more

    Affected Products : sun_glassfish_enterprise_server
    • EPSS Score: %0.06
    • Published: Jan. 18, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2005-0530

    Signedness error in the copy_from_read_buf function in n_tty.c for Linux kernel 2.6.10 and 2.6.11rc1 allows local users to read kernel memory via a negative argument.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.07
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2014-9419

    The __switch_to function in arch/x86/kernel/process_64.c in the Linux kernel through 3.18.1 does not ensure that Thread Local Storage (TLS) descriptors are loaded before proceeding with other steps, which makes it easier for local users to bypass the ASLR... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.06
    • Published: Dec. 26, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2013-0222

    The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string to the uniq command, which triggers a stack-based buffer overflow in the alloca function.... Read more

    Affected Products : enterprise_linux opensuse
    • EPSS Score: %0.14
    • Published: Nov. 23, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2015-5875

    Cross-site scripting (XSS) vulnerability in Notes in Apple OS X before 10.11 allows local users to inject arbitrary web script or HTML via crafted text.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.10
    • Published: Oct. 09, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2012-3866

    lib/puppet/defaults.rb in Puppet 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, uses 0644 permissions for last_run_report.yaml, which allows local users to obtain sensitive configuration information by leveraging access to the puppet master serv... Read more

    Affected Products : puppet_enterprise puppet puppet
    • EPSS Score: %0.05
    • Published: Aug. 06, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2015-7972

    The (1) libxl_set_memory_target function in tools/libxl/libxl.c and (2) libxl__build_post function in tools/libxl/libxl_dom.c in Xen 3.4.x through 4.6.x do not properly calculate the balloon size when using the populate-on-demand (PoD) system, which allow... Read more

    Affected Products : xen
    • EPSS Score: %0.09
    • Published: Oct. 30, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2004-0497

    Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, such as NFS exported files in kernel 2.4.... Read more

    • EPSS Score: %0.29
    • Published: Dec. 06, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2010-3297

    The eql_g_master_cfg function in drivers/net/eql.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an EQL_GETM... Read more

    • EPSS Score: %0.07
    • Published: Sep. 30, 2010
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2004-0969

    The groffer script in the Groff package 1.18 and later versions, as used in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.... Read more

    Affected Products : ubuntu_linux linux groff
    • EPSS Score: %0.12
    • Published: Feb. 09, 2005
    • Modified: Apr. 03, 2025
Showing 20 of 291401 Results