Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2004-0181

    The JFS file system code in Linux 2.4.x has an information leak in which in-memory data is written to the device for the JFS file system, which allows local users to obtain sensitive information by reading the raw device.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.06
    • Published: Jun. 01, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2003-0381

    Multiple vulnerabilities in noweb 2.9 and earlier creates temporary files insecurely, which allows local users to overwrite arbitrary files via multiple vectors including the noroff script.... Read more

    Affected Products : noweb
    • EPSS Score: %0.11
    • Published: Jul. 24, 2003
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2010-1636

    The btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the btrfs functionality in the Linux kernel 2.6.29 through 2.6.32, and possibly other versions, does not ensure that a cloned file descriptor has been opened for reading, which allows local users to re... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.24
    • Published: Jun. 08, 2010
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2013-4064

    Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.x before 8.5.3 FP6 and 9.0.x before 9.0.1, when ultra-light mode is enabled, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTH... Read more

    Affected Products : lotus_inotes lotus_domino
    • EPSS Score: %0.17
    • Published: Dec. 21, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-1999-1572

    cpio on FreeBSD 2.1.0, Debian GNU/Linux 3.0, and possibly other operating systems, uses a 0 umask when creating files using the -O (archive) or -F options, which creates the files with mode 0666 and allows local users to read or overwrite those files.... Read more

    • EPSS Score: %0.11
    • Published: Jul. 16, 1996
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2013-6387

    Cross-site scripting (XSS) vulnerability in the Image module in Drupal 7.x before 7.24 allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via the description field.... Read more

    Affected Products : drupal
    • EPSS Score: %0.16
    • Published: Dec. 24, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2014-0103

    WebAccess in Zarafa before 7.1.10 and WebApp before 1.6 stores credentials in cleartext, which allows local Apache users to obtain sensitive information by reading the PHP session files.... Read more

    Affected Products : fedora zarafa webapp
    • EPSS Score: %0.08
    • Published: Jul. 29, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2006-5173

    Linux kernel does not properly save or restore EFLAGS during a context switch, or reset the flags when creating new threads, which allows local users to cause a denial of service (process crash), as demonstrated using a process that sets the Alignment Che... Read more

    Affected Products : linux_kernel ubuntu_linux
    • EPSS Score: %0.06
    • Published: Oct. 17, 2006
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2006-4031

    MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to access a table through a previously created MERGE table, even after the user's privileges are revoked for the original table, which might violate intended security policy.... Read more

    Affected Products : mysql mysql
    • EPSS Score: %0.26
    • Published: Aug. 09, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-2110

    Virtual Private Server (Vserver) 2.0.x before 2.0.2-rc18 and 2.1.x before 2.1.1-rc18 provides certain context capabilities (ccaps) that allow local guest users to perform operations that were only intended to be allowed by the guest-root.... Read more

    Affected Products : vserver
    • EPSS Score: %0.09
    • Published: May. 01, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-2071

    Linux kernel 2.4.x and 2.6.x up to 2.6.16 allows local users to bypass IPC permissions and modify a readonly attachment of shared memory by using mprotect to give write permission to the attachment. NOTE: some original raw sources combined this issue wit... Read more

    Affected Products : linux_kernel enterprise_linux
    • EPSS Score: %0.11
    • Published: Apr. 27, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2014-3638

    The bus_connections_check_reply function in config-parser.c in D-Bus before 1.6.24 and 1.8.x before 1.8.8 allows local users to cause a denial of service (CPU consumption) via a large number of method calls.... Read more

    Affected Products : dbus opensuse d-bus
    • EPSS Score: %0.10
    • Published: Sep. 22, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2015-2585

    Unspecified vulnerability in the Application Express component in Oracle Database Server before 5.0 allows remote authenticated users to affect availability via unknown vectors.... Read more

    Affected Products : database_server
    • EPSS Score: %0.36
    • Published: Jul. 16, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2006-0512

    PADL MigrationTools 46 creates temporary files insecurely, which allows local users to overwrite arbitrary files via a symlink attack on the temporary files, which are not properly created by (1) migrate_all_online.sh, (2) migrate_all_offline.sh, (3) migr... Read more

    Affected Products : migrationtools
    • EPSS Score: %0.07
    • Published: Feb. 02, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-3181

    The audit system in Linux kernel 2.6.6, and other versions before 2.6.13.4, when CONFIG_AUDITSYSCALL is enabled, uses an incorrect function to free names_cache memory, which prevents the memory from being tracked by AUDITSYSCALL code and leads to a memory... Read more

    • EPSS Score: %0.15
    • Published: Oct. 12, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-3137

    The (1) cfmailfilter and (2) cfcron.in files for cfengine 1.6.5 allow local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CVE-2005-2960.... Read more

    Affected Products : cfengine
    • EPSS Score: %0.07
    • Published: Oct. 05, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2003-1273

    Winamp 3.0 allows remote attackers to cause a denial of service (crash) via a .b4s file with a playlist name that contains some non-English characters, e.g. Cyrillic characters.... Read more

    Affected Products : winamp
    • EPSS Score: %0.23
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2003-0618

    Multiple vulnerabilities in suidperl 5.6.1 and earlier allow a local user to obtain sensitive information about files for which the user does not have appropriate permissions.... Read more

    Affected Products : debian_linux suidperl
    • EPSS Score: %0.05
    • Published: May. 04, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2011-1172

    net/ipv6/netfilter/ip6_tables.c in the IPv6 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially se... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.04
    • Published: Jun. 22, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2003-0207

    ps2epsi creates insecure temporary files when calling ghostscript, which allows local attackers to overwrite arbitrary files.... Read more

    Affected Products : gs-common
    • EPSS Score: %0.11
    • Published: May. 05, 2003
    • Modified: Apr. 03, 2025
Showing 20 of 291209 Results