Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2006-1863

    Directory traversal vulnerability in CIFS in Linux 2.6.16 and earlier allows local users to escape chroot restrictions for an SMB-mounted filesystem via "..\\" sequences, a similar vulnerability to CVE-2006-1864.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.19
    • Published: Apr. 25, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2009-1276

    XScreenSaver in Sun Solaris 10 and OpenSolaris before snv_109, and Solaris 8 and 9 with GNOME 2.0 or 2.0.2, allows physically proximate attackers to obtain sensitive information by reading popup windows, which are displayed even when the screen is locked,... Read more

    Affected Products : solaris opensolaris gnome
    • EPSS Score: %0.07
    • Published: Apr. 09, 2009
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2005-0118

    helvis 1.8h2_1 and earlier stores recovery files in world readable directories with world readable permissions, which allows local users to read the recovered files of other users.... Read more

    Affected Products : helvis
    • EPSS Score: %0.05
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-1333

    Integer overflow in the vc_resize function in the Linux kernel 2.4 and 2.6 before 2.6.10 allows local users to cause a denial of service (kernel crash) via a short new screen value, which leads to a buffer overflow.... Read more

    Affected Products : linux_kernel linux fedora_core
    • EPSS Score: %0.23
    • Published: Dec. 15, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-2973

    The udp_v6_get_port function in udp.c in Linux 2.6 before 2.6.14-rc5, when running IPv6, allows local users to cause a denial of service (infinite loop and crash).... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.29
    • Published: Oct. 27, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-2992

    arc 5.21j and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different type of vulnerability than CVE-2005-2945.... Read more

    Affected Products : arc
    • EPSS Score: %0.07
    • Published: Oct. 13, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2008-3272

    The snd_seq_oss_synth_make_info function in sound/core/seq/oss/seq_oss_synth.c in the sound subsystem in the Linux kernel before 2.6.27-rc2 does not verify that the device number is within the range defined by max_synthdev before returning certain data to... Read more

    • EPSS Score: %0.06
    • Published: Aug. 08, 2008
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2015-2382

    win32k.sys in the kernel-mode drivers in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to obtain sensitive information from kernel memory via a crafted application, aka "Win32k Informatio... Read more

    • EPSS Score: %1.93
    • Published: Jul. 14, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2004-1377

    The (1) fixps (aka fixps.in) and (2) psmandup (aka psmandup.in) scripts in a2ps before 4.13 allow local users to overwrite arbitrary files via a symlink attack on temporary files.... Read more

    • EPSS Score: %0.07
    • Published: Dec. 27, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-3053

    The sys_set_mempolicy function in mempolicy.c in Linux kernel 2.6.x allows local users to cause a denial of service (kernel BUG()) via a negative first argument.... Read more

    Affected Products : linux_kernel enterprise_linux
    • EPSS Score: %0.10
    • Published: Sep. 26, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-0755

    The FileStore capability in CGI::Session for Ruby before 1.8.1, and possibly PStore, creates files with insecure permissions, which can allow local users to steal session information and hijack sessions.... Read more

    Affected Products : ruby
    • EPSS Score: %0.06
    • Published: Oct. 20, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-1438

    The mod_authz_svn Apache module for Subversion 1.0.4-r1 and earlier allows remote authenticated users, with write access to the repository, to read unauthorized parts of the repository via the svn copy command.... Read more

    Affected Products : subversion
    • EPSS Score: %0.25
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-1998

    OpenTTD 0.4.7 and earlier allows local users to cause a denial of service (application exit) via a large invalid error number, which triggers an error.... Read more

    Affected Products : openttd
    • EPSS Score: %0.19
    • Published: Apr. 25, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-0095

    dm-crypt in Linux kernel 2.6.15 and earlier does not clear a structure before it is freed, which leads to a memory disclosure that could allow local users to obtain sensitive information about a cryptographic key.... Read more

    Affected Products : linux_kernel enterprise_linux
    • EPSS Score: %0.13
    • Published: Jan. 06, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-0706

    Bugzilla 2.17.5 through 2.17.7 embeds the password in an image URL, which could allow local users to view the password in the web server log files.... Read more

    Affected Products : bugzilla
    • EPSS Score: %0.07
    • Published: Jul. 27, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-0120

    helvis 1.8h2_1 and earlier allows local users to delete arbitrary files via the elvprsv setuid program.... Read more

    Affected Products : helvis
    • EPSS Score: %0.06
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-0142

    Firefox 0.9, Thunderbird 0.6 and other versions before 0.9, and Mozilla 1.7 before 1.7.5 save temporary files with world-readable permissions, which allows local users to read certain web content or attachments that belong to other users, e.g. content tha... Read more

    Affected Products : firefox thunderbird mozilla
    • EPSS Score: %0.06
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-0233

    Utempter allows device names that contain .. (dot dot) directory traversal sequences, which allows local users to overwrite arbitrary files via a symlink attack on device names in combination with an application that trusts the utmp or wtmp files.... Read more

    Affected Products : propack slackware_linux utempter
    • EPSS Score: %0.21
    • Published: Aug. 18, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-0211

    The kernel for Microsoft Windows Server 2003 does not reset certain values in CPU data structures, which allows local users to cause a denial of service (system crash) via a malicious program.... Read more

    • EPSS Score: %1.38
    • Published: Nov. 03, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2007-3100

    usr/log.c in iscsid in open-iscsi (iscsi-initiator-utils) before 2.0-865 uses a semaphore with insecure permissions (world-writable/world-readable) for managing log messages using shared memory, which allows local users to cause a denial of service (hang)... Read more

    Affected Products : enterprise_linux open_iscsi
    • EPSS Score: %0.05
    • Published: Jun. 14, 2007
    • Modified: Apr. 09, 2025
Showing 20 of 292118 Results