Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2008-1877

    tss 0.8.1 allows local users to read arbitrary files via the -a parameter, which is processed while tss is running with privileges.... Read more

    Affected Products : tss
    • EPSS Score: %0.06
    • Published: Apr. 17, 2008
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2007-1366

    QEMU 0.8.2 allows local users to crash a virtual machine via the divisor operand to the aam instruction, as demonstrated by "aam 0x0," which triggers a divide-by-zero error.... Read more

    Affected Products : debian_linux qemu
    • EPSS Score: %0.09
    • Published: May. 02, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-1999-1205

    nettune in HP-UX 10.01 and 10.00 is installed setuid root, which allows local users to cause a denial of service by modifying critical networking configuration information.... Read more

    Affected Products : hp-ux
    • EPSS Score: %0.18
    • Published: Jun. 07, 1996
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-0464

    Local users can perform a denial of service in Tripwire 1.2 and earlier using long filenames.... Read more

    Affected Products : tripwire
    • EPSS Score: %0.08
    • Published: Jan. 04, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-1405

    HTTP response splitting vulnerability in the @SetHTTPHeader function in Lotus Domino 6.5.x before 6.5.4 and 6.0.x before 6.0.5 allows attackers to poison the web cache via malicious applications.... Read more

    Affected Products : lotus_notes
    • EPSS Score: %0.08
    • Published: May. 03, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2007-1353

    The setsockopt function in the L2CAP and HCI Bluetooth support in the Linux kernel before 2.4.34.3 allows context-dependent attackers to read kernel memory and obtain sensitive information via unspecified vectors involving the copy_from_user function acce... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.08
    • Published: Apr. 24, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2005-0899

    AS/400 running OS400 5.2 installs and enables LDAP by default, which allows remote authenticated users to obtain OS/400 user profiles by performing a search.... Read more

    Affected Products : os_400
    • EPSS Score: %0.09
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-2586

    Mentor ADSL-FR4II router running firmware 2.00.0111 stores the web administration password in cleartext in the backup configuration file, which allows local users to obtain sensitive information.... Read more

    Affected Products : adslfr4ii
    • EPSS Score: %0.07
    • Published: Aug. 16, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-0719

    Unknown vulnerability in the systems message queue in HP Tru64 Unix 4.0F PK8 through 5.1B-2/PK4 allows local users to cause a denial of service (process crash) for processes such as nfsstat, pfstat, arp, ogated, rarpd, route, sendmail, srconfig, strsetup,... Read more

    Affected Products : tru64
    • EPSS Score: %0.09
    • Published: Mar. 09, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0729

    FreeBSD 5.x, 4.x, and 3.x allows local users to cause a denial of service by executing a program with a malformed ELF image header.... Read more

    Affected Products : freebsd
    • EPSS Score: %0.06
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2013-2978

    Absolute path traversal vulnerability in the server in IBM Cognos Business Intelligence (BI) 8.4.1, 10.1, 10.1.1, 10.2, and 10.2.1 allows remote authenticated users to read files by leveraging the Report Author privilege, a different vulnerability than CV... Read more

    Affected Products : cognos_business_intelligence
    • EPSS Score: %0.26
    • Published: Aug. 27, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2008-0993

    Podcast Capture in Podcast Producer for Apple Mac OS X 10.5.2 invokes a subtask with passwords in command line arguments, which allows local users to read the passwords via process listings.... Read more

    • EPSS Score: %0.07
    • Published: Mar. 18, 2008
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2012-3457

    PNP4Nagios 0.6 through 0.6.16 uses world-readable permissions for process_perfdata.cfg, which allows local users to obtain the Gearman shared secret by reading the file.... Read more

    Affected Products : pnp4nagios
    • EPSS Score: %0.05
    • Published: Aug. 12, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2016-0592

    Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.3.36 and before 5.0.14 allows local users to affect availability via unknown vectors related to Core.... Read more

    Affected Products : debian_linux vm_virtualbox
    • EPSS Score: %0.09
    • Published: Jan. 21, 2016
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2009-1972

    Unspecified vulnerability in the Auditing component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote authenticated users to affect integrity, related to DBMS_SYS_SQL and DBMS_SQL.... Read more

    Affected Products : database_server
    • EPSS Score: %0.44
    • Published: Oct. 22, 2009
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2004-0181

    The JFS file system code in Linux 2.4.x has an information leak in which in-memory data is written to the device for the JFS file system, which allows local users to obtain sensitive information by reading the raw device.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.06
    • Published: Jun. 01, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2010-4474

    Unspecified vulnerability in the Java DB component in Oracle Java SE and Java for Business 6 Update 23, and, and earlier allows local users to affect confidentiality via unknown vectors related to Security, a similar vulnerability to CVE-2009-4269.... Read more

    Affected Products : jre jdk
    • EPSS Score: %0.06
    • Published: Feb. 17, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2025-32699

    Vulnerability in Wikimedia Foundation MediaWiki, Wikimedia Foundation Parsoid.This issue affects MediaWiki: before 1.39.12, 1.42.6, 1.43.1; Parsoid: before 0.16.5, 0.19.2, 0.20.2.... Read more

    Affected Products : mediawiki
    • Published: Apr. 10, 2025
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2013-2047

    The login page (aka index.php) in ownCloud before 5.0.6 does not disable the autocomplete setting for the password parameter, which makes it easier for physically proximate attackers to guess the password.... Read more

    Affected Products : owncloud owncloud_server
    • EPSS Score: %0.06
    • Published: Mar. 14, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2010-1536

    Cross-site scripting (XSS) vulnerability in the AddThis Button module 5.x before 5.x-2.2 and 6.x before 6.x-2.9 for Drupal allows remote authenticated users, with administer addthis privileges, to inject arbitrary web script or HTML via unspecified vector... Read more

    Affected Products : drupal addthis
    • EPSS Score: %0.23
    • Published: Apr. 26, 2010
    • Modified: Apr. 11, 2025
Showing 20 of 291712 Results