Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2004-0233

    Utempter allows device names that contain .. (dot dot) directory traversal sequences, which allows local users to overwrite arbitrary files via a symlink attack on device names in combination with an application that trusts the utmp or wtmp files.... Read more

    Affected Products : propack slackware_linux utempter
    • EPSS Score: %0.21
    • Published: Aug. 18, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-0211

    The kernel for Microsoft Windows Server 2003 does not reset certain values in CPU data structures, which allows local users to cause a denial of service (system crash) via a malicious program.... Read more

    • EPSS Score: %1.38
    • Published: Nov. 03, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2007-3100

    usr/log.c in iscsid in open-iscsi (iscsi-initiator-utils) before 2.0-865 uses a semaphore with insecure permissions (world-writable/world-readable) for managing log messages using shared memory, which allows local users to cause a denial of service (hang)... Read more

    Affected Products : enterprise_linux open_iscsi
    • EPSS Score: %0.05
    • Published: Jun. 14, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2007-0958

    Linux kernel 2.6.x before 2.6.20 allows local users to read unreadable binaries by using the interpreter (PT_INTERP) functionality and triggering a core dump, a variant of CVE-2004-1073.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.06
    • Published: Feb. 15, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2004-0372

    xine allows local users to overwrite arbitrary files via a symlink attack on a bug report email that is generated by the (1) xine-bugreport or (2) xine-check scripts.... Read more

    Affected Products : xine
    • EPSS Score: %0.10
    • Published: Apr. 15, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2003-0858

    Zebra 0.93b and earlier, and quagga before 0.95, allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface.... Read more

    • EPSS Score: %0.07
    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2003-0854

    ls in the fileutils or coreutils packages allows local users to consume a large amount of memory via a large -w value, which can be remotely exploited via applications that use ls, such as wu-ftpd.... Read more

    Affected Products : wu-ftpd fileutils
    • EPSS Score: %0.23
    • Published: Nov. 17, 2003
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-0881

    getmail 4.x before 4.2.0, and other versions before 3.2.5, when run as root, allows local users to write files in arbitrary directories via a symlink attack on subdirectories in the maildir.... Read more

    Affected Products : linux slackware_linux getmail
    • EPSS Score: %0.09
    • Published: Jan. 27, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-5199

    Adobe Contribute Publishing Server leaks the administrator password in logs that are created during product installation, which allows local users to gain privileges to the server.... Read more

    Affected Products : contribute
    • EPSS Score: %0.25
    • Published: Oct. 10, 2006
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2007-2617

    srsexec in Sun Remote Services (SRS) Net Connect Software Proxy Core package in Sun Solaris 10 does not enforce file permissions when opening files, which allows local users to read the first line of arbitrary files via the -d and -v options.... Read more

    Affected Products : solaris net_connect_software
    • EPSS Score: %9.03
    • Published: May. 11, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2015-2661

    Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows local users to affect availability via unknown vectors related to Client.... Read more

    Affected Products : ubuntu_linux mysql
    • EPSS Score: %0.12
    • Published: Jul. 16, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2025-3840

    An improper neutralization of input vulnerability was identified in the End of Life (EOL) OVA based connect installer component which is deployed for installation purposes in a customer network. This EOL component was deprecated in September 2023 with end... Read more

    Affected Products :
    • Published: Apr. 21, 2025
    • Modified: Apr. 21, 2025
    • Vuln Type: Cross-Site Scripting

  • 2.1

    LOW
    CVE-2024-12706

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in OpenText™ Digital Asset Management. T he vulnerability could allow an authenticated user to run arbitrary SQL commands on the underlying database. Thi... Read more

    Affected Products :
    • Published: Apr. 28, 2025
    • Modified: Apr. 29, 2025
    • Vuln Type: Injection

  • 2.1

    LOW
    CVE-2009-3612

    The tcf_fill_node function in net/sched/cls_api.c in the netlink subsystem in the Linux kernel 2.6.x before 2.6.32-rc5, and 2.4.37.6 and earlier, does not initialize a certain tcm__pad2 structure member, which might allow local users to obtain sensitive i... Read more

    • EPSS Score: %0.07
    • Published: Oct. 19, 2009
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2009-2691

    The mm_for_maps function in fs/proc/base.c in the Linux kernel 2.6.30.4 and earlier allows local users to read (1) maps and (2) smaps files under proc/ via vectors related to ELF loading, a setuid process, and a race condition.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.06
    • Published: Aug. 14, 2009
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2014-8476

    The setlogin function in FreeBSD 8.4 through 10.1-RC4 does not initialize the buffer used to store the login name, which allows local users to obtain sensitive information from kernel memory via a call to getlogin, which returns the entire buffer.... Read more

    Affected Products : freebsd
    • EPSS Score: %0.07
    • Published: Nov. 13, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2007-5373

    ldapscripts 1.4 and 1.7 sends a password as a command line argument when calling some LDAP programs, which might allow local users to read the password by listing the process and its arguments, as demonstrated by a call to ldappasswd in the _changepasswor... Read more

    Affected Products : ldapscripts
    • EPSS Score: %0.07
    • Published: Oct. 11, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2009-2087

    The Web Services functionality in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.25 and 7.0 before 7.0.0.5, in certain circumstances involving the ibm-webservicesclient-bind.xmi file and custom password encryption, uses weak password obfuscation,... Read more

    Affected Products : websphere_application_server
    • EPSS Score: %0.04
    • Published: Aug. 13, 2009
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2009-1756

    SLiM Simple Login Manager 1.3.0 places the X authority magic cookie (mcookie) on the command line when invoking xauth from (1) app.cpp and (2) switchuser.cpp, which allows local users to access the X session by listing the process and its arguments.... Read more

    Affected Products : slim_simple_login_manager
    • EPSS Score: %0.07
    • Published: May. 22, 2009
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2008-0010

    The copy_from_user_mmap_sem function in fs/splice.c in the Linux kernel 2.6.22 through 2.6.24 does not validate a certain userspace pointer before dereference, which allow local users to read from arbitrary kernel memory locations.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.24
    • Published: Feb. 12, 2008
    • Modified: Apr. 09, 2025
Showing 20 of 291222 Results