Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2010-1303

    Multiple cross-site scripting (XSS) vulnerabilities in the Taxonomy Filter module 6.x before 6.x-1.1 for Drupal allow remote authenticated users, with administer taxonomy permissions or create node permissions when free tagging is enabled, to inject arbit... Read more

    Affected Products : drupal taxonomy_filter
    • EPSS Score: %0.16
    • Published: Apr. 08, 2010
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2008-7292

    Bugzilla 2.20.x before 2.20.5, 2.22.x before 2.22.3, and 3.0.x before 3.0.3 on Windows does not delete the temporary files associated with uploaded attachments, which allows local users to obtain sensitive information by reading these files, a different v... Read more

    Affected Products : windows bugzilla
    • EPSS Score: %0.06
    • Published: Aug. 09, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2008-7207

    RivetTracker before 1.0 stores passwords in cleartext in config.php, which allows local users to discover passwords by reading config.php.... Read more

    Affected Products : rivettracker
    • EPSS Score: %0.06
    • Published: Sep. 11, 2009
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2011-3570

    Unspecified vulnerability in Oracle Communications Unified 7.0 allows local users to affect confidentiality via unknown vectors related to Calendar Server.... Read more

    Affected Products : communications_unified
    • EPSS Score: %0.07
    • Published: Jan. 18, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2010-0384

    Tor 0.2.2.x before 0.2.2.7-alpha, when functioning as a directory mirror, does not prevent logging of the client IP address upon detection of erroneous client behavior, which might make it easier for local users to discover the identities of clients in op... Read more

    Affected Products : tor tor
    • EPSS Score: %0.06
    • Published: Jan. 25, 2010
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2008-4540

    Windows Mobile 6 on the HTC Hermes device makes WLAN passwords available to an auto-completion mechanism for the password input field, which allows physically proximate attackers to bypass password authentication and obtain WLAN access.... Read more

    Affected Products : windows_mobile hermes windows_mobile
    • EPSS Score: %2.33
    • Published: Oct. 13, 2008
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2010-1976

    Cross-site scripting (XSS) vulnerability in the Taxonomy Breadcrumb module 6.x before 6.x-1.1 for Drupal allows remote authenticated users, with administer taxonomy permissions, to inject arbitrary web script or HTML via the node title in a Breadcrumb dis... Read more

    Affected Products : drupal taxonomy_breadcrumb
    • EPSS Score: %0.25
    • Published: May. 19, 2010
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2011-3982

    The Fibre Channel driver for QLogic adapters in IBM AIX 6.1 and 7.1 does not properly handle DMA resource limitations, which allows local users to cause a denial of service (system hang) via vectors that generate a large amount of DMA I/O, related to a de... Read more

    Affected Products : aix
    • EPSS Score: %0.07
    • Published: Oct. 05, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2011-3522

    Unspecified vulnerability in SysFW 8.0 on certain SPARC T3, Netra SPARC T3, Sun Fire, and Sun Blade based servers allows local users to affect confidentiality, related to Integrated Lights Out Manager CLI.... Read more

    • EPSS Score: %0.08
    • Published: Oct. 18, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2011-1840

    The MartiniCreations PassmanLite Password Manager application before 1.48 for Android stores the master password and unspecified other account information in cleartext, which allows local users to obtain sensitive information by leveraging shell access.... Read more

    • EPSS Score: %0.06
    • Published: May. 13, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2009-2314

    Race condition in the Sun Lightweight Availability Collection Tool 3.0 on Solaris 7 through 10 allows local users to overwrite arbitrary files via unspecified vectors.... Read more

    • EPSS Score: %0.07
    • Published: Jul. 05, 2009
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2010-1997

    Cross-site scripting (XSS) vulnerability in admin/edit.php in Saurus CMS 4.7.0 allows remote authenticated users, with "Article list" edit privileges, to inject arbitrary web script or HTML via the pealkiri parameter.... Read more

    Affected Products : saurus_cms
    • EPSS Score: %0.46
    • Published: May. 20, 2010
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2006-1844

    The Debian installer for the (1) shadow 4.0.14 and (2) base-config 2.53.10 packages includes sensitive information in world-readable log files, including preseeded passwords and pppoeconf passwords, which might allow local users to gain privileges.... Read more

    Affected Products : shadow base-config
    • EPSS Score: %0.07
    • Published: Apr. 19, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2010-2002

    Cross-site scripting (XSS) vulnerability in the Wordfilter module 5.x before 5.x-1.1 and 6.x before 6.x-1.1 for Drupal allows remote authenticated users, with "administer words filtered" privileges, to inject arbitrary web script or HTML via the word list... Read more

    Affected Products : drupal wordfilter wordfilter
    • EPSS Score: %0.23
    • Published: May. 20, 2010
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2014-0103

    WebAccess in Zarafa before 7.1.10 and WebApp before 1.6 stores credentials in cleartext, which allows local Apache users to obtain sensitive information by reading the PHP session files.... Read more

    Affected Products : fedora zarafa webapp
    • EPSS Score: %0.08
    • Published: Jul. 29, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2010-1636

    The btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the btrfs functionality in the Linux kernel 2.6.29 through 2.6.32, and possibly other versions, does not ensure that a cloned file descriptor has been opened for reading, which allows local users to re... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.24
    • Published: Jun. 08, 2010
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2015-7872

    The key_gc_unused_keys function in security/keys/gc.c in the Linux kernel through 4.2.6 allows local users to cause a denial of service (OOPS) via crafted keyctl commands.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.06
    • Published: Nov. 16, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2015-6102

    The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to bypass the KASLR protection ... Read more

    • EPSS Score: %3.68
    • Published: Nov. 11, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2014-3638

    The bus_connections_check_reply function in config-parser.c in D-Bus before 1.6.24 and 1.8.x before 1.8.8 allows local users to cause a denial of service (CPU consumption) via a large number of method calls.... Read more

    Affected Products : dbus opensuse d-bus
    • EPSS Score: %0.10
    • Published: Sep. 22, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2012-3478

    rssh 2.3.3 and earlier allows local users to bypass intended restricted shell access via crafted environment variables in the command line.... Read more

    Affected Products : rssh
    • EPSS Score: %0.06
    • Published: Aug. 31, 2012
    • Modified: Apr. 11, 2025
Showing 20 of 291335 Results