Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2001-0666

    Outlook Web Access (OWA) in Microsoft Exchange 2000 allows an authenticated user to cause a denial of service (CPU consumption) via a malformed OWA request for a deeply nested folder within the user's mailbox.... Read more

    Affected Products : exchange_server
    • EPSS Score: %0.29
    • Published: Oct. 30, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2012-2068

    Multiple cross-site scripting (XSS) vulnerabilities in fancy_slide.module in the Fancy Slide module before 6.x-2.7 for Drupal allow remote authenticated users with the administer fancy_slide permission to inject arbitrary web script or HTML via the (1) no... Read more

    Affected Products : drupal fancy_slide
    • EPSS Score: %0.34
    • Published: Sep. 05, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2004-1336

    The xdvizilla script in tetex-bin 2.0.2 creates temporary files with predictable file names, which allows local users to overwrite arbitrary files via a symlink attack.... Read more

    Affected Products : linux tetex-bin
    • EPSS Score: %0.06
    • Published: Dec. 23, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-1225

    Hughes Technology Mini SQL 2.0.10 through 2.0.12 allows local users to cause a denial of service by creating a very large array in a table, which causes miniSQL to crash when the table is queried.... Read more

    Affected Products : msql
    • EPSS Score: %0.06
    • Published: Dec. 26, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-1518

    RunAs (runas.exe) in Windows 2000 only creates one session instance at a time, which allows local users to cause a denial of service (RunAs hang) by creating a named pipe session with the authentication server without any request for service. NOTE: the v... Read more

    Affected Products : windows_2000
    • EPSS Score: %0.61
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2015-1951

    IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.8 IFIX001, and 7.6.0 before 7.6.0.0 IFIX005 does not prevent caching of HTTPS responses, which allows physically proximate attackers to obtain sensitive local-cache information by levera... Read more

    Affected Products : maximo_asset_management
    • EPSS Score: %0.06
    • Published: Jul. 01, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2012-6117

    Aeolus Configuration Server, as used in Red Hat CloudForms Cloud Engine before 1.1.2, uses world-readable permissions for /var/log/aeolus-configserver/configserver.log, which allows local users to read plaintext passwords by reading the log file.... Read more

    • EPSS Score: %0.10
    • Published: Mar. 12, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2013-5429

    The Risk Based Access functionality in IBM Tivoli Federated Identity Manager (TFIM) 6.2.2 before FP9 and Tivoli Federated Identity Manager Business Gateway (TFIMBG) 6.2.2 before FP9 does not prevent reuse of One Time Password (OTP) tokens, which makes it ... Read more

    Affected Products : tivoli_federated_identity_manager
    • EPSS Score: %0.18
    • Published: Jan. 21, 2014
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2006-3787

    kpf4ss.exe in Sunbelt Kerio Personal Firewall 4.3.x before 4.3.268 does not properly hook the CreateRemoteThread API function, which allows local users to cause a denial of service (crash) and bypass protection mechanisms by calling CreateRemoteThread.... Read more

    Affected Products : personal_firewall
    • EPSS Score: %0.22
    • Published: Jul. 24, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-2762

    Avaya VPNRemote before 4.2.33 stores credentials in cleartext in process memory, which allows attackers to obtain the VPN user's credentials.... Read more

    Affected Products : vpnremote
    • EPSS Score: %0.07
    • Published: Dec. 31, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-1500

    Format string vulnerability in the Lithtech engine, as used in multiple games, allows remote authenticated users to cause a denial of service (application crash) via format string specifiers in (1) a nickname or (2) a message.... Read more

    • EPSS Score: %1.35
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0351

    Microsoft Windows 2000 telnet service allows a local user to make a certain system call that allows the user to terminate a Telnet session and cause a denial of service.... Read more

    Affected Products : windows_2000
    • EPSS Score: %0.44
    • Published: Jul. 21, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2013-7064

    Cross-site scripting (XSS) vulnerability in the EU Cookie Compliance module 7.x-1.x before 7.x-1.12 for Drupal allows remote authenticated administrators with the "Administer EU Cookie Compliance popup" permission to inject arbitrary web script or HTML vi... Read more

    Affected Products : eu_cookie_compliance
    • EPSS Score: %0.20
    • Published: Apr. 29, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2004-0770

    romload.c in DGen Emulator 1.23 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files during decompression of (1) gzip or (2) bzip ROM files.... Read more

    Affected Products : debian_linux emulator
    • EPSS Score: %0.06
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-2105

    Microsoft Windows XP allows local users to prevent the system from booting via a corrupt explorer.exe.manifest file.... Read more

    Affected Products : windows_xp
    • EPSS Score: %0.39
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2013-3043

    Directory traversal vulnerability in the client in IBM Rational Software Architect Design Manager and Rhapsody Design Manager 3.x and 4.x before 4.0.5 allows local users to read arbitrary files via vectors involving temporary files.... Read more

    • EPSS Score: %0.02
    • Published: Dec. 14, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2000-0139

    Internet Anywhere POP3 Mail Server allows local users to cause a denial of service via a malformed RETR command.... Read more

    Affected Products : internet_anywhere_mail_server
    • EPSS Score: %0.20
    • Published: Dec. 03, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2011-0652

    lnsfw1.sys 6.0.2900.5512 in Look 'n' Stop Firewall 2.06p4 and 2.07 allows local users to cause a denial of service (crash) via a crafted 0x80000064 IOCTL request that triggers an assertion failure. NOTE: some of these details are obtained from third part... Read more

    Affected Products : look_\'n\'_stop_firewall
    • EPSS Score: %0.23
    • Published: Jan. 28, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2001-1378

    fetchmailconf in fetchmail before 5.7.4 allows local users to overwrite files of other users via a symlink attack on temporary files.... Read more

    Affected Products : fetchmail
    • EPSS Score: %0.05
    • Published: Sep. 06, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0078

    in.mond in Sun Cluster 2.x allows local users to read arbitrary files via a symlink attack on the status file of a host running HA-NFS.... Read more

    Affected Products : cluster
    • EPSS Score: %0.10
    • Published: Feb. 12, 2001
    • Modified: Apr. 03, 2025
Showing 20 of 291722 Results