Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
  • 2.1

    LOW
    CVE-2004-1000

    lintian 1.23 and earlier removes the working directory even if it was not created by lintian, which may allow local users to delete arbitrary files or directories via a symlink attack.... Read more

    Affected Products : lintian
    • EPSS Score: %0.06
    • Published: Jan. 10, 2004
    • Modified: Apr. 03, 2025
  • 2.1

    LOW
    CVE-2012-0813

    Wicd before 1.7.1 saves sensitive information in log files in /var/log/wicd, which allows context-dependent attackers to obtain passwords and other sensitive information.... Read more

    Affected Products : wicd
    • EPSS Score: %0.07
    • Published: Jun. 29, 2012
    • Modified: Apr. 11, 2025
  • 2.1

    LOW
    CVE-2011-3262

    tools/libxc/xc_dom_bzimageloader.c in Xen 3.2, 3.3, 4.0, and 4.1 allows local users to cause a denial of service (management software infinite loop and management domain resource consumption) via unspecified vectors related to "Lack of error checking in t... Read more

    Affected Products : xen
    • EPSS Score: %0.10
    • Published: Aug. 19, 2011
    • Modified: Apr. 11, 2025
  • 2.1

    LOW
    CVE-2005-0904

    Remote Desktop in Windows XP SP1 does not verify the "Force shutdown from a remote system" setting, which allows remote attackers to shut down the system by executing TSShutdn.exe.... Read more

    Affected Products : windows_xp
    • EPSS Score: %1.01
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025
  • 2.1

    LOW
    CVE-2011-2527

    The change_process_uid function in os-posix.c in Qemu 0.14.0 and earlier does not properly drop group privileges when the -runas option is used, which allows local guest users to access restricted files on the host.... Read more

    Affected Products : qemu
    • EPSS Score: %0.09
    • Published: Jun. 21, 2012
    • Modified: Apr. 11, 2025
  • 2.1

    LOW
    CVE-2004-0824

    PPPDialer for Mac OS X 10.2.8 through 10.3.5 allows local users to overwrite system files via a symlink attack on PPPDialer log files.... Read more

    Affected Products : mac_os_x
    • EPSS Score: %0.32
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025
  • 2.1

    LOW
    CVE-2005-2231

    High Availability Linux Project Heartbeat 1.2.3 allows local users to overwrite arbitrary files via a symlink attack on temporary files.... Read more

    Affected Products : heartbeat
    • EPSS Score: %0.10
    • Published: Jul. 12, 2005
    • Modified: Apr. 03, 2025
  • 2.1

    LOW
    CVE-2004-0491

    The linux-2.4.21-mlock.patch in Red Hat Enterprise Linux 3 does not properly maintain the mlock page count when one process unlocks pages that belong to another process, which allows local users to mlock more memory than specified by the rlimit.... Read more

    Affected Products : enterprise_linux
    • EPSS Score: %0.09
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025
  • 2.1

    LOW
    CVE-2005-2426

    FTPshell Server 3.38 allows remote authenticated users to cause a denial of service (application crash) by multiple connections and disconnections without using the QUIT command.... Read more

    Affected Products : ftpshell_server
    • EPSS Score: %1.11
    • Published: Aug. 03, 2005
    • Modified: Apr. 03, 2025
  • 2.1

    LOW
    CVE-2005-1725

    launchd 106 in Apple Mac OS X 10.4.x up to 10.4.1 allows local users to overwrite arbitrary files via a symlink attack on the socket file in an insecure temporary directory.... Read more

    Affected Products : mac_os_x_server
    • EPSS Score: %0.16
    • Published: Jun. 08, 2005
    • Modified: Apr. 03, 2025
  • 2.1

    LOW
    CVE-2010-2403

    Unspecified vulnerability in the PeopleSoft Enterprise Campus Solutions component in Oracle PeopleSoft and JDEdwards Suite Campus Solutions 9.0 Bundle #17 allows remote authenticated users to affect confidentiality via unknown vectors.... Read more

