Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2005-2509

    Unknown vulnerability in loginwindow in Mac OS X 10.4.2 and earlier, when Fast User Switching is enabled, allows attackers to log into other accounts if they know the passwords to at least two accounts.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • Published: Aug. 19, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-2533

    OpenVPN before 2.0.1, when running in "dev tap" Ethernet bridging mode, allows remote authenticated clients to cause a denial of service (memory exhaustion) via a flood of packets with a large number of spoofed MAC addresses.... Read more

    Affected Products : openvpn
    • Published: Aug. 24, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-1453

    GNU glibc 2.3.4 before 2.3.4.20040619, 2.3.3 before 2.3.3.20040420, and 2.3.2 before 2.3.2-r10 does not restrict the use of LD_DEBUG for a setuid program, which allows local users to gain sensitive information, such as the list of symbols used by the prog... Read more

    Affected Products : glibc
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-3179

    drm.c in Linux kernel 2.6.10 to 2.6.13 creates a debug file in sysfs with world-readable and world-writable permissions, which allows local users to enable DRM debugging and obtain sensitive information.... Read more

    Affected Products : linux_kernel
    • Published: Oct. 12, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-2554

    The web server for Network Associates ePolicy Orchestrator Agent 3.5.0 (patch 3) uses insecure permissions for the "Common Framework\Db" folder, which allows local users to read arbitrary files by creating a subfolder in the EPO agent web root directory.... Read more

    Affected Products : epolicy_orchestrator_agent
    • Published: Aug. 12, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-2300

    Skype 1.1.0.20 and earlier allows local users to overwrite arbitrary files via a symlink attack on the skype_profile.jpg temporary file.... Read more

    Affected Products : skype
    • Published: Jul. 19, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-2725

    The inputtrap utility in QNX RTOS 6.1.0, 6.3, and possibly earlier versions does not properly check permissions when the -t flag is specified, which allows local users to read arbitrary files.... Read more

    Affected Products : rtos
    • Published: Aug. 30, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-2294

    Oracle Forms 4.5, 6.0, 6i, and 9i on Unix, when a large number of records are retrieved by an Oracle form, stores a copy of the database tables in a world-readable temporary file, which allows local users to gain sensitive information such as credit card ... Read more

    Affected Products : forms
    • Published: Jul. 18, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2007-1420

    MySQL 5.x before 5.0.36 allows local users to cause a denial of service (database crash) by performing information_schema table subselects and using ORDER BY to sort a single-row result, which prevents certain structure elements from being initialized and... Read more

    Affected Products : mysql mysql
    • Published: Mar. 12, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2004-1016

    The scm_send function in the scm layer for Linux kernel 2.4.x up to 2.4.28, and 2.6.x up to 2.6.9, allows local users to cause a denial of service (system hang) via crafted auxiliary messages that are passed to the sendmsg function, which causes a deadloc... Read more

    Affected Products : linux_kernel ubuntu_linux
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-1038

    crontab in Vixie cron 4.1, when running with the -e option, allows local users to read the cron files of other users by changing the file being edited to a symlink. NOTE: there is insufficient information to know whether this is a duplicate of CVE-2001-0... Read more

    Affected Products : enterprise_linux vixie_cron
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-1032

    fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to delete arbitrary files or create arbitrary empty files via a target filename with a large number of leading slash (/) characters such that fcronsighup does not properly... Read more

    Affected Products : linux fcron
    • Published: Mar. 01, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-0996

    main.c in cscope 15-4 and 15-5 creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack.... Read more

    Affected Products : debian_linux unixware linux cscope
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-0977

    The make_oidjoins_check script in PostgreSQL 7.4.5 and earlier allows local users to overwrite files via a symlink attack on temporary files.... Read more

    • Published: Feb. 09, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-3356

    The mq_open system call in Linux kernel 2.6.9, in certain situations, can decrement a counter twice ("double decrement") as a result of multiple calls to the mntput function when the dentry_open function call fails, which allows local users to cause a den... Read more

    Affected Products : linux_kernel enterprise_linux
    • Published: Dec. 31, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-2663

    masqmail before 0.2.18 allows local users to overwrite arbitrary files via a symlink attack on a log file.... Read more

    Affected Products : masqmail masqmail
    • Published: Sep. 21, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-0923

    CUPS 1.1.20 and earlier records authentication information for a device URI in the error_log file, which allows local users to obtain user names and passwords.... Read more

    Affected Products : mac_os_x mac_os_x_server cups
    • Published: Jan. 27, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-3531

    fusermount in FUSE before 2.4.1, if installed setuid root, allows local users to corrupt /etc/mtab and possibly modify mount options by performing a mount over a directory whose name contains certain special characters.... Read more

    Affected Products : fuse
    • Published: Nov. 23, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-2749

    Unspecified vulnerability in the Finder Get Info window for Mac OS X 10.4 up to 10.4.2 causes Finder to misrepresent file and group ownership information. NOTE: it is not clear whether this issue satisfies the CVE definition of a vulnerability.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • Published: Nov. 01, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-2752

    An unspecified kernel interface in Mac OS X 10.4.2 and earlier does not properly clear memory before reusing it, which could allow attackers to obtain sensitive information, a different vulnerability than CVE-2005-1126 and CVE-2005-1406.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • Published: Nov. 01, 2005
    • Modified: Apr. 03, 2025
Showing 20 of 292811 Results