Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2007-3706

    The _sanitize_globals function in CodeIgniter 1.5.3 before 20070628 allows remote attackers to unset arbitrary global variables with unspecified impact, as demonstrated by a _SERVER cookie.... Read more

    Affected Products : codeigniter
    • EPSS Score: %0.16
    • Published: Jul. 11, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2008-4540

    Windows Mobile 6 on the HTC Hermes device makes WLAN passwords available to an auto-completion mechanism for the password input field, which allows physically proximate attackers to bypass password authentication and obtain WLAN access.... Read more

    Affected Products : windows_mobile hermes windows_mobile
    • EPSS Score: %2.33
    • Published: Oct. 13, 2008
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2011-1840

    The MartiniCreations PassmanLite Password Manager application before 1.48 for Android stores the master password and unspecified other account information in cleartext, which allows local users to obtain sensitive information by leveraging shell access.... Read more

    • EPSS Score: %0.06
    • Published: May. 13, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2012-3206

    Unspecified vulnerability in the Integrated Lights Out Manager CLI in Oracle Sun Products Suite SysFW 8.2.0.a for SPARC and Netra SPARC T3 and T4-based servers, and other versions and servers, allows local users to affect confidentiality via unknown vecto... Read more

    • EPSS Score: %0.41
    • Published: Oct. 17, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2007-5827

    iSCSI Enterprise Target (iscsitarget) 0.4.15 uses weak permissions for /etc/ietd.conf, which allows local users to obtain passwords.... Read more

    Affected Products : debian_linux iscsitarget
    • EPSS Score: %0.05
    • Published: Nov. 05, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2007-5040

    Ghost Security Suite alpha 1.200 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via the (1) NtCreateKey,... Read more

    Affected Products : ghost_security_suite
    • EPSS Score: %0.06
    • Published: Sep. 24, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2012-3276

    HP OpenVMS 8.3, 8.3-1H1, and 8.4 on the Itanium platform and 7.3-2, 8.2, 8.3, and 8.4 on the Alpha platform does not properly implement the LOGIN and ACME_SERVER ACMELOGIN programs, which allows local users to cause a denial of service via unspecified vec... Read more

    Affected Products : openvms openvms
    • EPSS Score: %0.08
    • Published: Dec. 13, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2015-1314

    The USAA Mobile Banking application before 7.10.1 for Android displays the most recently-used screen before prompting the user for login, which might allow physically proximate users to obtain banking account numbers and balances.... Read more

    Affected Products : mobile_banking
    • EPSS Score: %0.07
    • Published: Apr. 16, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2015-0519

    The InputAccel Database (IADB) installation process in EMC Captiva Capture 7.0 before patch 25 and 7.1 before patch 13 places a cleartext InputAccel (IA) SQL password in a DAL log file, which allows local users to obtain sensitive information by reading a... Read more

    Affected Products : captiva_capture
    • EPSS Score: %0.07
    • Published: Feb. 14, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2007-5039

    Ghost Security Suite beta 1.110 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via the (1) NtCreateKey, ... Read more

    Affected Products : ghost_security_suite
    • EPSS Score: %0.07
    • Published: Sep. 24, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2007-5086

    Kaspersky Anti-Virus (KAV) and Internet Security 7.0 build 125 do not properly validate certain parameters to System Service Descriptor Table (SSDT) and Shadow SSDT function handlers, which allows local users to cause a denial of service (crash) via the (... Read more

    • EPSS Score: %0.06
    • Published: Sep. 26, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2008-5417

    HP DECnet-Plus 8.3 before ECO03 for OpenVMS on the Alpha platform uses world-writable permissions for the OSIT$NAMES logical name table, which allows local users to bypass intended access restrictions and modify this table via the (1) SYS$CRELNM and (2) S... Read more

    Affected Products : decnet_plus_for_openvms openvms
    • EPSS Score: %0.08
    • Published: Dec. 10, 2008
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2012-3380

    Directory traversal vulnerability in naxsi-ui/nx_extract.py in the Naxsi module before 0.46-1 for Nginx allows local users to read arbitrary files via unspecified vectors.... Read more

    Affected Products : naxsi naxsi
    • EPSS Score: %0.17
    • Published: Aug. 31, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2014-4818

    dsmtca in the client in IBM Tivoli Storage Manager (TSM) 5.4.x, 5.5.x, 6.x before 6.4.3, and 7.1.x before 7.1.2 allows local users to discover the backup/restore encryption-key password via unspecified vectors.... Read more

    Affected Products : tivoli_storage_manager
    • EPSS Score: %0.03
    • Published: Feb. 24, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2014-6102

    IBM Maximo Asset Management 7.1 through 7.1.1.13 and 7.5.0 before 7.5.0.6 IFIX008, Maximo Asset Management 7.5.0 through 7.5.0.3 and 7.5.1 through 7.5.1.2 for SmartCloud Control Desk, and Maximo Asset Management 7.1 through 7.1.1.13 and 7.2 for Tivoli IT ... Read more

    • EPSS Score: %0.12
    • Published: Feb. 17, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2015-2111

    Unspecified vulnerability in HP Intelligent Provisioning 1.40 through 1.60 on Windows Server 2008 R2 and 2012 allows local users to obtain sensitive information via unknown vectors.... Read more

    • EPSS Score: %0.14
    • Published: Apr. 04, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2025-0883

    Improper Neutralization of Script in an Error Message Web Page vulnerability in OpenText™ Service Manager.  The vulnerability could reveal sensitive information retained by the browser. This issue affects Service Manager: 9.70, 9.71, 9.72, 9.80.... Read more

    Affected Products :
    • Published: Mar. 12, 2025
    • Modified: Mar. 12, 2025
    • Vuln Type: Information Disclosure

  • 2.1

    LOW
    CVE-2020-14541

    Vulnerability in the Hyperion Financial Close Management product of Oracle Hyperion (component: Close Manager). The supported version that is affected is 11.1.2.4. Difficult to exploit vulnerability allows high privileged attacker with network access via ... Read more

    • EPSS Score: %0.22
    • Published: Jul. 15, 2020
    • Modified: Nov. 21, 2024

  • 2.1

    LOW
    CVE-2006-1981

    Unspecified vulnerability in Java InputMethods on Mac OS X 10.4.5 may cause InputMethods to send input events for secure fields to the wrong text field, which might reveal the password to others who can view the screen.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • EPSS Score: %0.07
    • Published: Apr. 21, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-2289

    Buffer overflow in avahi-core in Avahi before 0.6.10 allows local users to execute arbitrary code via unknown vectors.... Read more

    Affected Products : avahi
    • EPSS Score: %0.12
    • Published: May. 10, 2006
    • Modified: Apr. 03, 2025
Showing 20 of 291641 Results