Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2006-1526

    Buffer overflow in the X render (Xrender) extension in X.org X server 6.8.0 up to allows attackers to cause a denial of service (crash), as demonstrated by the (1) XRenderCompositeTriStrip and (2) XRenderCompositeTriFan requests in the rendertest from XCB... Read more

    Affected Products : x11r6
    • EPSS Score: %0.44
    • Published: May. 02, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2012-1771

    Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than... Read more

    Affected Products : fusion_middleware
    • EPSS Score: %0.64
    • Published: Jul. 17, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2004-1030

    fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to gain sensitive information by calling fcronsighup with an arbitrary file, which reveals the contents of the file that can not be parsed in an error message.... Read more

    Affected Products : linux fcron
    • EPSS Score: %0.07
    • Published: Mar. 01, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2009-0368

    OpenSC before 0.11.7 allows physically proximate attackers to bypass intended PIN requirements and read private data objects via a (1) low level APDU command or (2) debugging tool, as demonstrated by reading the 4601 or 4701 file with the opensc-explorer ... Read more

    Affected Products : opensc
    • EPSS Score: %0.31
    • Published: Mar. 02, 2009
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2011-1160

    The tpm_open function in drivers/char/tpm/tpm.c in the Linux kernel before 2.6.39 does not initialize a certain buffer, which allows local users to obtain potentially sensitive information from kernel memory via unspecified vectors.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.17
    • Published: Jun. 21, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2015-0077

    The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 do not properly initialize function bu... Read more

    • EPSS Score: %5.16
    • Published: Mar. 11, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2001-1392

    The Linux kernel before 2.2.19 does not have unregister calls for (1) CPUID and (2) MSR drivers, which could cause a DoS (crash) by unloading and reloading the drivers.... Read more

    Affected Products : linux_kernel linux
    • EPSS Score: %0.07
    • Published: Apr. 17, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2012-1717

    Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows local users to affect confidentiality via unknown vectors... Read more

    • EPSS Score: %0.16
    • Published: Jun. 16, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2012-1658

    Cross-site scripting (XSS) vulnerability in the Read More Link module 6.x-3.x before 6.x-3.1 for Drupal allows remote authenticated users with the access administration pages permission to inject arbitrary web script or HTML via unspecified vectors.... Read more

    Affected Products : drupal ed_readmore
    • EPSS Score: %0.34
    • Published: Sep. 18, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2005-0630

    sendpm.php in PBLang 4.63 allows remote authenticated users to read arbitrary files via a full pathname in the orig parameter.... Read more

    Affected Products : pblang
    • EPSS Score: %0.26
    • Published: Mar. 01, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2003-0334

    BitchX IRC client 1.0c20cvs and earlier allows attackers to cause a denial of service (core dump) via certain channel mode changes that are not properly handled in names.c.... Read more

    Affected Products : bitchx
    • EPSS Score: %0.08
    • Published: May. 10, 2003
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-2663

    masqmail before 0.2.18 allows local users to overwrite arbitrary files via a symlink attack on a log file.... Read more

    Affected Products : masqmail masqmail
    • EPSS Score: %0.10
    • Published: Sep. 21, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2007-5549

    Unspecified vulnerability in Command EXEC in Cisco IOS allows local users to bypass command restrictions and obtain sensitive information via an unspecified "variation of an IOS command" involving "two different methods", aka CSCsk16129. NOTE: as of 2007... Read more

    Affected Products : ios
    • EPSS Score: %0.06
    • Published: Oct. 18, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2005-0018

    The f2 shell script in the f2c package 3.1 allows local users to read arbitrary files via a symlink attack on temporary files.... Read more

    Affected Products : f2c_translator
    • EPSS Score: %0.08
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-1440

    BOM in Apple Mac OS X 10.3.9 and 10.4.6 allows attackers to overwrite arbitrary files via an archive that contains symbolic links.... Read more

    Affected Products : mac_os_x
    • EPSS Score: %0.10
    • Published: May. 12, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-3121

    A rule file in module-assistant before 0.9.10 causes a temporary file to be created insecurely, which allows local users to conduct unauthorized operations.... Read more

    Affected Products : module-assistant
    • EPSS Score: %0.07
    • Published: Oct. 20, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-0092

    Unknown vulnerability in the Red Hat Enterprise Linux 4 kernel 4GB/4GB split patch, when running on x86 with the hugemem kernel, allows local users to cause a denial of service (crash).... Read more

    • EPSS Score: %0.06
    • Published: Feb. 19, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-1444

    CoreGraphics in Apple Mac OS X 10.4.6, when "Enable access for assistive devices" is on, allows an application to bypass restrictions for secure event input and read certain events from other applications in the same window session by using Quartz Event S... Read more

    Affected Products : mac_os_x
    • EPSS Score: %0.10
    • Published: May. 12, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-6127

    Apple Mac OS X kernel allows local users to cause a denial of service via a process that uses kevent to register a queue and an event, then fork a child process that uses kevent to register an event for the same queue as the parent.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • EPSS Score: %0.52
    • Published: Nov. 27, 2006
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2005-2100

    The rw_vm function in usercopy.c in the 4GB split patch for the Linux kernel in Red Hat Enterprise Linux 4 does not perform proper bounds checking, which allows local users to cause a denial of service (crash).... Read more

    • EPSS Score: %0.06
    • Published: Oct. 25, 2005
    • Modified: Apr. 03, 2025
Showing 20 of 291162 Results