Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-1999-0322

    The open() function in FreeBSD allows local attackers to write to arbitrary files.... Read more

    Affected Products : freebsd
    • EPSS Score: %0.11
    • Published: Oct. 29, 1997
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-1718

    The ZwOpenSection function in Integrity Protection Driver (IPD) 1.4 and earlier allows local users to cause a denial of service (crash) via an invalid pointer in the "oa" argument.... Read more

    Affected Products : integrity_protection_driver
    • EPSS Score: %0.07
    • Published: Aug. 17, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-0327

    SGI syserr program allows local users to corrupt files.... Read more

    Affected Products : irix
    • EPSS Score: %0.12
    • Published: Nov. 01, 1997
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-1713

    Unknown vulnerability in HP Process Resource Manager (PRM) C.02.01[.01] and earlier, as used by HP-UX Workload Manager (WLM), allows local users to corrupt data files.... Read more

    • EPSS Score: %0.17
    • Published: Aug. 10, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-1349

    gzip before 1.3 in Solaris 8, when called with the -f or -force flags, will change the permissions of files that are hard linked to the target files, which allows local users to view or modify these files.... Read more

    Affected Products : solaris solaris gzip
    • EPSS Score: %0.11
    • Published: Oct. 04, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-2172

    Informed (1) Designer and (2) Filler 3.05 does not zero out newly allocated disk blocks as an encrypted file grows in size, which may allow attackers to obtain sensitive information.... Read more

    Affected Products : informed_designer informed_filler
    • EPSS Score: %0.13
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-2132

    Windows File Protection (WFP) in Windows 2000 and XP does not remove old security catalog .CAT files, which could allow local users to replace new files with vulnerable old files that have valid hash codes.... Read more

    Affected Products : windows_2000 windows_xp
    • EPSS Score: %0.76
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0310

    sort in FreeBSD 4.1.1 and earlier, and possibly other operating systems, uses predictable temporary file names and does not properly handle when the temporary file already exists, which causes sort to crash and possibly impacts security-sensitive scripts.... Read more

    Affected Products : freebsd
    • EPSS Score: %0.09
    • Published: Jun. 02, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-2050

    Directory traversal vulnerability in processor_web plugin for ModLogAn 0.5.0 through 0.7.11, when used with the splitby option, allows local users to overwrite arbitrary files via a .. (dot dot) in the hostname of a log entry.... Read more

    Affected Products : modlogan
    • EPSS Score: %0.15
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-1977

    Network Associates PGP 7.0.4 and 7.1 does not time out according to the value set in the "Passphrase Cache" option, which could allow attackers to open encrypted files without providing a passphrase.... Read more

    Affected Products : pgp
    • EPSS Score: %0.08
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0300

    oidldapd 2.1.1.1 in Oracle 8.1.7 records log files in a directory (ldaplog) that has world-writable permissions, which may allow local users to delete logs and/or overwrite other files via a symlink attack.... Read more

    Affected Products : internet_directory
    • EPSS Score: %0.47
    • Published: Jun. 02, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-1689

    sudoedit (aka sudo -e) in sudo 1.6.8 opens a temporary file with root privileges, which allows local users to read arbitrary files via a symlink attack on the temporary file before quitting sudoedit.... Read more

    Affected Products : sudo
    • EPSS Score: %0.17
    • Published: Sep. 16, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-0458

    L0phtcrack 2.5 used temporary files in the system TEMP directory which could contain password information.... Read more

    Affected Products : l0phtcrack
    • EPSS Score: %0.13
    • Published: Jan. 06, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-0064

    The SuSEconfig.gnome-filesystem script for YaST in SuSE 9.0 allows local users to overwrite arbitrary files via a symlink attack on files within the tmp.SuSEconfig.gnome-filesystem.$RANDOM temporary directory.... Read more

    Affected Products : suse_linux
    • EPSS Score: %0.17
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-0372

    The installer for BackOffice Server includes account names and passwords in a setup file (reboot.ini) which is not deleted.... Read more

    Affected Products : windows_2000 windows_nt backoffice
    • EPSS Score: %4.75
    • Published: Feb. 12, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-0058

    Antivir / Linux 2.0.9-9, and possibly earlier versions, allows local users to overwrite arbitrary files via a symlink attack on the .pid_antivir_$$ temporary file.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.11
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-0795

    The rc system startup script for FreeBSD 4 through 4.5 allows local users to delete arbitrary files via a symlink attack on X Windows lock files.... Read more

    Affected Products : freebsd
    • EPSS Score: %0.10
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-1083

    The xp_showcolv function in SQL Server and Microsoft SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an at... Read more

    Affected Products : sql_server sql_server data_engine
    • EPSS Score: %4.71
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2003-1072

    Memory leak in lofiadm in Solaris 8 allows local users to cause a denial of service (kernel memory consumption).... Read more

    Affected Products : solaris sunos
    • EPSS Score: %0.06
    • Published: Apr. 28, 2003
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2003-1134

    Sun Java 1.3.1, 1.4.1, and 1.4.2 allows local users to cause a denial of service (JVM crash), possibly by calling the ClassDepth function with a null parameter, which causes a crash instead of generating a null pointer exception.... Read more

    Affected Products : java
    • EPSS Score: %0.14
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025
Showing 20 of 291531 Results