Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2001-0351

    Microsoft Windows 2000 telnet service allows a local user to make a certain system call that allows the user to terminate a Telnet session and cause a denial of service.... Read more

    Affected Products : windows_2000
    • EPSS Score: %0.44
    • Published: Jul. 21, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2008-3900

    Intel firmware PE94510M.86A.0050.2007.0710.1559 stores pre-boot authentication passwords in the BIOS Keyboard buffer and does not clear this buffer after use, which allows local users to obtain sensitive information by reading the physical memory location... Read more

    Affected Products : bios bios
    • EPSS Score: %0.09
    • Published: Sep. 03, 2008
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2006-3787

    kpf4ss.exe in Sunbelt Kerio Personal Firewall 4.3.x before 4.3.268 does not properly hook the CreateRemoteThread API function, which allows local users to cause a denial of service (crash) and bypass protection mechanisms by calling CreateRemoteThread.... Read more

    Affected Products : personal_firewall
    • EPSS Score: %0.22
    • Published: Jul. 24, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2015-1951

    IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.8 IFIX001, and 7.6.0 before 7.6.0.0 IFIX005 does not prevent caching of HTTPS responses, which allows physically proximate attackers to obtain sensitive local-cache information by levera... Read more

    Affected Products : maximo_asset_management
    • EPSS Score: %0.06
    • Published: Jul. 01, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2002-1892

    NETGEAR FVS318 running firmware 1.1 stores the username and password in a readable format when a backup of the configuration file is made, which allows local users to obtain sensitive information.... Read more

    Affected Products : fvs318
    • EPSS Score: %0.14
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-1490

    NetBSD 1.4 through 1.6 beta allows local users to cause a denial of service (kernel panic) via a series of calls to the TIOCSCTTY ioctl, which causes an integer overflow in a structure counter and sets the counter to zero, which frees memory that is still... Read more

    Affected Products : netbsd
    • EPSS Score: %0.06
    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2003-0679

    Unknown vulnerability in the libcpr library for the Checkpoint/Restart (cpr) system on SGI IRIX 6.5.21f and earlier allows local users to truncate or overwrite certain files.... Read more

    Affected Products : irix
    • EPSS Score: %0.11
    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-2238

    ftpd in IBM AIX 5.1, 5.2 and 5.3 allows remote authenticated users to cause a denial of service (port exhaustion and memory consumption) by using all ephemeral ports.... Read more

    Affected Products : aix
    • EPSS Score: %0.14
    • Published: Jul. 12, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2012-2068

    Multiple cross-site scripting (XSS) vulnerabilities in fancy_slide.module in the Fancy Slide module before 6.x-2.7 for Drupal allow remote authenticated users with the administer fancy_slide permission to inject arbitrary web script or HTML via the (1) no... Read more

    Affected Products : drupal fancy_slide
    • EPSS Score: %0.34
    • Published: Sep. 05, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2015-0996

    Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 rely on a hardcoded cleartext password to control read access to Project files and Project Configuration files, which makes it ea... Read more

    Affected Products : aveva_edge wonderware_intouch_2014
    • EPSS Score: %0.06
    • Published: Mar. 29, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2006-5817

    prl_dhcpd in Parallels Desktop for Mac Build 1940 uses insecure permissions (0666) for /Library/Parallels/.dhcpd_configuration, which allows local users to modify DHCP configuration.... Read more

    Affected Products : parallels_desktop
    • EPSS Score: %0.05
    • Published: Nov. 08, 2006
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2001-1225

    Hughes Technology Mini SQL 2.0.10 through 2.0.12 allows local users to cause a denial of service by creating a very large array in a table, which causes miniSQL to crash when the table is queried.... Read more

    Affected Products : msql
    • EPSS Score: %0.06
    • Published: Dec. 26, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-0484

    Buffer overflow in OpenBSD ping.... Read more

    Affected Products : openbsd
    • EPSS Score: %0.13
    • Published: Feb. 23, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-1118

    ndd in Solaris 2.6 allows local users to cause a denial of service by modifying certain TCP/IP parameters.... Read more

    Affected Products : solaris
    • EPSS Score: %0.06
    • Published: Mar. 11, 1998
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-1888

    CommonName Toolbar 3.5.2.0 sends unqualified domain name requests to the CommonName organization and possibly other web servers for name resolution, which allows those organizations to obtain internal server names.... Read more

    Affected Products : commonname_toolbar
    • EPSS Score: %0.14
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2013-3043

    Directory traversal vulnerability in the client in IBM Rational Software Architect Design Manager and Rhapsody Design Manager 3.x and 4.x before 4.0.5 allows local users to read arbitrary files via vectors involving temporary files.... Read more

    • EPSS Score: %0.02
    • Published: Dec. 14, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2007-4526

    The Client Login Extension (CLE) in Novell Identity Manager before 3.5.1 20070730 stores the username and password in a local file, which allows local users to obtain sensitive information by reading this file.... Read more

    • EPSS Score: %0.04
    • Published: Aug. 25, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-1999-0912

    FreeBSD VFS cache (vfs_cache) allows local users to cause a denial of service by opening a large number of files.... Read more

    Affected Products : freebsd
    • EPSS Score: %0.40
    • Published: Sep. 22, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-0770

    romload.c in DGen Emulator 1.23 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files during decompression of (1) gzip or (2) bzip ROM files.... Read more

    Affected Products : debian_linux emulator
    • EPSS Score: %0.06
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-0499

    The d_path function in Linux kernel 2.2.20 and earlier, and 2.4.18 and earlier, truncates long pathnames without generating an error, which could allow local users to force programs to perform inappropriate operations on the wrong directories.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.46
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025
Showing 20 of 291401 Results