Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2013-2546

    The report API in the crypto user configuration API in the Linux kernel through 3.8.2 uses an incorrect C library function for copying strings, which allows local users to obtain sensitive information from kernel stack memory by leveraging the CAP_NET_ADM... Read more

    Affected Products : linux_kernel enterprise_mrg
    • EPSS Score: %0.07
    • Published: Mar. 15, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2010-2226

    The xfs_swapext function in fs/xfs/xfs_dfrag.c in the Linux kernel before 2.6.35 does not properly check the file descriptors passed to the SWAPEXT ioctl, which allows local users to leverage write access and obtain read access by swapping one file into a... Read more

    • EPSS Score: %0.08
    • Published: Sep. 03, 2010
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2009-0014

    Folder Manager in Apple Mac OS X 10.5.6 uses insecure default permissions when recreating a Downloads folder after it has been deleted, which allows local users to bypass intended access restrictions and read the Downloads folder.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • EPSS Score: %0.05
    • Published: Feb. 13, 2009
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2010-0791

    The (1) ncpmount, (2) ncpumount, and (3) ncplogin programs in ncpfs 2.2.6 do not properly create lock files, which allows local users to cause a denial of service (application failure) via unspecified vectors that trigger the creation of a /etc/mtab~ file... Read more

    Affected Products : ncpfs
    • EPSS Score: %0.06
    • Published: Mar. 10, 2010
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2025-32698

    Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/logging/LogPager.Php. This issue affects MediaWiki: before 1.39.12, 1.42.6, 1.43.1.... Read more

    Affected Products : mediawiki
    • Published: Apr. 10, 2025
    • Modified: Apr. 11, 2025
    • Vuln Type: Information Disclosure

  • 2.1

    LOW
    CVE-2015-0077

    The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 do not properly initialize function bu... Read more

    • EPSS Score: %5.16
    • Published: Mar. 11, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2014-1445

    The wanxl_ioctl function in drivers/net/wan/wanxl.c in the Linux kernel before 3.11.7 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory via an ioctl call.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.04
    • Published: Jan. 18, 2014
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2014-5449

    Zarafa WebAccess 4.1 and WebApp uses world-readable permissions for the files in their tmp directory, which allows local users to obtain sensitive information by reading temporary session data.... Read more

    Affected Products : webapp webaccess
    • EPSS Score: %0.05
    • Published: Oct. 20, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2012-1768

    Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2012-... Read more

    Affected Products : fusion_middleware
    • EPSS Score: %0.64
    • Published: Jul. 17, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2015-7972

    The (1) libxl_set_memory_target function in tools/libxl/libxl.c and (2) libxl__build_post function in tools/libxl/libxl_dom.c in Xen 3.4.x through 4.6.x do not properly calculate the balloon size when using the populate-on-demand (PoD) system, which allow... Read more

    Affected Products : xen
    • EPSS Score: %0.09
    • Published: Oct. 30, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2006-1526

    Buffer overflow in the X render (Xrender) extension in X.org X server 6.8.0 up to allows attackers to cause a denial of service (crash), as demonstrated by the (1) XRenderCompositeTriStrip and (2) XRenderCompositeTriFan requests in the rendertest from XCB... Read more

    Affected Products : x11r6
    • EPSS Score: %0.44
    • Published: May. 02, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2014-9419

    The __switch_to function in arch/x86/kernel/process_64.c in the Linux kernel through 3.18.1 does not ensure that Thread Local Storage (TLS) descriptors are loaded before proceeding with other steps, which makes it easier for local users to bypass the ASLR... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.06
    • Published: Dec. 26, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2010-4346

    The install_special_mapping function in mm/mmap.c in the Linux kernel before 2.6.37-rc6 does not make an expected security_file_mmap function call, which allows local users to bypass intended mmap_min_addr restrictions and possibly conduct NULL pointer de... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.06
    • Published: Dec. 22, 2010
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2004-1030

    fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to gain sensitive information by calling fcronsighup with an arbitrary file, which reveals the contents of the file that can not be parsed in an error message.... Read more

    Affected Products : linux fcron
    • EPSS Score: %0.07
    • Published: Mar. 01, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2010-3298

    The hso_get_count function in drivers/net/usb/hso.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a TIOCGICO... Read more

    • EPSS Score: %0.07
    • Published: Sep. 30, 2010
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2015-2157

    The (1) ssh2_load_userkey and (2) ssh2_save_userkey functions in PuTTY 0.51 through 0.63 do not properly wipe SSH-2 private keys from memory, which allows local users to obtain sensitive information by reading the memory.... Read more

    Affected Products : fedora debian_linux opensuse putty putty
    • EPSS Score: %0.27
    • Published: Mar. 27, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2012-3737

    The Passcode Lock implementation in Apple iOS before 6 does not properly restrict photo viewing, which allows physically proximate attackers to view arbitrary stored photos by spoofing a time value.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.07
    • Published: Sep. 20, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2010-4341

    The pam_parse_in_data_v2 function in src/responder/pam/pamsrv_cmd.c in the PAM responder in SSSD 1.5.0, 1.4.x, and 1.3 allows local users to cause a denial of service (infinite loop, crash, and login prevention) via a crafted packet.... Read more

    Affected Products : sssd sssd
    • EPSS Score: %0.17
    • Published: Jan. 25, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2006-0369

    MySQL 5.0.18 allows local users with access to a VIEW to obtain sensitive information via the "SELECT * FROM information_schema.views;" query, which returns the query that created the VIEW. NOTE: this issue has been disputed by third parties, saying that... Read more

    Affected Products : mysql
    • EPSS Score: %0.12
    • Published: Jan. 22, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-1333

    Integer overflow in the vc_resize function in the Linux kernel 2.4 and 2.6 before 2.6.10 allows local users to cause a denial of service (kernel crash) via a short new screen value, which leads to a buffer overflow.... Read more

    Affected Products : linux_kernel linux fedora_core
    • EPSS Score: %0.23
    • Published: Dec. 15, 2004
    • Modified: Apr. 03, 2025
Showing 20 of 291782 Results