Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2000-0361

    The PPP wvdial.lxdialog script in wvdial 1.4 and earlier creates a .config file with world readable permissions, which allows a local attacker in the dialout group to access login and password information.... Read more

    Affected Products : suse_linux
    • EPSS Score: %0.09
    • Published: Dec. 14, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-3012

    The MasterDataCD::createImage function in masterdatacd.cpp for SimpleCDR-X 1.3.3 creates the .temp temporary directory with insecure permissions, which allows local users to read sensitive ISO images.... Read more

    Affected Products : simplecdr-x
    • EPSS Score: %0.05
    • Published: Sep. 21, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-1270

    Mac OS X 10.2.2 allows local users to read files that only allow write access via the map_fd() Mach system call.... Read more

    Affected Products : mac_os_x
    • EPSS Score: %0.07
    • Published: Dec. 11, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2015-0527

    EMC Documentum xCelerated Management System (xMS) 1.1 before P14 stores cleartext Windows Service credentials in a batch file during Documentum Platform and xCelerated Composition Platform (xCP) provisioning, which allows local users to obtain sensitive i... Read more

    • EPSS Score: %0.13
    • Published: Mar. 24, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2005-2990

    AuthInfo.java in LineContol Java Client (jlc) before 0.8.1 stores sensitive information such as user passwords in log files.... Read more

    Affected Products : java_client
    • EPSS Score: %0.06
    • Published: Sep. 20, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-0213

    xkas in Xinet K-AShare 0.011.01 for IRIX allows local users to read arbitrary files via a symlink attack on the VOLICON file, which is copied to the .HSicon file in a shared directory.... Read more

    Affected Products : irix k-ashare
    • EPSS Score: %0.10
    • Published: May. 16, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-4352

    The securelevels implementation in NetBSD 2.1 and earlier, and Linux 2.6.15 and earlier, allows local users to bypass time setting restrictions and set the clock backwards by setting the clock ahead to the maximum unixtime value (19 Jan 2038), which then ... Read more

    Affected Products : linux_kernel netbsd
    • EPSS Score: %0.11
    • Published: Dec. 31, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-1173

    Corel Word Perfect 8 for Linux creates a temporary working directory with world-writable permissions, which allows local users to (1) modify Word Perfect behavior by modifying files in the working directory, or (2) modify files of other users via a symlin... Read more

    Affected Products : wordperfect
    • EPSS Score: %0.14
    • Published: Dec. 18, 1998
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0620

    iPlanet Calendar Server 5.0p2 and earlier allows a local attacker to gain access to the Netscape Admin Server (NAS) LDAP database and read arbitrary files by obtaining the cleartext administrator username and password from the configuration file, which ha... Read more

    Affected Products : calendar_server
    • EPSS Score: %0.09
    • Published: Aug. 02, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0008

    FTPPro allows local users to read sensitive information, which is stored in plain text.... Read more

    Affected Products : ftppro
    • EPSS Score: %0.12
    • Published: Dec. 26, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0227

    The Linux 2.2.x kernel does not restrict the number of Unix domain sockets as defined by the wmem_max parameter, which allows local users to cause a denial of service by requesting a large number of sockets.... Read more

    Affected Products : linux_kernel linux
    • EPSS Score: %0.17
    • Published: Mar. 23, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-0121

    PHP 4.0 through 4.1.1 stores session IDs in temporary files whose name contains the session ID, which allows local users to hijack web connections.... Read more

    Affected Products : php
    • EPSS Score: %0.20
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2003-0175

    SGI IRIX before 6.5.21 allows local users to cause a denial of service (kernel panic) via a certain call to the PIOCSWATCH ioctl.... Read more

    Affected Products : irix
    • EPSS Score: %0.10
    • Published: Feb. 03, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-0223

    Solaris syslogd crashes when receiving a message from a host that doesn't have an inverse DNS entry.... Read more

    Affected Products : sunos
    • EPSS Score: %0.08
    • Published: Mar. 01, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0879

    LPPlus programs dccsched, dcclpdser, dccbkst, dccshut, dcclpdshut, and dccbkstshut are installed setuid root and world executable, which allows arbitrary local users to start and stop various LPD services.... Read more

    Affected Products : lpplus
    • EPSS Score: %0.06
    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0334

    The Allaire Spectra container editor preview tool does not properly enforce object security, which allows an attacker to conduct unauthorized activities via an object-method that is added to the container object with a publishing rule.... Read more

    Affected Products : spectra
    • EPSS Score: %0.10
    • Published: Apr. 24, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-1786

    SGI IRIX 6.5 through 6.5.14 applies a umask of 022 to root core dumps, which allows local users to read the core dumps and possibly obtain sensitive information.... Read more

    Affected Products : irix
    • EPSS Score: %0.14
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0666

    Outlook Web Access (OWA) in Microsoft Exchange 2000 allows an authenticated user to cause a denial of service (CPU consumption) via a malformed OWA request for a deeply nested folder within the user's mailbox.... Read more

    Affected Products : exchange_server
    • EPSS Score: %0.29
    • Published: Oct. 30, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-2280

    syslogd on OpenBSD 2.9 through 3.2 does not change the source IP address of syslog packets when the machine's IP addressed is changed without rebooting, e.g. via ifconfig, which can cause incorrect information to be sent to the syslog server.... Read more

    Affected Products : openbsd
    • EPSS Score: %0.07
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2008-3067

    sudo in SUSE openSUSE 10.3 does not clear the stdin buffer when password entry times out, which might allow local users to obtain a password by reading stdin from the parent process after a sudo child process exits.... Read more

    Affected Products : opensuse opensuse
    • EPSS Score: %0.06
    • Published: Jul. 07, 2008
    • Modified: Apr. 09, 2025
Showing 20 of 292058 Results