    • EPSS Score: %0.17
    • Published: Jul. 13, 2010
    • Modified: Apr. 11, 2025
  • 2.1

    LOW
    CVE-2014-5037

    Eucalyptus 4.0.0 through 4.0.1, when the log level is set to INFO, logs user and system passwords, which allows local users to obtain sensitive information by reading cloud-requests.log.... Read more

    Affected Products : eucalyptus
    • EPSS Score: %0.06
    • Published: Nov. 07, 2014
    • Modified: Apr. 12, 2025
  • 2.1

    LOW
    CVE-2014-2466

    Unspecified vulnerability in the Oracle Agile PLM Framework component in Oracle Supply Chain Products Suite 9.3.3 allows remote authenticated users to affect confidentiality via unknown vectors related to Security.... Read more

    Affected Products : supply_chain_products_suite
    • EPSS Score: %0.17
    • Published: Apr. 16, 2014
    • Modified: Apr. 12, 2025
  • 2.1

    LOW
    CVE-2014-2381

    Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 uses weak encryption, which allows local users to obtain sensitive information by reading a credential file.... Read more

    Affected Products : wonderware_information_server
    • EPSS Score: %0.03
    • Published: Aug. 28, 2014
    • Modified: Apr. 12, 2025
  • 2.1

    LOW
    CVE-2015-1005

    IniNet embeddedWebServer (aka eWebServer) before 2.02 for Windows CE uses cleartext for password storage, which allows context-dependent attackers to obtain sensitive information via unspecified vectors.... Read more

    Affected Products : scada_web_server
    • EPSS Score: %0.06
    • Published: Oct. 25, 2015
    • Modified: Apr. 12, 2025
  • 2.1

    LOW
    CVE-2007-6150

    The "internal state tracking" code for the random and urandom devices in FreeBSD 5.5, 6.1 through 6.3, and 7.0 beta 4 allows local users to obtain portions of previously-accessed random values, which could be leveraged to bypass protection mechanisms that... Read more

    Affected Products : freebsd
    • EPSS Score: %0.07
    • Published: Nov. 30, 2007
    • Modified: Apr. 09, 2025
  • 2.1

    LOW
    CVE-2006-3457

    Symantec On-Demand Agent (SODA) before 2.5 MR2 Build 2157, and the Virtual Desktop module in Symantec On-Demand Protection (SODP) before 2.6 Build 2233, do not properly encrypt files that are subject to policy-based automatic encryption, which might allow... Read more

    • EPSS Score: %0.05
    • Published: Aug. 05, 2006
    • Modified: Apr. 03, 2025
  • 2.1

    LOW
    CVE-2013-4498

    The Spaces OG submodule in the Spaces module 6.x-3.x before 6.x-3.7 for Drupal does not properly delete organic group group spaces content when using the option to move to a new group, which causes the content to be "orphaned" and allows remote authentica... Read more

    Affected Products : drupal spaces
    • EPSS Score: %0.20
    • Published: May. 17, 2014
    • Modified: Apr. 12, 2025
  • 2.1

    LOW
    CVE-2012-5538

    Cross-site scripting (XSS) vulnerability in the FileField Sources module 6.x-1.x before 6.x-1.6 and 7.x-1.x before 7.x-1.6 for Drupal, when the field has "Reference existing" source enabled, allows remote authenticated users to inject arbitrary web script... Read more

    Affected Products : drupal filefield_sources
    • EPSS Score: %0.20
    • Published: Dec. 03, 2012
    • Modified: Apr. 11, 2025
  • 2.1

    LOW
    CVE-2006-5482

    ufs_vnops.c in FreeBSD 6.1 allows local users to cause an unspecified denial of service by calling the ftruncate function on a file type that is not VREG, VLNK or VDIR, which is not defined in POSIX.... Read more

    Affected Products : freebsd
    • EPSS Score: %0.24
    • Published: Oct. 24, 2006
    • Modified: Apr. 09, 2025
Showing 20 of 291562 Results