Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2015-0257

    Red Hat Enterprise Virtualization (RHEV) Manager before 3.5.1 uses weak permissions on the directories shared by the ovirt-engine-dwhd service and a plugin during service startup, which allows local users to obtain sensitive information by reading files i... Read more

    Affected Products : enterprise_virtualization_manager
    • EPSS Score: %0.04
    • Published: May. 01, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2013-4331

    Light Display Manager (aka LightDM) 1.4.x before 1.4.3, 1.6.x before 1.6.2, and 1.7.x before 1.7.14 uses 0664 permissions for the temporary .Xauthority file, which allows local users to obtain sensitive information by reading the file.... Read more

    Affected Products : lightdm
    • EPSS Score: %0.04
    • Published: Feb. 02, 2014
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2013-4292

    libvirt 1.1.0 and 1.1.1 allows local users to cause a denial of service (memory consumption) via a large number of domain migrate parameters in certain RPC calls in (1) daemon/remote.c and (2) remote/remote_driver.c.... Read more

    Affected Products : libvirt
    • EPSS Score: %0.07
    • Published: Sep. 30, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2012-6115

    The domain management tool (rhevm-manage-domains) in Red Hat Enterprise Virtualization Manager (RHEV-M) 3.1 and earlier, when the validate action is enabled, logs the administrative password to a world-readable log file, which allows local users to obtain... Read more

    Affected Products : enterprise_virtualization_manager
    • EPSS Score: %0.06
    • Published: Mar. 12, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2015-0378

    Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via unknown vectors related to Libc.... Read more

    Affected Products : solaris
    • EPSS Score: %0.13
    • Published: Jan. 21, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2009-1716

    CFNetwork in Apple Safari before 4.0 on Windows does not properly protect the temporary files created for downloads, which allows local users to obtain sensitive information by reading these files.... Read more

    Affected Products : safari
    • EPSS Score: %0.10
    • Published: Jun. 10, 2009
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2015-0397

    Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via unknown vectors related to File System, a different vulnerability than CVE-2014-6570 and CVE-2014-6600.... Read more

    Affected Products : sunos solaris
    • EPSS Score: %0.06
    • Published: Jan. 21, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2012-5516

    Red Hat Enterprise Virtualization Manager (RHEV-M) before 3.1, when moving disks between storage domains, does not properly wipe-after-delete, which prevents disks from being securely deleted and might allow local users to obtain sensitive information via... Read more

    • EPSS Score: %0.07
    • Published: Jan. 04, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2013-2190

    The translate_hierarchy_event function in x11/clutter-device-manager-xi2.c in Clutter, when resuming the system, does not properly handle XIQueryDevice errors when a device has "disappeared," which causes the gnome-shell to crash and allows physically pro... Read more

    Affected Products : opensuse clutter
    • EPSS Score: %0.08
    • Published: Oct. 17, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2013-0266

    manifests/base.pp in the puppetlabs-cinder module, as used in PackStack, uses world-readable permissions for the (1) cinder.conf and (2) api-paste.ini configuration files, which allows local users to read OpenStack administrative passwords by reading the ... Read more

    Affected Products : folsom essex
    • EPSS Score: %0.04
    • Published: Mar. 08, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2012-5605

    Grinder in Red Hat CloudForms before 1.1 uses world-writable permissions for /var/lib/pulp/cache/grinder/, which allows local users to modify grinder cache files.... Read more

    • EPSS Score: %0.08
    • Published: Jan. 04, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2012-5658

    rhc-chk.rb in Red Hat OpenShift Origin before 1.1, when -d (debug mode) is used, outputs the password and other sensitive information in cleartext, which allows context-dependent attackers to obtain sensitive information, as demonstrated by including log ... Read more

    Affected Products : openshift openshift_origin
    • EPSS Score: %0.06
    • Published: Feb. 24, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2013-3842

    Unspecified vulnerability Oracle Solaris 10 allows local users to affect confidentiality via vectors related to Oracle Configuration Manager (OCM).... Read more

    Affected Products : sunos solaris
    • EPSS Score: %0.06
    • Published: Oct. 16, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2014-3873

    The ktrace utility in the FreeBSD kernel 8.4 before p11, 9.1 before p14, 9.2 before p7, and 9.3-BETA1 before p1 uses an incorrect page fault kernel trace entry size, which allows local users to obtain sensitive information from kernel memory via a kernel ... Read more

    Affected Products : freebsd
    • EPSS Score: %0.06
    • Published: Jun. 10, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2012-1698

    Unspecified vulnerability in Oracle Sun Solaris 11 allows remote authenticated users to affect confidentiality, related to Kernel/GLD.... Read more

    Affected Products : sunos solaris
    • EPSS Score: %0.26
    • Published: May. 03, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2012-2531

    Microsoft Internet Information Services (IIS) 7.5 uses weak permissions for the Operational log, which allows local users to discover credentials by reading this file, aka "Password Disclosure Vulnerability."... Read more

    Affected Products : windows_7 windows_server_2008
    • EPSS Score: %0.20
    • Published: Nov. 14, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2014-8135

    The storageVolUpload function in storage/storage_driver.c in libvirt before 1.2.11 does not check a certain return value, which allows local users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted offset value in a "vi... Read more

    Affected Products : libvirt
    • EPSS Score: %0.16
    • Published: Dec. 19, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2014-0202

    The setup script in ovirt-engine-dwh, as used in the Red Hat Enterprise Virtualization Manager data warehouse (rhevm-dwh) package before 3.3.3, stores the history database password in cleartext, which allows local users to obtain sensitive information by ... Read more

    Affected Products : rhevm-dwh
    • EPSS Score: %0.06
    • Published: May. 30, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2013-3790

    Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to affect integrity via unknown vectors related to Privileged Account.... Read more

    Affected Products : database_server
    • EPSS Score: %0.38
    • Published: Jul. 17, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2015-1647

    Virtual Machine Manager (VMM) in Hyper-V in Microsoft Windows 8.1 and Windows Server 2012 R2 allows guest OS users to cause a denial of service (VMM functionality loss) via a crafted application, aka "Windows Hyper-V DoS Vulnerability."... Read more

    Affected Products : windows_8.1 windows_server_2012
    • EPSS Score: %0.44
    • Published: Apr. 14, 2015
    • Modified: Apr. 12, 2025
Showing 20 of 291625 Results