Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2014-3533

    dbus 1.3.0 before 1.6.22 and 1.8.x before 1.8.6 allows local users to cause a denial of service (disconnect) via a certain sequence of crafted messages that cause the dbus-daemon to forward a message containing an invalid file descriptor.... Read more

    Affected Products : debian_linux dbus opensuse mageia
    • EPSS Score: %0.08
    • Published: Jul. 19, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2014-3532

    dbus 1.3.0 before 1.6.22 and 1.8.x before 1.8.6, when running on Linux 2.6.37-rc4 or later, allows local users to cause a denial of service (system-bus disconnect of other services or applications) by sending a message containing a file descriptor, then e... Read more

    • EPSS Score: %0.12
    • Published: Jul. 19, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2015-3201

    Thermostat before 2.0.0 uses world-readable permissions for the web.xml configuration file, which allows local users to obtain user credentials by reading the file.... Read more

    Affected Products : thermostat
    • EPSS Score: %0.05
    • Published: Jun. 08, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2003-0079

    The DEC UDK processing feature in the hanterm (hanterm-xf) terminal emulator before 2.0.5 allows attackers to cause a denial of service via a certain character escape sequence that causes the terminal to enter a tight loop.... Read more

    Affected Products : hanterm-xf
    • EPSS Score: %0.08
    • Published: Mar. 03, 2003
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2014-3209

    The ldns-keygen tool in ldns 1.6.x uses the current umask to set the privileges of the private key, which might allow local users to obtain the private key by reading the file.... Read more

    Affected Products : ldns
    • EPSS Score: %0.15
    • Published: Nov. 16, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2014-2038

    The nfs_can_extend_write function in fs/nfs/write.c in the Linux kernel before 3.13.3 relies on a write delegation to extend a write operation without a certain up-to-date verification, which allows local users to obtain sensitive information from kernel ... Read more

    Affected Products : linux_kernel ubuntu_linux
    • EPSS Score: %0.05
    • Published: Feb. 28, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2001-1267

    Directory traversal vulnerability in GNU tar 1.13.19 and earlier allows local users to overwrite arbitrary files during archive extraction via a tar file whose filenames contain a .. (dot dot).... Read more

    Affected Products : tar
    • EPSS Score: %0.12
    • Published: Jul. 12, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-1268

    Directory traversal vulnerability in Info-ZIP UnZip 5.42 and earlier allows attackers to overwrite arbitrary files during archive extraction via a .. (dot dot) in an extracted filename.... Read more

    Affected Products : unzip
    • EPSS Score: %0.34
    • Published: Jul. 12, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-1269

    Info-ZIP UnZip 5.42 and earlier allows attackers to overwrite arbitrary files during archive extraction via filenames in the archive that begin with the '/' (slash) character.... Read more

    Affected Products : unzip
    • EPSS Score: %0.14
    • Published: Jul. 12, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-1400

    Unknown vulnerabilities in the UDP port allocation for Linux kernel before 2.2.19 could allow local users to cause a denial of service (deadlock).... Read more

    Affected Products : linux_kernel linux
    • EPSS Score: %0.06
    • Published: Apr. 17, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2014-0181

    The Netlink implementation in the Linux kernel through 3.14.1 does not provide a mechanism for authorizing socket operations based on the opener of a socket, which allows local users to bypass intended access restrictions and modify network configurations... Read more

    • EPSS Score: %0.03
    • Published: Apr. 27, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2002-0568

    Oracle 9i Application Server stores XSQL and SOAP configuration files insecurely, which allows local users to obtain sensitive information including usernames and passwords by requesting (1) XSQLConfig.xml or (2) soapConfig.xml through a virtual directory... Read more

    Affected Products : application_server oracle8i oracle9i
    • EPSS Score: %4.80
    • Published: Jul. 03, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2014-0979

    The start_authentication function in lightdm-gtk-greeter.c in LightDM GTK+ Greeter before 1.7.1 does not properly handle the return value from the lightdm_greeter_get_authentication_user function, which allows local users to cause a denial of service (NUL... Read more

    Affected Products : opensuse lightdm_gtk\+_greeter
    • EPSS Score: %0.08
    • Published: Jan. 23, 2014
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2014-1739

    The media_device_enum_entities function in drivers/media/media-device.c in the Linux kernel before 3.14.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory by leveraging /dev/media0 r... Read more

    • EPSS Score: %0.11
    • Published: Jun. 23, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2015-0777

    drivers/xen/usbback/usbback.c in linux-2.6.18-xen-3.4.0 (aka the Xen 3.4.x support patches for the Linux kernel 2.6.18), as used in the Linux kernel 2.6.x and 3.x in SUSE Linux distributions, allows guest OS users to obtain sensitive information from unin... Read more

    Affected Products : linux_kernel xen
    • EPSS Score: %0.13
    • Published: Apr. 05, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2002-0875

    Vulnerability in FAM 2.6.8, 2.6.6, and other versions allows unprivileged users to obtain the names of files whose access is restricted to the root group.... Read more

    Affected Products : enterprise_linux debian_linux irix fam
    • EPSS Score: %1.07
    • Published: Sep. 05, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2015-0418

    Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.26, 4.0.28, 4.1.36, and 4.2.28 allows local users to affect availability via unknown vectors related to Core, a different vulnerability than C... Read more

    Affected Products : debian_linux opensuse vm_virtualbox
    • EPSS Score: %0.07
    • Published: Jan. 21, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2014-1348

    Mail in Apple iOS before 7.1.2 advertises the availability of data protection for attachments but stores cleartext attachments under mobile/Library/Mail/, which makes it easier for physically proximate attackers to obtain sensitive information by mounting... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.08
    • Published: Jul. 01, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2014-3615

    The VGA emulator in QEMU allows local guest users to read host memory by setting the display to a high resolution.... Read more

    • EPSS Score: %0.09
    • Published: Nov. 01, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2012-4574

    Pulp in Red Hat CloudForms before 1.1 uses world-readable permissions for pulp.conf, which allows local users to read the administrative password by reading this file.... Read more

    • EPSS Score: %0.08
    • Published: Jan. 04, 2013
    • Modified: Apr. 11, 2025
Showing 20 of 291562 Results