Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2015-5850

    AppleKeyStore in Apple iOS before 9 allows physically proximate attackers to reset the count of incorrect passcode attempts via a device backup.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.07
    • Published: Sep. 18, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2015-5854

    The backup implementation in Time Machine in Apple OS X before 10.11 allows local users to obtain access to keychain items via unspecified vectors.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.08
    • Published: Oct. 09, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2006-0838

    IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 stores cleartext passwords in the (1) CMS_DBPASS, (2) CMSM_DBPASS, and (3) RPT_DBPASS fields in /etc/neusecure.conf, and in (4) /opt/NeuSecure/bin/ns_archiver.log, which allows local users to gain privileges.... Read more

    Affected Products : netcool_neusecure
    • EPSS Score: %0.07
    • Published: Feb. 22, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2015-5861

    SpringBoard in Apple iOS before 9 allows physically proximate attackers to bypass a lock-screen preview-disabled setting, and reply to an audio message, via unspecified vectors.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.06
    • Published: Sep. 18, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2015-5893

    SMBClient in SMB in Apple OS X before 10.11 allows local users to obtain sensitive kernel memory-layout information via unspecified vectors.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.06
    • Published: Oct. 09, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2004-0133

    The XFS file system code in Linux 2.4.x has an information leak in which in-memory data is written to the device for the XFS file system, which allows local users to obtain sensitive information by reading the raw device.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.06
    • Published: Jun. 01, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-0370

    The setsockopt call in the KAME Project IPv6 implementation, as used in FreeBSD 5.2, does not properly handle certain IPv6 socket options, which could allow attackers to read kernel memory and cause a system panic.... Read more

    Affected Products : freebsd
    • EPSS Score: %0.08
    • Published: May. 04, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2010-2574

    Cross-site scripting (XSS) vulnerability in manage_proj_cat_add.php in MantisBT 1.2.2 allows remote authenticated administrators to inject arbitrary web script or HTML via the name parameter in an Add Category action.... Read more

    Affected Products : mantisbt
    • EPSS Score: %0.42
    • Published: Aug. 10, 2010
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2007-4271

    Directory traversal vulnerability in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows local users to create arbitrary files via a .. (dot dot) in an unspecified environment variable, which is appended to "/tmp/" and used as a log file. NOTE:... Read more

    Affected Products : db2_universal_database
    • EPSS Score: %0.05
    • Published: Aug. 18, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2011-3429

    The Settings component in Apple iOS before 5 stores a cleartext parental-restrictions passcode in an unspecified file, which might allow physically proximate attackers to obtain sensitive information by reading this file.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.07
    • Published: Oct. 14, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2004-0325

    TYPSoft FTP Server 1.10 allows remote authenticated users to cause a denial of service (CPU consumption) via "//../" arguments to (1) mkd, (2) xmkd, (3) dele, (4) size, (5) retr, (6) stor, (7) appe, (8) rnfr, (9) rnto, (10) rmd, or (11) xrmd, as demonstra... Read more

    Affected Products : typsoft_ftp_server
    • EPSS Score: %1.17
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2011-3431

    The Home screen component in Apple iOS before 5 does not properly support a certain application-switching gesture, which might allow physically proximate attackers to obtain sensitive state information by watching the device's screen.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.07
    • Published: Oct. 14, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2011-0180

    Integer overflow in HFS in Apple Mac OS X before 10.6.7 allows local users to read arbitrary (1) HFS, (2) HFS+, or (3) HFS+J files via a crafted F_READBOOTSTRAP ioctl call.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • EPSS Score: %0.09
    • Published: Mar. 23, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2011-2286

    Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows remote authenticated users to affect availability, related to ZFS.... Read more

    Affected Products : solaris
    • EPSS Score: %0.36
    • Published: Oct. 18, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2004-0087

    The System Configuration subsystem in Mac OS 10.2.8 and 10.3.2 allows local users to modify network settings, a different vulnerability than CVE-2004-0088.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.09
    • Published: Mar. 03, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-0341

    WFTPD Pro Server 3.21 Release 1 allocates memory for a command until a 0Ah byte (newline) is sent, which allows local users to cause a denial of service (CPU consumption) by continuing to send a long command that does not contain a newline.... Read more

    Affected Products : wftpd
    • EPSS Score: %0.15
    • Published: Nov. 23, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2011-3198

    Domain Technologie Control (DTC) before 0.34.1 includes a password in the -b command line argument to htpasswd, which might allow local users to read the password by listing the process and its arguments.... Read more

    Affected Products : domain_technologie_control
    • EPSS Score: %0.07
    • Published: Mar. 21, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2008-2623

    Unspecified vulnerability in the Oracle JDeveloper component in Oracle Application Server 10.1.2.3 allows local users to affect confidentiality via unknown vectors.... Read more

    Affected Products : jdeveloper application_server
    • EPSS Score: %0.20
    • Published: Jan. 14, 2009
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2011-0279

    HP Multifunction Peripheral (MFP) Digital Sending Software (DSS) 4.91.00 does not properly configure authentication settings of managed devices within device templates, which allows attackers to access these devices via actions that were intended to requi... Read more

    • EPSS Score: %0.08
    • Published: Mar. 07, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2004-0462

    The built-in web servers for multiple networking devices do not set the Secure attribute for sensitive cookies in HTTPS sessions, which could cause the user agent to send those cookies in plaintext over an HTTP session with the same server.... Read more

    Affected Products :
    • EPSS Score: %0.23
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025
Showing 20 of 291589 Results