Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2005-2873

    The ipt_recent kernel module (ipt_recent.c) in Linux kernel 2.6.12 and earlier does not properly perform certain time tests when the jiffies value is greater than LONG_MAX, which can cause ipt_recent netfilter rules to block too early, a different vulnera... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.08
    • Published: Sep. 09, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2010-0884

    Unspecified vulnerability in the Sun Cluster component in Oracle Sun Product Suite 3.1 and 3.2 allows local users to affect confidentiality via unknown vectors related to Data Service for Oracle E-Business Suite, a different vulnerability than CVE-2010-08... Read more

    Affected Products : sun_products_suite
    • EPSS Score: %0.25
    • Published: Apr. 13, 2010
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2013-2546

    The report API in the crypto user configuration API in the Linux kernel through 3.8.2 uses an incorrect C library function for copying strings, which allows local users to obtain sensitive information from kernel stack memory by leveraging the CAP_NET_ADM... Read more

    Affected Products : linux_kernel enterprise_mrg
    • EPSS Score: %0.07
    • Published: Mar. 15, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2007-3100

    usr/log.c in iscsid in open-iscsi (iscsi-initiator-utils) before 2.0-865 uses a semaphore with insecure permissions (world-writable/world-readable) for managing log messages using shared memory, which allows local users to cause a denial of service (hang)... Read more

    Affected Products : enterprise_linux open_iscsi
    • EPSS Score: %0.05
    • Published: Jun. 14, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2004-0211

    The kernel for Microsoft Windows Server 2003 does not reset certain values in CPU data structures, which allows local users to cause a denial of service (system crash) via a malicious program.... Read more

    • EPSS Score: %1.38
    • Published: Nov. 03, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2009-0014

    Folder Manager in Apple Mac OS X 10.5.6 uses insecure default permissions when recreating a Downloads folder after it has been deleted, which allows local users to bypass intended access restrictions and read the Downloads folder.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • EPSS Score: %0.05
    • Published: Feb. 13, 2009
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2004-0233

    Utempter allows device names that contain .. (dot dot) directory traversal sequences, which allows local users to overwrite arbitrary files via a symlink attack on device names in combination with an application that trusts the utmp or wtmp files.... Read more

    Affected Products : propack slackware_linux utempter
    • EPSS Score: %0.21
    • Published: Aug. 18, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2014-1378

    IOGraphicsFamily in Apple OS X before 10.9.4 allows local users to bypass the ASLR protection mechanism by leveraging read access to a kernel pointer in an IOKit object.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.06
    • Published: Jul. 01, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2007-3099

    usr/mgmt_ipc.c in iscsid in open-iscsi (iscsi-initiator-utils) before 2.0-865 checks the client's UID on the listening AF_LOCAL socket instead of the new connection, which allows remote attackers to access the management interface and cause a denial of se... Read more

    Affected Products : enterprise_linux
    • EPSS Score: %0.23
    • Published: Jun. 14, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2006-5199

    Adobe Contribute Publishing Server leaks the administrator password in logs that are created during product installation, which allows local users to gain privileges to the server.... Read more

    Affected Products : contribute
    • EPSS Score: %0.25
    • Published: Oct. 10, 2006
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2006-3123

    Multiple integer overflows in the (1) dodecrypt and (2) doencrypt functions in cfs_fh.c in cfsd in Matt Blaze Cryptographic File System (CFS) 1.4.1 before Debian GNU/Linux package 1.4.1-17 allow local users to cause a denial of service (daemon crash) by a... Read more

    Affected Products : cryptographic_file_system
    • EPSS Score: %0.06
    • Published: Aug. 07, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-1335

    Memory leak in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (memory consumption) by repeatedly calling the ip_cmsg_send function.... Read more

    Affected Products : linux_kernel linux fedora_core
    • EPSS Score: %0.19
    • Published: Dec. 15, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-1438

    The mod_authz_svn Apache module for Subversion 1.0.4-r1 and earlier allows remote authenticated users, with write access to the repository, to read unauthorized parts of the repository via the svn copy command.... Read more

    Affected Products : subversion
    • EPSS Score: %0.25
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2013-5371

    The client in IBM Tivoli Storage Manager (TSM) 6.3.1 and 6.4.0 on Windows does not preserve permissions of Resilient File System (ReFS) files across backup and restore operations, which allows local users to bypass intended access restrictions via standar... Read more

    Affected Products : tivoli_storage_manager
    • EPSS Score: %0.04
    • Published: Jan. 23, 2014
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2006-4813

    The __block_prepare_write function in fs/buffer.c for Linux kernel 2.6.x before 2.6.13 does not properly clear buffers during certain error conditions, which allows local users to read portions of files that have been unlinked.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.06
    • Published: Oct. 12, 2006
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2009-5066

    twiddle.sh in JBoss AS 5.0 and EAP 5.0 and earlier accepts credentials as command-line arguments, which allows local users to read the credentials by listing the process and its arguments.... Read more

    • EPSS Score: %0.07
    • Published: Aug. 13, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2004-1333

    Integer overflow in the vc_resize function in the Linux kernel 2.4 and 2.6 before 2.6.10 allows local users to cause a denial of service (kernel crash) via a short new screen value, which leads to a buffer overflow.... Read more

    Affected Products : linux_kernel linux fedora_core
    • EPSS Score: %0.23
    • Published: Dec. 15, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2003-1040

    kmod in the Linux kernel does not set its uid, suid, gid, or sgid to 0, which allows local users to cause a denial of service (crash) by sending certain signals to kmod.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.08
    • Published: Apr. 15, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2007-2617

    srsexec in Sun Remote Services (SRS) Net Connect Software Proxy Core package in Sun Solaris 10 does not enforce file permissions when opening files, which allows local users to read the first line of arbitrary files via the -d and -v options.... Read more

    Affected Products : solaris net_connect_software
    • EPSS Score: %9.03
    • Published: May. 11, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2010-4256

    The pipe_fcntl function in fs/pipe.c in the Linux kernel before 2.6.37 does not properly determine whether a file is a named pipe, which allows local users to cause a denial of service via an F_SETPIPE_SZ fcntl call.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.06
    • Published: Jan. 25, 2011
    • Modified: Apr. 11, 2025
Showing 20 of 291564 Results