Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2006-0555

    The Linux Kernel before 2.6.15.5 allows local users to cause a denial of service (NFS client panic) via unknown attack vectors related to the use of O_DIRECT (direct I/O).... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.10
    • Published: Mar. 07, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-0482

    Linux kernel 2.6.15.1 and earlier, when running on SPARC architectures, allows local users to cause a denial of service (hang) via a "date -s" command, which causes invalid sign extended arguments to be provided to the get_compat_timespec function call.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.07
    • Published: Jan. 31, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2012-5560

    The default configuration in mate-settings-daemon 1.5.3 allows local users to change the timezone for the system via a crafted D-Bus call.... Read more

    Affected Products : mate-settings-daemon
    • EPSS Score: %0.06
    • Published: May. 30, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2010-0883

    Unspecified vulnerability in the Sun Cluster component in Oracle Sun Product Suite 3.1 and 3.2 allows local users to affect confidentiality via unknown vectors related to Data Service for Oracle E-Business Suite, a different vulnerability than CVE-2010-08... Read more

    Affected Products : sun_products_suite
    • EPSS Score: %0.25
    • Published: Apr. 13, 2010
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2004-2394

    Off-by-one error in passwd 0.68 and earlier, when using the --stdin option, causes passwd to use the first 78 characters of a password instead of the first 79, which results in a small reduction of the search space required for brute force attacks.... Read more

    • EPSS Score: %0.08
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-0554

    Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a ... Read more

    • EPSS Score: %0.66
    • Published: Aug. 06, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2015-2576

    Unspecified vulnerability in the MySQL Utilities component in Oracle MySQL 1.5.1 and earlier, when running on Windows, allows local users to affect integrity via unknown vectors related to Installation.... Read more

    • EPSS Score: %0.09
    • Published: Apr. 16, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2005-3111

    The handler code for backupninja 0.8 and earlier creates temporary files with predictable filenames, which allows local users to modify arbitrary files via a symlink attack.... Read more

    Affected Products : backupninja
    • EPSS Score: %0.08
    • Published: Sep. 30, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-2977

    The SELinux version of PAM before 0.78 r3 allows local users to perform brute force password guessing attacks via unix_chkpwd, which does not log failed guesses or delay its responses.... Read more

    Affected Products : pam
    • EPSS Score: %0.08
    • Published: Nov. 01, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-1107

    dispatch-conf in Portage 2.0.51-r2 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files.... Read more

    Affected Products : portage linux
    • EPSS Score: %0.07
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2011-0412

    Oracle Solaris 8, 9, and 10 stores back-out patch files (undo.Z) unencrypted with world-readable permissions under /var/sadm/pkg/, which allows local users to obtain password hashes and conduct brute force password guessing attacks.... Read more

    Affected Products : sunos solaris
    • EPSS Score: %0.07
    • Published: Apr. 19, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2011-0524

    Multiple buffer overflows in the NMEA parser (nmea-gen.c) in gypsy 0.8 allow local users to cause a denial of service (crash) via unspecified vectors related to the sprintf function.... Read more

    Affected Products : gypsy
    • EPSS Score: %0.09
    • Published: Aug. 13, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2015-6109

    The kernel in Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to bypass the KASLR protection mechanism, and consequently discover a driver base address, via a crafted application, aka "Windows... Read more

    • EPSS Score: %2.88
    • Published: Nov. 11, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2005-0756

    ptrace in Linux kernel 2.6.8.1 does not properly verify addresses on the amd64 platform, which allows local users to cause a denial of service (kernel crash).... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.06
    • Published: Jun. 08, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-2960

    cfengine 1.6.5 and 2.1.16 allows local users to overwrite arbitrary files via a symlink attack on temporary files used by vicf.in, a different vulnerability than CVE-2005-3137.... Read more

    Affected Products : debian_linux cfengine
    • EPSS Score: %0.07
    • Published: Oct. 05, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2015-3291

    arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the x86_64 platform does not properly determine when nested NMI processing is occurring, which allows local users to cause a denial of service (skipped NMI) by modifying the rsp register, issui... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.06
    • Published: Aug. 31, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2015-6252

    The vhost_dev_ioctl function in drivers/vhost/vhost.c in the Linux kernel before 4.1.5 allows local users to cause a denial of service (memory consumption) via a VHOST_SET_LOG_FD ioctl call that triggers permanent file-descriptor allocation.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.09
    • Published: Oct. 19, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2011-3435

    Open Directory in Apple Mac OS X 10.7 before 10.7.2 allows local users to read the password data of arbitrary users via unspecified vectors.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • EPSS Score: %0.12
    • Published: Oct. 14, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2005-2748

    The malloc function in the libSystem library in Apple Mac OS X 10.3.9 and 10.4.2 allows local users to overwrite arbitrary files by setting the MallocLogFile environment variable to the target file before running a setuid application.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • EPSS Score: %0.10
    • Published: Oct. 25, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2011-4110

    The user_update function in security/keys/user_defined.c in the Linux kernel 2.6 allows local users to cause a denial of service (NULL pointer dereference and kernel oops) via vectors related to a user-defined key and "updating a negative key into a fully... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.14
    • Published: Jan. 27, 2012
    • Modified: Apr. 11, 2025
Showing 20 of 291275 Results