Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2006-4493

    xbiff2 1.9 creates $HOME/.xbiff2rc in a user's home directory with insecure file permissions, which allows local users to obtain sensitive information such as login credentials. NOTE: the provenance of this information is unknown; the details are obtaine... Read more

    Affected Products : xbiff2
    • EPSS Score: %0.06
    • Published: Aug. 31, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2007-3720

    The process scheduler in the Linux kernel 2.4 performs scheduling based on CPU billing gathered from periodic process sampling ticks, which allows local users to cause a denial of service (CPU consumption) by performing voluntary nanosecond sleeps that re... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.06
    • Published: Jul. 12, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2007-3722

    The 4BSD process scheduler in the FreeBSD kernel performs scheduling based on CPU billing gathered from periodic process sampling ticks, which allows local users to cause a denial of service (CPU consumption) by performing voluntary nanosecond sleeps that... Read more

    Affected Products : freebsd
    • EPSS Score: %0.06
    • Published: Jul. 12, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2007-1191

    The Social Bookmarks (del.icio.us) plug-in 8F in Quicksilver writes usernames and passwords in plaintext to the /Library/Logs/Console/UID/Console.log file, which allows local users to obtain sensitive information by reading this file.... Read more

    Affected Products : del.icio.us_module
    • EPSS Score: %0.07
    • Published: Mar. 02, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2006-5842

    The keystore file in Unicore Client before 5.6 build 5, when running on Unix systems, has insecure default permissions, which allows local users to obtain sensitive information.... Read more

    Affected Products : unicore_client
    • EPSS Score: %0.06
    • Published: Nov. 10, 2006
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2006-5600

    Axalto Protiva 1.1, possibly only non-commercial versions, stores passwords in plaintext in files with insecure permissions, which allows local users to gain privileges by reading the passwords from (1) KeyTool\keytool.config or (2) webapps\protiva\WEB-IN... Read more

    Affected Products : protiva
    • EPSS Score: %0.06
    • Published: Oct. 28, 2006
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2006-3675

    Password Safe 2.11, 2.16 and 3.0BETA1 does not respect the configuration settings for locking the password database when certain dialogue windows are open, which might allow attackers with physical access to obtain the database contents.... Read more

    Affected Products : passwordsafe
    • EPSS Score: %0.12
    • Published: Jul. 28, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-6013

    Integer signedness error in the fw_ioctl (FW_IOCTL) function in the FireWire (IEEE-1394) drivers (dev/firewire/fwdev.c) in various BSD kernels, including DragonFlyBSD, FreeBSD 5.5, MidnightBSD 0.1-CURRENT before 20061115, NetBSD-current before 20061116, N... Read more

    • EPSS Score: %0.08
    • Published: Nov. 21, 2006
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2006-7129

    ISS BlackICE PC Protection 3.6 cpj and cpu, and possibly earlier versions, allows local users to bypass the protection scheme by using the ZwDeleteFile API function to delete the critical filelock.txt file, which stores information about protected files.... Read more

    Affected Products : blackice_pc_protection
    • EPSS Score: %0.21
    • Published: Mar. 06, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2006-3912

    Stack-based buffer overflow in the SFX module in WinRAR before 3.60 beta 8 has unspecified vectors and impact.... Read more

    Affected Products : winrar
    • EPSS Score: %1.00
    • Published: Jul. 28, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-6657

    The if_clone_list function in NetBSD-current before 20061027, NetBSD 3.0 and 3.0.1 before 20061027, and NetBSD 2.x before 20061119 allows local users to read potentially sensitive, uninitialized stack memory via unspecified vectors.... Read more

    Affected Products : netbsd
    • EPSS Score: %0.06
    • Published: Dec. 20, 2006
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2006-6674

    Ozeki HTTP-SMS Gateway 1.0, and possibly earlier, stores usernames and passwords in plaintext in the HKLM\Software\Ozeki\SMSServer\CurrentVersion\Plugins\httpsmsgate registry key, which allows local users to obtain sensitive information.... Read more

    Affected Products : http-sms_gateway
    • EPSS Score: %0.07
    • Published: Dec. 21, 2006
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2007-1589

    TrueCrypt before 4.3, when set-euid mode is used on Linux, allows local users to cause a denial of service (filesystem unavailability) by dismounting a volume mounted by a different user.... Read more

    Affected Products : linux_kernel truecrypt
    • EPSS Score: %0.06
    • Published: Mar. 21, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2006-5851

    openexec in OpenBase SQL before 10.0.1 allows local users to create arbitrary files via a symlink attack on the /tmp/output file, a different vulnerability than CVE-2006-5328.... Read more

    Affected Products : openbase
    • EPSS Score: %0.16
    • Published: Nov. 10, 2006
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2006-6182

    The Gabriele Teotino GNotebook 0.7.0.1 gadget for Google Desktop stores Gmail passwords in plaintext in the %SYSTEMDRIVE%\temp\Gnotebook.txt log file, which allows local users to obtain passwords by reading the file.... Read more

    Affected Products : gnotebook
    • EPSS Score: %0.07
    • Published: Dec. 01, 2006
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2007-3706

    The _sanitize_globals function in CodeIgniter 1.5.3 before 20070628 allows remote attackers to unset arbitrary global variables with unspecified impact, as demonstrated by a _SERVER cookie.... Read more

    Affected Products : codeigniter
    • EPSS Score: %0.16
    • Published: Jul. 11, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2007-0805

    The ps (/usr/ucb/ps) command on HP Tru64 UNIX 5.1 1885 allows local users to obtain sensitive information, including environment variables of arbitrary processes, via the "auxewww" argument, a similar issue to CVE-1999-1587.... Read more

    Affected Products : tru64
    • EPSS Score: %0.93
    • Published: Feb. 07, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2013-2013

    The user-password-update command in python-keystoneclient before 0.2.4 accepts the new password in the --password argument, which allows local users to obtain sensitive information by listing the process.... Read more

    Affected Products : python-keystoneclient
    • EPSS Score: %0.06
    • Published: Oct. 01, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2013-4463

    OpenStack Compute (Nova) Folsom, Grizzly, and Havana does not properly verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service (host file system disk consumption) via a compressed QCOW2 image. NOTE: this issue is d... Read more

    Affected Products : nova folsom grizzly havana
    • EPSS Score: %0.06
    • Published: Feb. 06, 2014
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2013-2148

    The fill_event_metadata function in fs/notify/fanotify/fanotify_user.c in the Linux kernel through 3.9.4 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a read operation on th... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.08
    • Published: Jun. 07, 2013
    • Modified: Apr. 11, 2025
Showing 20 of 291608 Results