Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2005-4683

    PADL MigrationTools 46, when a failure occurs, stores contents of /etc/shadow in a world-readable /tmp/nis.$$.ldif file, and possibly other sensitive information in other temporary files, which are not properly managed by (1) migrate_all_online.sh, (2) mi... Read more

    Affected Products : migrationtools
    • EPSS Score: %0.09
    • Published: Dec. 31, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-0743

    Trn allows local users to overwrite other users' files via symlinks.... Read more

    Affected Products : debian_linux
    • EPSS Score: %0.11
    • Published: Aug. 20, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2014-3425

    NCSA Mosaic 2.0 and earlier allows local users to cause a denial of service ("remote control" outage) by creating a /tmp/xmosaic.pid file for every possible PID.... Read more

    Affected Products : ncsa_mosaic
    • EPSS Score: %0.05
    • Published: May. 08, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-1999-1452

    GINA in Windows NT 4.0 allows attackers with physical access to display a portion of the clipboard of the user who has locked the workstation by pasting (CTRL-V) the contents into the username prompt.... Read more

    Affected Products : windows_nt
    • EPSS Score: %3.38
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2021-2141

    Vulnerability in the Oracle FLEXCUBE Direct Banking product of Oracle Financial Services Applications (component: Pre Login). Supported versions that are affected are 12.0.2 and 12.0.3. Difficult to exploit vulnerability allows high privileged attacker wi... Read more

    Affected Products : flexcube_direct_banking
    • EPSS Score: %0.20
    • Published: Apr. 22, 2021
    • Modified: Nov. 21, 2024

  • 2.1

    LOW
    CVE-2014-5456

    Cross-site scripting (XSS) vulnerability in the Social Stats module before 7.x-1.5 for Drupal allows remote authenticated users with the "[Content Type]: Create new content" permission to inject arbitrary web script or HTML via vectors related to the conf... Read more

    Affected Products : social_stats
    • EPSS Score: %0.20
    • Published: Aug. 25, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2014-8536

    McAfee Network Data Loss Prevention (NDLP) before 9.2.2 allows local users to obtain sensitive information by reading unspecified error messages.... Read more

    Affected Products : network_data_loss_prevention
    • EPSS Score: %0.06
    • Published: Oct. 29, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2015-6746

    Basware Banking (Maksuliikenne) before 8.90.07.X stores private keys in plaintext in the SQL database, which allows remote attackers to spoof communications with banks via unspecified vectors. NOTE: this identifier was SPLIT from CVE-2015-0942 per ADT2 d... Read more

    Affected Products : banking
    • EPSS Score: %0.12
    • Published: Aug. 31, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2014-3851

    usr/lib/cgi-bin/create_passwd_file.py in Pyplate 0.08 uses world-readable permissions for passwd.db, which allows local users to obtain the administrator password by reading this file.... Read more

    Affected Products : pyplate
    • EPSS Score: %0.04
    • Published: Aug. 07, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2014-8607

    The XCloner plugin 3.1.1 for WordPress and 3.5.1 for Joomla! provides the MySQL username and password on the command line, which allows local users to obtain sensitive information via the ps command.... Read more

    Affected Products : xcloner
    • EPSS Score: %0.20
    • Published: Jun. 10, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2015-6557

    IBM Tivoli Storage Manager for Databases: Data Protection for Microsoft SQL Server 5.5 before 5.5.6.1, 6.3 before 6.3.1.5, 6.4 before 6.4.1.7, and 7.1 before 7.1.2; Tivoli Storage Manager for Mail: Data Protection for Microsoft Exchange Server 5.5 before ... Read more

    • EPSS Score: %0.05
    • Published: Aug. 23, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2014-4974

    The ESET Personal Firewall NDIS filter (EpFwNdis.sys) kernel mode driver, aka Personal Firewall module before Build 1212 (20140609), as used in multiple ESET products 5.0 through 7.0, allows local users to obtain sensitive information from kernel memory v... Read more

    Affected Products : personal_firewall_ndis_filter
    • EPSS Score: %0.06
    • Published: Nov. 04, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2015-6752

    Cross-site scripting (XSS) vulnerability in the Search API Autocomplete module 7.x-1.x before 7.x-1.3 for Drupal, when the search index is configured to use the HTML filter processor, allows remote authenticated users with certain permissions to inject ar... Read more

    Affected Products : search_api_autocomplete
    • EPSS Score: %0.14
    • Published: Aug. 31, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2020-14541

    Vulnerability in the Hyperion Financial Close Management product of Oracle Hyperion (component: Close Manager). The supported version that is affected is 11.1.2.4. Difficult to exploit vulnerability allows high privileged attacker with network access via ... Read more

    • EPSS Score: %0.22
    • Published: Jul. 15, 2020
    • Modified: Nov. 21, 2024

  • 2.1

    LOW
    CVE-2014-4506

    Cross-site scripting (XSS) vulnerability in the Custom Meta module 6.x-1.x before 6.x-1.2 and 7.x-1.x before 7.x-1.3 for Drupal allows remote authenticated users with the "administer custom meta settings" permission to inject arbitrary web script or HTML ... Read more

    Affected Products : custom_meta
    • EPSS Score: %0.23
    • Published: Jun. 20, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2006-1588

    The bridge ioctl (if_bridge code) in NetBSD 1.6 through 3.0 does not clear sensitive memory before copying ioctl results to the requesting process, which allows local users to obtain portions of kernel memory.... Read more

    Affected Products : netbsd
    • EPSS Score: %0.08
    • Published: Apr. 03, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2013-5837

    Unspecified vulnerability in the Oracle Health Sciences InForm component in Oracle Industry Applications 4.6 SP0, 4.6 SP0a-c, 4.6 SP1, 4.6 SP1a-c, 4.6 SP2, 4.6 SP2a-c, 5.0 SP0, 5.0 SP0a, 5.0 SP1, 5.0 SP1a-b, 5.0.3, and 5.0.4 allows remote authenticated us... Read more

    Affected Products : industry_applications
    • EPSS Score: %0.17
    • Published: Oct. 16, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2004-1276

    IglooFTP 0.6.1, when recursively uploading a directory, allows local users to overwrite the files that are being uploaded by creating temporary files with names generated by the tmpnam function, before the files are opened by IglooFTP.... Read more

    Affected Products : iglooftp
    • EPSS Score: %0.06
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-0828

    The ctstrtcasd program in RSCT 2.3.0.0 and earlier on IBM AIX 5.2 and 5.3 does not properly drop privileges before executing the -f option, which allows local users to modify or create arbitrary files.... Read more

    Affected Products : aix
    • EPSS Score: %0.08
    • Published: Nov. 03, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-2365

    Memory leak in Microsoft Windows XP and Windows Server 2003 allows local users to cause a denial of service (memory exhaustion) by repeatedly creating and deleting directories using a non-standard tool such as smbmount.... Read more

    Affected Products : windows_2003_server windows_xp
    • EPSS Score: %0.24
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025
Showing 20 of 292727 Results