Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2011-2495

    fs/proc/base.c in the Linux kernel before 2.6.39.4 does not properly restrict access to /proc/#####/io files, which allows local users to obtain sensitive I/O statistics by polling a file, as demonstrated by discovering the length of another user's passwo... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.12
    • Published: Jun. 13, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2015-0146

    IBM Content Collector for Email 3.0 before 3.0.0.6-IBM-ICC-Server-IF001 and 4.0 before 4.0.0.3-IBM-ICC-Server-IF001 does not properly handle an unspecified query operator during searches of IBM FileNet P8 systems with IBM Content Search Services, which al... Read more

    Affected Products : content_collector
    • EPSS Score: %0.05
    • Published: Mar. 18, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2015-1345

    The bmexec_trans function in kwset.c in grep 2.19 through 2.21 allows local users to cause a denial of service (out-of-bounds heap read and crash) via crafted input when using the -F option.... Read more

    Affected Products : opensuse grep
    • EPSS Score: %0.09
    • Published: Feb. 12, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2013-2141

    The do_tkill function in kernel/signal.c in the Linux kernel before 3.8.9 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory via a crafted application that makes a (1) tkill or (2) tgk... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.03
    • Published: Jun. 07, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2009-4901

    The MSGFunctionDemarshall function in winscard_svc.c in the PC/SC Smart Card daemon (aka PCSCD) in MUSCLE PCSC-Lite before 1.5.4 might allow local users to cause a denial of service (daemon crash) via crafted SCARD_SET_ATTRIB message data, which is improp... Read more

    Affected Products : pcsc-lite
    • EPSS Score: %0.07
    • Published: Jun. 18, 2010
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2014-0181

    The Netlink implementation in the Linux kernel through 3.14.1 does not provide a mechanism for authorizing socket operations based on the opener of a socket, which allows local users to bypass intended access restrictions and modify network configurations... Read more

    • EPSS Score: %0.03
    • Published: Apr. 27, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2012-1769

    Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than... Read more

    Affected Products : fusion_middleware
    • EPSS Score: %11.08
    • Published: Jul. 17, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2011-1044

    The ib_uverbs_poll_cq function in drivers/infiniband/core/uverbs_cmd.c in the Linux kernel before 2.6.37 does not initialize a certain response buffer, which allows local users to obtain potentially sensitive information from kernel memory via vectors tha... Read more

    • EPSS Score: %0.06
    • Published: Feb. 18, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2011-1080

    The do_replace function in net/bridge/netfilter/ebtables.c in the Linux kernel before 2.6.39 does not ensure that a certain name field ends with a '\0' character, which allows local users to obtain potentially sensitive information from kernel stack memor... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.08
    • Published: Jun. 21, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2011-0711

    The xfs_fs_geometry function in fs/xfs/xfs_fsops.c in the Linux kernel before 2.6.38-rc6-git3 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an FSGEOMETRY_V... Read more

    • EPSS Score: %0.06
    • Published: Mar. 01, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2010-4529

    Integer underflow in the irda_getsockopt function in net/irda/af_irda.c in the Linux kernel before 2.6.37 on platforms other than x86 allows local users to obtain potentially sensitive information from kernel heap memory via an IRLMP_ENUMDEVICES getsockop... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.05
    • Published: Jan. 13, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2005-3108

    mm/ioremap.c in Linux 2.6 on 64-bit x86 systems allows local users to cause a denial of service or an information leak via an ioremap on a certain memory map that causes the iounmap to perform a lookup of a page that does not exist.... Read more

    Affected Products : linux_kernel enterprise_linux
    • EPSS Score: %0.07
    • Published: Sep. 30, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-1052

    The selinux_ptrace logic in hooks.c in SELinux for Linux 2.6.6 allows local users with ptrace permissions to change the tracer SID to an SID of another process.... Read more

    Affected Products : linux_kernel enterprise_linux
    • EPSS Score: %0.05
    • Published: May. 05, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2011-3257

    The Data Access component in Apple iOS before 5 does not properly handle the existence of multiple user accounts on the same mail server, which allows local users to bypass intended access restrictions in opportunistic circumstances by leveraging a differ... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.05
    • Published: Oct. 14, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2006-0369

    MySQL 5.0.18 allows local users with access to a VIEW to obtain sensitive information via the "SELECT * FROM information_schema.views;" query, which returns the query that created the VIEW. NOTE: this issue has been disputed by third parties, saying that... Read more

    Affected Products : mysql
    • EPSS Score: %0.12
    • Published: Jan. 22, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-1857

    Directory traversal vulnerability in setinfo.hts in HP Web Jetadmin 7.5.2546 allows remote authenticated attackers to read arbitrary files via a .. (dot dot) in the setinclude parameter.... Read more

    Affected Products : web_jetadmin
    • EPSS Score: %78.04
    • Published: Mar. 24, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2009-3554

    Twiddle in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP08 and 4.3 before 4.3.0.CP07 writes the JMX password, and other command-line arguments, to the twiddle.log file, which allows local users to obtain sensit... Read more

    • EPSS Score: %0.06
    • Published: Dec. 15, 2009
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2001-1412

    nidump on MacOS X before 10.3 allows local users to read the encrypted passwords from the password file by specifying passwd as a command line argument.... Read more

    Affected Products : mac_os_x
    • EPSS Score: %0.23
    • Published: Nov. 17, 2003
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2012-2658

    Buffer overflow in the SQLDriverConnect function in unixODBC 2.3.1 allows local users to cause a denial of service (crash) via a long string in the DRIVER option. NOTE: this issue might not be a vulnerability, since the ability to set this option typicall... Read more

    Affected Products : unixodbc
    • EPSS Score: %0.08
    • Published: Aug. 31, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2015-3285

    The pioctl for the OSD FS command in OpenAFS before 1.6.13 uses the wrong pointer when writing the results of the RPC, which allows local users to cause a denial of service (memory corruption and kernel panic) via a crafted OSD FS command.... Read more

    Affected Products : openafs
    • EPSS Score: %0.08
    • Published: Aug. 12, 2015
    • Modified: Apr. 12, 2025
Showing 20 of 291193 Results