Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2001-0589

    NetScreen ScreenOS prior to 2.5r6 on the NetScreen-10 and Netscreen-100 can allow a local attacker to bypass the DMZ 'denial' policy via specific traffic patterns.... Read more

    Affected Products : netscreen_screenos
    • EPSS Score: %0.06
    • Published: Aug. 22, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-2097

    Multiple scripts on SuSE Linux 9.0 allow local users to overwrite arbitrary files via a symlink attack on (1) /tmp/fvwm-bug created by fvwm-bug, (2) /tmp/wmmenu created by wm-oldmenu2new, (3) /tmp/rates created by x11perfcomp, (4) /tmp/xf86debug.1.log cre... Read more

    Affected Products : suse_linux
    • EPSS Score: %0.09
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-2658

    resmgr in SUSE CORE 9 does not properly identify terminal names, which allows local users to spoof terminals and login types.... Read more

    Affected Products : suse_linux
    • EPSS Score: %0.06
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-2609

    The stuffit.com executable on Symantec PowerQuest DeployCenter 5.5 boot disks allows local users to obtain sensitive information (an unencrypted password for a Windows domain account) via four "stuffit /f:stuffit.dat" invocations, possibly due to a buffer... Read more

    Affected Products : powerquest_deploycenter
    • EPSS Score: %0.10
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-0625

    reportbug 3.2 includes settings from .reportbugrc in bug reports, which exposes sensitive information such as smtpuser and smtppasswd.... Read more

    Affected Products : reportbug
    • EPSS Score: %0.08
    • Published: Feb. 28, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-4706

    Unspecified vulnerability in the "privilege management" feature of Sun Solaris 10 allows local users to cause a denial of service (panic) via unknown vectors that trigger a null dereference in the secpolicy_fs_common function.... Read more

    Affected Products : solaris
    • EPSS Score: %0.07
    • Published: Dec. 31, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-4683

    PADL MigrationTools 46, when a failure occurs, stores contents of /etc/shadow in a world-readable /tmp/nis.$$.ldif file, and possibly other sensitive information in other temporary files, which are not properly managed by (1) migrate_all_online.sh, (2) mi... Read more

    Affected Products : migrationtools
    • EPSS Score: %0.09
    • Published: Dec. 31, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-2276

    F-Secure Anti-Virus 5.41 and 5.42 on Windows, Client Security 5.50 and 5.52, 4.60 for Samba Servers, and 4.52 and earlier for Linux does not properly detect certain viruses in a PKZip archive, which allows viruses such as Sober.D and Sober.G to bypass ini... Read more

    Affected Products : f-secure_anti-virus
    • EPSS Score: %0.10
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0837

    DeltaThree Pc-To-Phone 3.0.3 places sensitive data in world-readable locations in the installation directory, which allows local users to read the information in (1) temp.html, (2) the log folder, and (3) the PhoneBook folder.... Read more

    Affected Products : pc-to-phone
    • EPSS Score: %0.07
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-1083

    The xp_showcolv function in SQL Server and Microsoft SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an at... Read more

    Affected Products : sql_server sql_server data_engine
    • EPSS Score: %4.71
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-1795

    Info Touch Surfnet kiosk allows local users to access the underlying filesystem via a 'file://' URI.... Read more

    Affected Products : surfnet
    • EPSS Score: %0.06
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-2544

    Admin Console in Secure Computing Corporation Sidewinder G2 6.1.0.01 exports private keys when exporting firewall certificates, which might allow attackers to obtain sensitive information.... Read more

    Affected Products : sidewinder_g2
    • EPSS Score: %0.04
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-1041

    oracle program in Oracle 8.0.x, 8.1.x and 9.0.1 allows local users to overwrite arbitrary files via a symlink attack on an Oracle log trace (.trc) file that is created in an alternate home directory identified by the ORACLE_HOME environment variable.... Read more

    Affected Products : database_server
    • EPSS Score: %0.29
    • Published: Aug. 31, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-1000

    rlmadmin RADIUS management utility in Merit AAA Server 3.8M, 5.01, and possibly other versions, allows local users to read arbitrary files via a symlink attack on the rlmadmin.help file.... Read more

    Affected Products : aaa_radius_server
    • EPSS Score: %0.17
    • Published: Sep. 07, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0287

    VERITAS Cluster Server (VCS) 1.3.0 on Solaris allows local users to cause a denial of service (system panic) via the -L option to the lltstat command.... Read more

    Affected Products : cluster_server
    • EPSS Score: %0.06
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2003-0876

    Finder in Mac OS X 10.2.8 and earlier sets global read/write/execute permissions on directories when they are dragged (copied) from a mounted volume such as a disk image (DMG), which could cause the directories to have less restrictive permissions than in... Read more

    Affected Products : mac_os_x mac_os_x_server
    • EPSS Score: %0.08
    • Published: Nov. 03, 2003
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-1092

    msgchk in Digital UNIX 4.0G and earlier allows a local user to read the first line of arbitrary files via a symlink attack on the .mh_profile file.... Read more

    Affected Products : tru64
    • EPSS Score: %0.18
    • Published: Sep. 10, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2011-3982

    The Fibre Channel driver for QLogic adapters in IBM AIX 6.1 and 7.1 does not properly handle DMA resource limitations, which allows local users to cause a denial of service (system hang) via vectors that generate a large amount of DMA I/O, related to a de... Read more

    Affected Products : aix
    • EPSS Score: %0.07
    • Published: Oct. 05, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2001-0265

    ASCII Armor parser in Windows PGP 7.0.3 and earlier allows attackers to create files in arbitrary locations via a malformed ASCII armored file.... Read more

    Affected Products : pgp
    • EPSS Score: %0.64
    • Published: Jun. 18, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-0137

    Unknown vulnerability in init for IRIX 6.5.20 through 6.5.24 allows local users to cause a denial of service (system panic) as a result of "page invalidation issues."... Read more

    Affected Products : irix
    • EPSS Score: %0.07
    • Published: Aug. 06, 2004
    • Modified: Apr. 03, 2025
Showing 20 of 291830 Results