Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2005-2868

    ZipTorrent 1.3.7.3 stores sensitive information in plaintext in the pref.txt file, which allows local users to obtain sensitive information such as proxy server information and passwords.... Read more

    Affected Products : ziptorrent
    • EPSS Score: %0.13
    • Published: Sep. 08, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-0782

    KDE kppp allows local users to create a directory in an arbitrary location via the HOME environmental variable.... Read more

    Affected Products : linux_kernel freebsd kde
    • EPSS Score: %0.11
    • Published: Nov. 18, 1998
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-0787

    The SSH authentication agent follows symlinks via a UNIX domain socket.... Read more

    Affected Products : ssh
    • EPSS Score: %0.61
    • Published: Sep. 17, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-1360

    Unknown vulnerability in conv_fix in Sun Solaris 7 through 9, when invoked by conv_lpd, allows local users to overwrite arbitrary files.... Read more

    Affected Products : solaris sunos
    • EPSS Score: %0.24
    • Published: Feb. 27, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-4783

    kernfs_xread in kernfs_vnops.c in NetBSD before 20050831 does not check for a negative offset when reading the message buffer, which allows local users to read arbitrary kernel memory.... Read more

    Affected Products : netbsd
    • EPSS Score: %0.08
    • Published: Dec. 31, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0485

    Microsoft SQL Server allows local users to obtain database passwords via the Data Transformation Service (DTS) package Properties dialog, aka the "DTS Password" vulnerability.... Read more

    Affected Products : sql_server
    • EPSS Score: %1.27
    • Published: May. 30, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0129

    Buffer overflow in the SHGetPathFromIDList function of the Serv-U FTP server allows attackers to cause a denial of service by performing a LIST command on a malformed .lnk file.... Read more

    Affected Products : windows_95 windows_98 windows_nt
    • EPSS Score: %0.12
    • Published: Feb. 04, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2003-0679

    Unknown vulnerability in the libcpr library for the Checkpoint/Restart (cpr) system on SGI IRIX 6.5.21f and earlier allows local users to truncate or overwrite certain files.... Read more

    Affected Products : irix
    • EPSS Score: %0.11
    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-1302

    The change password option in the Windows Security interface for Windows 2000 allows attackers to use the option to attempt to change passwords of other users on other systems or identify valid accounts by monitoring error messages, possibly due to a prob... Read more

    Affected Products : windows_2000
    • EPSS Score: %0.72
    • Published: Jul. 18, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-1446

    Internet Explorer 3 records a history of all URL's that are visited by a user in DAT files located in the Temporary Internet Files and History folders, which are not cleared when the user selects the "Clear History" option, and are not visible when the us... Read more

    Affected Products : internet_explorer
    • EPSS Score: %1.02
    • Published: Aug. 05, 1997
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0565

    SmartFTP Daemon 0.2 allows a local user to access arbitrary files by uploading and specifying an alternate user configuration file via a .. (dot dot) attack.... Read more

    Affected Products : smartftp_daemon
    • EPSS Score: %0.10
    • Published: Jun. 13, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-5817

    prl_dhcpd in Parallels Desktop for Mac Build 1940 uses insecure permissions (0666) for /Library/Parallels/.dhcpd_configuration, which allows local users to modify DHCP configuration.... Read more

    Affected Products : parallels_desktop
    • EPSS Score: %0.05
    • Published: Nov. 08, 2006
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2001-0409

    vim (aka gvim) allows local users to modify files being edited by other users via a symlink attack on the backup and swap files, when the victim is editing the file in a world writable directory.... Read more

    Affected Products : vim
    • EPSS Score: %0.16
    • Published: Jun. 18, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-0446

    Local users can perform a denial of service in NetBSD 1.3.3 and earlier versions by creating an unusual symbolic link with the ln command, triggering a bug in VFS.... Read more

    Affected Products : netbsd
    • EPSS Score: %0.08
    • Published: Apr. 12, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2015-5488

    Cross-site scripting (XSS) vulnerability in the MailChimp Signup submodule in the MailChimp module 7.x-3.x before 7.x-3.3 for Drupal allows remote authenticated users with the "administer mailchimp" permission to inject arbitrary web script or HTML via un... Read more

    Affected Products : mailchimp
    • EPSS Score: %0.21
    • Published: Aug. 18, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2002-1827

    Sendmail 8.9.0 through 8.12.3 allows local users to cause a denial of service by obtaining an exclusive lock on the (1) alias, (2) map, (3) statistics, and (4) pid files.... Read more

    Affected Products : sendmail
    • EPSS Score: %0.41
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2003-0727

    Multiple buffer overflows in the XML Database (XDB) functionality for Oracle 9i Database Release 2 allow local users to cause a denial of service or hijack user sessions.... Read more

    Affected Products : database_server
    • EPSS Score: %85.76
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2013-1560

    Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 2.8.0 through 4.1.0 allows remote authenticated users to affect confidentiality via vectors related to BASE, a different vulnerability than CVE... Read more

    Affected Products : financial_services_software
    • EPSS Score: %0.19
    • Published: Apr. 17, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2007-6385

    The proxy server in Kerio WinRoute Firewall before 6.4.1 does not properly enforce authentication for HTTPS pages, which has unknown impact and attack vectors. NOTE: it is not clear whether this issue crosses privilege boundaries.... Read more

    Affected Products : winroute_firewall
    • EPSS Score: %0.07
    • Published: Dec. 15, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2006-6953

    The virtual keyboard implementation in GlobeTrotter Mobility Manager changes the color of a key as it is pressed, which allows local users to capture arbitrary keystrokes, such as for passwords, by shoulder surfing or grabbing periodic screenshots.... Read more

    Affected Products : mobility_manager
    • EPSS Score: %0.07
    • Published: Jan. 29, 2007
    • Modified: Apr. 09, 2025
Showing 20 of 291741 Results