Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2001-0071

    gpg (aka GnuPG) 1.0.4 and other versions does not properly verify detached signatures, which allows attackers to modify the contents of a file without detection.... Read more

    Affected Products : privacy_guard
    • EPSS Score: %0.14
    • Published: Feb. 12, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2007-1448

    The Tape Engine in CA (formerly Computer Associates) BrightStor ARCserve Backup 11.5 and earlier allows remote attackers to cause a denial of service (disabled interface) by calling an unspecified RPC function.... Read more

    • EPSS Score: %1.35
    • Published: Mar. 16, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2013-1786

    Cross-site scripting (XSS) vulnerability in the 3 slide gallery in the Company theme before 7.x-1.4 for Drupal allows remote authenticated users with the administer themes permission to inject arbitrary web script or HTML via unspecified vectors.... Read more

    Affected Products : drupal company
    • EPSS Score: %0.23
    • Published: Mar. 27, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2005-0119

    helvis 1.8h2_1 and earlier allows local users to recover and read the files of other users via the elvrec setuid program.... Read more

    Affected Products : helvis
    • EPSS Score: %0.06
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2012-3457

    PNP4Nagios 0.6 through 0.6.16 uses world-readable permissions for process_perfdata.cfg, which allows local users to obtain the Gearman shared secret by reading the file.... Read more

    Affected Products : pnp4nagios
    • EPSS Score: %0.05
    • Published: Aug. 12, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2005-0318

    useredit_account.wdm in Alt-N WebAdmin 3.0.4 does not properly validate account edits by the logged in user, which allows remote authenticated users to edit other users' account information via a modified user parameter.... Read more

    Affected Products : webadmin
    • EPSS Score: %0.13
    • Published: Jan. 28, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0309

    The i386 trace-trap handling in OpenBSD 2.4 with DDB enabled allows a local user to cause a denial of service.... Read more

    Affected Products : openbsd
    • EPSS Score: %0.08
    • Published: Mar. 12, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2007-0751

    A cleanup script in crontabs in Apple Mac OS X 10.3.9 and 10.4.9 might delete filesystems that have been mounted in /tmp, which might allow local users to cause a denial of service, related to the find command.... Read more

    Affected Products : mac_os_x mac_os_x_server mac_os_x
    • EPSS Score: %0.07
    • Published: May. 24, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2005-2765

    The user interface in the Windows Firewall does not properly display certain malformed entries in the Windows Registry, which makes it easier for attackers with administrator privileges to hide activities if the administrator only uses the Windows Firewal... Read more

    Affected Products : windows_2003_server windows_xp
    • EPSS Score: %0.40
    • Published: Sep. 01, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2025-2574

    Out-of-bounds array write in Xpdf 4.05 and earlier, due to incorrect integer overflow checking in the PostScript function interpreter code.... Read more

    Affected Products : xpdf
    • Published: Mar. 20, 2025
    • Modified: Mar. 20, 2025
    • Vuln Type: Memory Corruption

  • 2.1

    LOW
    CVE-2007-3024

    libclamav/others.c in ClamAV before 0.90.3 and 0.91 before 0.91rc1 uses insecure permissions for temporary files that are created by the cli_gentempstream function in clamd/clamdscan, which might allow local users to read sensitive files.... Read more

    Affected Products : clamav clamav
    • EPSS Score: %0.06
    • Published: Jun. 07, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2001-1503

    The finger daemon (in.fingerd) in Sun Solaris 2.5 through 8 and SunOS 5.5 through 5.8 allows remote attackers to list all accounts on a host by typing finger 'a b c d e f g h'@host.... Read more

    Affected Products : solaris sunos
    • EPSS Score: %0.22
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2010-4474

    Unspecified vulnerability in the Java DB component in Oracle Java SE and Java for Business 6 Update 23, and, and earlier allows local users to affect confidentiality via unknown vectors related to Security, a similar vulnerability to CVE-2009-4269.... Read more

    Affected Products : jre jdk
    • EPSS Score: %0.06
    • Published: Feb. 17, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2010-0971

    Multiple cross-site scripting (XSS) vulnerabilities in ATutor 1.6.4 allow remote authenticated users, with Instructor privileges, to inject arbitrary web script or HTML via the (1) Question and (2) Choice fields in tools/polls/add.php, the (3) Type and (4... Read more

    Affected Products : atutor
    • EPSS Score: %1.07
    • Published: Mar. 16, 2010
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2005-2097

    xpdf and kpdf do not properly validate the "loca" table in PDF files, which allows local users to cause a denial of service (disk consumption and hang) via a PDF file with a "broken" loca table, which causes a large temporary file to be created when xpdf ... Read more

    Affected Products : xpdf kpdf
    • EPSS Score: %0.07
    • Published: Aug. 16, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2008-0993

    Podcast Capture in Podcast Producer for Apple Mac OS X 10.5.2 invokes a subtask with passwords in command line arguments, which allows local users to read the passwords via process listings.... Read more

    • EPSS Score: %0.07
    • Published: Mar. 18, 2008
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2011-4922

    cipher.c in the Cipher API in libpurple in Pidgin before 2.7.10 retains encryption-key data in process memory, which might allow local users to obtain sensitive information by reading a core file or other representation of memory contents.... Read more

    Affected Products : pidgin
    • EPSS Score: %0.11
    • Published: Aug. 08, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2000-0866

    Interbase 6 SuperServer for Linux allows an attacker to cause a denial of service via a query containing 0 bytes.... Read more

    Affected Products : interbase_superserver
    • EPSS Score: %0.07
    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2025-32699

    Vulnerability in Wikimedia Foundation MediaWiki, Wikimedia Foundation Parsoid.This issue affects MediaWiki: before 1.39.12, 1.42.6, 1.43.1; Parsoid: before 0.16.5, 0.19.2, 0.20.2.... Read more

    Affected Products : mediawiki
    • Published: Apr. 10, 2025
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2004-0207

    "Shatter" style vulnerability in the Window Management application programming interface (API) for Microsoft Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to gain privileges by using certain API functions... Read more

    • EPSS Score: %1.59
    • Published: Nov. 03, 2004
    • Modified: Apr. 03, 2025
Showing 20 of 291274 Results