Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2013-3790

    Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to affect integrity via unknown vectors related to Privileged Account.... Read more

    Affected Products : database_server
    • EPSS Score: %0.38
    • Published: Jul. 17, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2015-2529

    The kernel in Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10 allows local users to bypass the ASLR protection mechanism via a crafted application, aka "Kernel ASLR Bypass Vulnerability."... Read more

    • EPSS Score: %4.40
    • Published: Sep. 09, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2015-2381

    win32k.sys in the kernel-mode drivers in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to obtain sensitive information from kernel memory via a crafted application, aka "Win32k Informatio... Read more

    • EPSS Score: %1.93
    • Published: Jul. 14, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2012-1004

    Multiple cross-site scripting (XSS) vulnerabilities in UI/Register.pm in Foswiki before 1.1.5 allow remote authenticated users with CHANGE privileges to inject arbitrary web script or HTML via the (1) text, (2) FirstName, (3) LastName, (4) OrganisationNam... Read more

    Affected Products : foswiki
    • EPSS Score: %0.26
    • Published: Feb. 08, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2013-5162

    Passcode Lock in Apple iOS before 7.0.3 on iPhone devices allows physically proximate attackers to bypass the passcode-failure disabled state by leveraging certain incorrect visibility of the passcode-entry view after use of the Phone app.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.06
    • Published: Oct. 24, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2014-0876

    Buffer overflow in the Java GUI Configuration Wizard and Preferences Editor in the backup-archive client in IBM Tivoli Storage Manager (TSM) 5.x and 6.x before 6.2.5.2, 6.3.x before 6.3.2, and 6.4.x before 6.4.2 on Windows and OS X allows local users to c... Read more

    • EPSS Score: %0.05
    • Published: Aug. 17, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2012-0959

    Remote Login Service (RLS) 1.0.0 does not properly clear account information when switching users, which might allow physically proximate users to obtain login credentials.... Read more

    Affected Products : remote_login_service
    • EPSS Score: %0.07
    • Published: Nov. 24, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2012-0948

    DistUpgrade/DistUpgradeMain.py in Update Manager, as used by Ubuntu 12.04 LTS, 11.10, and 11.04, uses weak permissions for (1) apt-clone_system_state.tar.gz and (2) system_state.tar.gz, which allows local users to obtain repository credentials.... Read more

    Affected Products : ubuntu_linux update-manager-core
    • EPSS Score: %0.05
    • Published: Jun. 07, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2014-100039

    mbae.sys in Malwarebytes Anti-Exploit before 1.05.1.2014 allows local users to cause a denial of service (crash) via a crafted size in an unspecified IOCTL call, which triggers an out-of-bounds read. NOTE: some of these details are obtained from third pa... Read more

    Affected Products : malwarebytes_anti-exploit
    • EPSS Score: %0.18
    • Published: Jan. 13, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2015-1676

    The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow local users to bypass the ASLR p... Read more

    • EPSS Score: %3.16
    • Published: May. 13, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2013-3745

    Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 allows local users to affect availability via unknown vectors related to Libraries/Libc.... Read more

    Affected Products : sunos solaris
    • EPSS Score: %0.05
    • Published: Jul. 17, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2015-1677

    The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow local users to bypass the ASLR p... Read more

    • EPSS Score: %3.16
    • Published: May. 13, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2010-0854

    Unspecified vulnerability in the Audit component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote authenticated users to affect integrity, related to "SELECT, INSERT or DELETE on tables subject to auditing."... Read more

    Affected Products : database_server
    • EPSS Score: %0.28
    • Published: Apr. 13, 2010
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2010-0750

    pkexec.c in pkexec in libpolkit in PolicyKit 0.96 allows local users to determine the existence of arbitrary files via the argument.... Read more

    Affected Products : policykit
    • EPSS Score: %0.08
    • Published: Apr. 06, 2010
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2014-1317

    iBooks Commerce in Apple OS X before 10.9.4 places Apple ID credentials in the iBooks log, which allows local users to obtain sensitive information by reading this file.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.07
    • Published: Jul. 01, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2010-0530

    Apple QuickTime before 7.6.9 on Windows sets weak permissions for the Apple Computer directory in the profile of a user account, which allows local users to obtain sensitive information by reading files in this directory.... Read more

    Affected Products : quicktime windows
    • EPSS Score: %0.11
    • Published: Dec. 09, 2010
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2014-6488

    Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Enterprise Manager Grid Control EM Base Platform: 10.2.0.5, 11.1.0.1 EM DB Control: 11.1.0.7, 11.2.0.3, 11.2.0.4 EM Plugin for DB: 12.1.0.4, 12.1.0.5, and 12.1.0.6... Read more

    • EPSS Score: %0.19
    • Published: Oct. 15, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2015-1647

    Virtual Machine Manager (VMM) in Hyper-V in Microsoft Windows 8.1 and Windows Server 2012 R2 allows guest OS users to cause a denial of service (VMM functionality loss) via a crafted application, aka "Windows Hyper-V DoS Vulnerability."... Read more

    Affected Products : windows_8.1 windows_server_2012
    • EPSS Score: %0.44
    • Published: Apr. 14, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2014-8135

    The storageVolUpload function in storage/storage_driver.c in libvirt before 1.2.11 does not check a certain return value, which allows local users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted offset value in a "vi... Read more

    Affected Products : libvirt
    • EPSS Score: %0.16
    • Published: Dec. 19, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2011-1007

    Best Practical Solutions RT before 3.8.9 does not perform certain redirect actions upon a login, which allows physically proximate attackers to obtain credentials by resubmitting the login form via the back button of a web browser on an unattended worksta... Read more

    Affected Products : rt request_tracker
    • EPSS Score: %0.11
    • Published: Feb. 28, 2011
    • Modified: Apr. 11, 2025
Showing 20 of 291384 Results