Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2014-0199

    The setup script in ovirt-engine-reports, as used in the Red Hat Enterprise Virtualization reports (rhevm-reports) package before 3.3.3, stores the reports database password in cleartext, which allows local users to obtain sensitive information by reading... Read more

    Affected Products : rhevm-reports
    • EPSS Score: %0.06
    • Published: May. 29, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2011-1943

    The destroy_one_secret function in nm-setting-vpn.c in libnm-util in the NetworkManager package 0.8.999-3.git20110526 in Fedora 15 creates a log entry containing a certificate password, which allows local users to obtain sensitive information by reading a... Read more

    Affected Products : fedora networkmanager
    • EPSS Score: %0.04
    • Published: Jun. 14, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2012-5483

    tools/sample_data.sh in OpenStack Keystone 2012.1.3, when access to Amazon Elastic Compute Cloud (Amazon EC2) is configured, uses world-readable permissions for /etc/keystone/ec2rc, which allows local users to obtain access to EC2 services by reading admi... Read more

    Affected Products : keystone
    • EPSS Score: %0.11
    • Published: Dec. 26, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2013-1888

    pip before 1.3 allows local users to overwrite arbitrary files via a symlink attack on a file in the /tmp/pip-build temporary directory.... Read more

    Affected Products : fedora pip
    • EPSS Score: %0.04
    • Published: Aug. 17, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2005-3341

    DHIS tools DNS package (dhis-tools-dns) before 5.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files created by (1) register-q.sh and (2) register-p.sh.... Read more

    Affected Products : dns_package
    • EPSS Score: %0.07
    • Published: Dec. 27, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2012-0493

    Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0486, CVE-2012-0487, CVE-2012-0488, CVE-2012... Read more

    Affected Products : mysql
    • EPSS Score: %0.61
    • Published: Jan. 18, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2013-6223

    LiveZilla before 5.1.1.0 stores the admin Base64 encoded username and password in a 1click file, which allows local users to obtain access by reading the file.... Read more

    Affected Products : livezilla
    • EPSS Score: %0.06
    • Published: Jun. 09, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2014-4701

    The check_dhcp plugin in Nagios Plugins before 2.0.2 allows local users to obtain sensitive information from INI configuration files via the extra-opts flag, a different vulnerability than CVE-2014-4702.... Read more

    Affected Products : nagios
    • EPSS Score: %0.06
    • Published: Dec. 05, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2014-4703

    lib/parse_ini.c in Nagios Plugins 2.0.2 allows local users to obtain sensitive information via a symlink attack on the configuration file in the extra-opts flag. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-4701.... Read more

    Affected Products : nagios
    • EPSS Score: %0.44
    • Published: Dec. 05, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2014-3645

    arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 3.12 does not have an exit handler for the INVEPT instruction, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.09
    • Published: Nov. 10, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2003-0875

    Symbolic link vulnerability in the slpd script slpd.all_init for OpenSLP before 1.0.11 allows local users to overwrite arbitrary files via the route.check temporary file.... Read more

    Affected Products : openslp
    • EPSS Score: %0.24
    • Published: Nov. 17, 2003
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2009-0489

    The DBus configuration file for Wicd before 1.5.9 allows arbitrary users to own org.wicd.daemon, which allows local users to receive messages that were intended for the Wicd daemon, possibly including credentials.... Read more

    Affected Products : wicd
    • EPSS Score: %0.07
    • Published: Feb. 09, 2009
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2006-5174

    The copy_from_user function in the uaccess code in Linux kernel 2.6 before 2.6.19-rc1, when running on s390, does not properly clear a kernel buffer, which allows local user space programs to read portions of kernel memory by "appending to a file from a b... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.06
    • Published: Oct. 10, 2006
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2015-4922

    Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via vectors related to Boot.... Read more

    Affected Products : solaris
    • EPSS Score: %0.12
    • Published: Jan. 21, 2016
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2007-2875

    Integer underflow in the cpuset_tasks_read function in the Linux kernel before 2.6.20.13, and 2.6.21.x before 2.6.21.4, when the cpuset filesystem is mounted, allows local users to obtain kernel memory contents by using a large offset when reading the /de... Read more

    Affected Products : linux_kernel ubuntu_linux debian_linux
    • EPSS Score: %0.09
    • Published: Jun. 11, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2014-8399

    The default configuration in systemd-shim 8 enables the Abandon debugging clause, which allows local users to cause a denial of service via unspecified vectors.... Read more

    Affected Products : shim
    • EPSS Score: %0.13
    • Published: Oct. 31, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2012-4530

    The load_script function in fs/binfmt_script.c in the Linux kernel before 3.7.2 does not properly handle recursion, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.36
    • Published: Feb. 18, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2012-6120

    Red Hat OpenStack Essex and Folsom creates the /var/log/puppet directory with world-readable permissions, which allows local users to obtain sensitive information such as Puppet log files.... Read more

    Affected Products : openstack_essex openstack_folsom
    • EPSS Score: %0.04
    • Published: Apr. 10, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2012-4539

    Xen 4.0 through 4.2, when running 32-bit x86 PV guests on 64-bit hypervisors, allows local guest OS administrators to cause a denial of service (infinite loop and hang or crash) via invalid arguments to GNTTABOP_get_status_frames, aka "Grant table hyperca... Read more

    Affected Products : xen
    • EPSS Score: %0.07
    • Published: Nov. 21, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2012-4452

    MySQL 5.0.88, and possibly other versions and platforms, allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with ... Read more

    Affected Products : mysql mysql
    • EPSS Score: %0.06
    • Published: Oct. 09, 2012
    • Modified: Apr. 11, 2025
Showing 20 of 291608 Results