Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2011-2286

    Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows remote authenticated users to affect availability, related to ZFS.... Read more

    Affected Products : solaris
    • EPSS Score: %0.36
    • Published: Oct. 18, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2010-3735

    The "Query Compiler, Rewrite, Optimizer" component in IBM DB2 UDB 9.5 before FP6a allows remote authenticated users to cause a denial of service (CPU consumption) via a crafted query involving certain UNION ALL views, leading to an indefinitely large amou... Read more

    Affected Products : db2
    • EPSS Score: %0.41
    • Published: Oct. 05, 2010
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2007-6418

    The libdspam7-drv-mysql cron job in Debian GNU/Linux includes the MySQL dspam database password in a command line argument, which might allow local users to read the password by listing the process and its arguments.... Read more

    Affected Products : debian_linux
    • EPSS Score: %0.06
    • Published: Dec. 18, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2012-3221

    Unspecified vulnerability in the Oracle VM Virtual Box component in Oracle Virtualization 3.2, 4.0, and 4.1 allows local users to affect availability via unknown vectors related to VirtualBox Core. NOTE: The previous information was obtained from the Oct... Read more

    • EPSS Score: %0.40
    • Published: Oct. 17, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2011-3215

    The kernel in Apple Mac OS X before 10.7.2 does not properly prevent FireWire DMA in the absence of a login, which allows physically proximate attackers to bypass intended access restrictions and discover a password by making a DMA request in the (1) logi... Read more

    Affected Products : mac_os_x mac_os_x_server
    • EPSS Score: %0.07
    • Published: Oct. 14, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2011-3431

    The Home screen component in Apple iOS before 5 does not properly support a certain application-switching gesture, which might allow physically proximate attackers to obtain sensitive state information by watching the device's screen.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.07
    • Published: Oct. 14, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2012-3146

    Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to affect integrity via unknown vectors.... Read more

    Affected Products : database_server
    • EPSS Score: %0.17
    • Published: Oct. 16, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2012-1698

    Unspecified vulnerability in Oracle Sun Solaris 11 allows remote authenticated users to affect confidentiality, related to Kernel/GLD.... Read more

    Affected Products : sunos solaris
    • EPSS Score: %0.26
    • Published: May. 03, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2010-3094

    Multiple cross-site scripting (XSS) vulnerabilities in Drupal 6.x before 6.18 allow remote authenticated users with certain privileges to inject arbitrary web script or HTML via (1) an action description, (2) an action message, (3) a node, or (4) a taxono... Read more

    Affected Products : drupal
    • EPSS Score: %0.21
    • Published: Sep. 21, 2010
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2011-1828

    usb-creator-helper in usb-creator before 0.2.28.3 does not enforce intended PolicyKit restrictions, which allows local users to perform arbitrary unmount operations via the UnmountFile method in a dbus-send command.... Read more

    Affected Products : usb-creator
    • EPSS Score: %0.06
    • Published: May. 16, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2012-3731

    Mail in Apple iOS before 6 does not properly implement the Data Protection feature for e-mail attachments, which allows physically proximate attackers to bypass an intended passcode requirement via unspecified vectors.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.07
    • Published: Sep. 20, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2011-4327

    ssh-keysign.c in ssh-keysign in OpenSSH before 5.8p2 on certain platforms executes ssh-rand-helper with unintended open file descriptors, which allows local users to obtain sensitive key information via the ptrace system call.... Read more

    Affected Products : openssh
    • EPSS Score: %0.10
    • Published: Feb. 03, 2014
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2010-5297

    WordPress before 3.0.1, when a Multisite installation is used, permanently retains the "site administrators can add users" option once changed, which might allow remote authenticated administrators to bypass intended access restrictions in opportunistic c... Read more

    Affected Products : wordpress
    • EPSS Score: %0.27
    • Published: Jan. 21, 2014
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2012-3427

    EC2 Amazon Machine Image (AMI) in JBoss Enterprise Application Platform (EAP) 5.1.2 uses 755 permissions for /var/cache/jboss-ec2-eap/, which allows local users to read sensitive information such as Amazon Web Services (AWS) credentials by reading files i... Read more

    • EPSS Score: %0.05
    • Published: Feb. 02, 2014
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2012-3718

    Apple Mac OS X before 10.7.5 and 10.8.x before 10.8.2 allows local users to read passwords entered into Login Window (aka LoginWindow) or Screen Saver Unlock by installing an input method that intercepts keystrokes.... Read more

    Affected Products : mac_os_x mac_os_x_server mac_os_x
    • EPSS Score: %0.06
    • Published: Sep. 20, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2012-4574

    Pulp in Red Hat CloudForms before 1.1 uses world-readable permissions for pulp.conf, which allows local users to read the administrative password by reading this file.... Read more

    • EPSS Score: %0.08
    • Published: Jan. 04, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2012-2531

    Microsoft Internet Information Services (IIS) 7.5 uses weak permissions for the Operational log, which allows local users to discover credentials by reading this file, aka "Password Disclosure Vulnerability."... Read more

    Affected Products : windows_7 windows_server_2008
    • EPSS Score: %0.20
    • Published: Nov. 14, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2012-0948

    DistUpgrade/DistUpgradeMain.py in Update Manager, as used by Ubuntu 12.04 LTS, 11.10, and 11.04, uses weak permissions for (1) apt-clone_system_state.tar.gz and (2) system_state.tar.gz, which allows local users to obtain repository credentials.... Read more

    Affected Products : ubuntu_linux update-manager-core
    • EPSS Score: %0.05
    • Published: Jun. 07, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2012-1923

    RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x store passwords in cleartext under adm_b_db\users\, which allows local users to obtain sensitive information by reading a database.... Read more

    Affected Products : helix_server helix_mobile_server
    • EPSS Score: %0.24
    • Published: Apr. 17, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2012-0959

    Remote Login Service (RLS) 1.0.0 does not properly clear account information when switching users, which might allow physically proximate users to obtain login credentials.... Read more

    Affected Products : remote_login_service
    • EPSS Score: %0.07
    • Published: Nov. 24, 2012
    • Modified: Apr. 11, 2025
Showing 20 of 291672 Results