Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2004-1894

    TEXutil in ConTEXt, when executed with the --silent option, allows local users to overwrite arbitrary files via a symlink attack on texutil.log.... Read more

    Affected Products : context
    • EPSS Score: %0.08
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2014-9418

    The eSpace Meeting ActiveX control (eSpaceStatusCtrl.dll) in Huawei eSpace Desktop before V200R001C03 allows local users to cause a denial of service (memory overflow) via unspecified vectors.... Read more

    Affected Products : espace_desktop
    • EPSS Score: %0.23
    • Published: Dec. 24, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2005-3012

    The MasterDataCD::createImage function in masterdatacd.cpp for SimpleCDR-X 1.3.3 creates the .temp temporary directory with insecure permissions, which allows local users to read sensitive ISO images.... Read more

    Affected Products : simplecdr-x
    • EPSS Score: %0.05
    • Published: Sep. 21, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-2412

    Winamp 2.80 stores authentication credentials in plaintext in the (1) [HTTP-AUTH] and (2) [winamp] sections in winamp.ini, which allows local users to gain access to other accounts.... Read more

    Affected Products : winamp
    • EPSS Score: %0.13
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-6744

    phpProfiles before 2.1.1 does not have an index.php or other index file in the (1) image_data, (2) graphics/comm, or (3) users read/write directories, which might allow remote attackers to list directory contents or have other unknown impacts.... Read more

    Affected Products : phpprofiles
    • EPSS Score: %0.10
    • Published: Dec. 26, 2006
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2006-5303

    Secure Computing SafeWord RemoteAccess 2.1 allows local users to obtain the UserCenter webportal password, database encryption keys, and signing keys by reading (1) base-64 encoded data in SERVERS\Web\Tomcat\usercenter\WEB-INF\login.conf and (2) plaintext... Read more

    Affected Products : safeword_remoteaccess
    • EPSS Score: %0.04
    • Published: Oct. 17, 2006
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2006-6656

    Unspecified vulnerability in ptrace in NetBSD-current before 20061027, NetBSD 3.0 and 3.0.1 before 20061027, and NetBSD 2.x before 20061119 allows local users to read kernel memory and obtain sensitive information via certain manipulations of a PT_LWPINFO... Read more

    Affected Products : netbsd
    • EPSS Score: %0.06
    • Published: Dec. 20, 2006
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-1999-0223

    Solaris syslogd crashes when receiving a message from a host that doesn't have an inverse DNS entry.... Read more

    Affected Products : sunos
    • EPSS Score: %0.08
    • Published: Mar. 01, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0275

    Moby Netsuite Web Server 1.02 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long HTTP request.... Read more

    Affected Products : netsuite_web_server
    • EPSS Score: %0.42
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-0714

    Vulnerability in Compaq Tru64 UNIX edauth command.... Read more

    Affected Products : unix
    • EPSS Score: %0.08
    • Published: Feb. 15, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2012-1640

    Multiple cross-site scripting (XSS) vulnerabilities in the Managesite module 6.x-1.x before 6.1-1.1 for Drupal allow remote authenticated users with "administer managesite" permissions to inject arbitrary web script or HTML via the title parameter when (1... Read more

    Affected Products : drupal managesite
    • EPSS Score: %0.25
    • Published: Sep. 19, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2008-5914

    An unspecified function in the JavaScript implementation in Apple Safari creates and exposes a "temporary footprint" when there is a current login to a web site, which makes it easier for remote attackers to trick a user into acting upon a spoofed pop-up ... Read more

    Affected Products : safari
    • EPSS Score: %0.23
    • Published: Jan. 20, 2009
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-1999-0171

    Denial of service in syslog by sending it a large number of superfluous messages.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.17
    • Published: Jan. 01, 1997
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-1709

    Datakey Rainbow iKey2032 USB token, when using the CIP client package, does not encrypt communications between the token and the driver, which could allow local users to obtain the PINs of other users.... Read more

    Affected Products : rainbow_ikey2032_usb_token
    • EPSS Score: %0.06
    • Published: Aug. 04, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-1173

    Corel Word Perfect 8 for Linux creates a temporary working directory with world-writable permissions, which allows local users to (1) modify Word Perfect behavior by modifying files in the working directory, or (2) modify files of other users via a symlin... Read more

    Affected Products : wordperfect
    • EPSS Score: %0.14
    • Published: Dec. 18, 1998
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2013-0259

    Cross-site scripting (XSS) vulnerability in the Boxes module 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with administer or edit boxes permissions to inject arbitrary web script or HTML via the subject parameter.... Read more

    Affected Products : drupal boxes
    • EPSS Score: %0.18
    • Published: Mar. 27, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2001-0052

    IBM DB2 Universal Database version 6.1 allows users to cause a denial of service via a malformed query.... Read more

    Affected Products : db2_universal_database
    • EPSS Score: %1.57
    • Published: Feb. 16, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0633

    Vulnerability in Mandrake Linux usermode package allows local users to to reboot or halt the system.... Read more

    Affected Products : linux linux mandrake_linux
    • EPSS Score: %0.06
    • Published: Jul. 18, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0873

    netstat in AIX 4.x.x does not properly restrict access to the -Zi option, which allows local users to clear network interface statistics and possibly hide evidence of unusual network activities.... Read more

    Affected Products : aix
    • EPSS Score: %1.16
    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0375

    The kernel in FreeBSD 3.2 follows symbolic links when it creates core dump files, which allows local attackers to modify arbitrary files.... Read more

    Affected Products : freebsd
    • EPSS Score: %0.11
    • Published: Mar. 12, 2001
    • Modified: Apr. 03, 2025
Showing 20 of 291573 Results