Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2005-0991

    RC.BOOT in IBM AIX 5.1, 5.2, and 5.3 does not "use a secure location for temporary files," which allows local users to have an unknown impact, probably by overwriting files.... Read more

    Affected Products : aix
    • EPSS Score: %0.06
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2010-1123

    Chip Salzenberg Deliver does not properly associate a lockfile with the user who created the file, which allows local users to cause a denial of service (blockage of incoming e-mail) by creating lockfiles for arbitrary mailboxes.... Read more

    Affected Products : deliver
    • EPSS Score: %0.04
    • Published: Mar. 26, 2010
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2004-2722

    Nessus 2.0.10a stores account passwords in plaintext in .nessusrc files, which allows local users to obtain passwords. NOTE: the original researcher reports that the vendor has disputed this issue... Read more

    Affected Products : nessus
    • EPSS Score: %0.07
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2011-3345

    ulp/sdp/sdp_proc.c in the ib_sdp module (aka ib_sdp.ko) in the ofa_kernel package in the InfiniBand driver implementation in OpenFabrics Enterprise Distribution (OFED) before 1.5.3 does not properly handle certain non-array variables, which allows local u... Read more

    Affected Products : enterprise_distribution
    • EPSS Score: %0.13
    • Published: Sep. 19, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2013-2237

    The key_notify_policy_flush function in net/key/af_key.c in the Linux kernel before 3.9 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory by reading a broadcast message from th... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.08
    • Published: Jul. 04, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2005-2739

    Keychain Access in Mac OS X 10.4.2 and earlier keeps a password visible even if a keychain times out while the password is being viewed, which could allow attackers with physical access to obtain the password.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • EPSS Score: %0.09
    • Published: Nov. 01, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-2977

    The SELinux version of PAM before 0.78 r3 allows local users to perform brute force password guessing attacks via unix_chkpwd, which does not log failed guesses or delay its responses.... Read more

    Affected Products : pam
    • EPSS Score: %0.08
    • Published: Nov. 01, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2010-0883

    Unspecified vulnerability in the Sun Cluster component in Oracle Sun Product Suite 3.1 and 3.2 allows local users to affect confidentiality via unknown vectors related to Data Service for Oracle E-Business Suite, a different vulnerability than CVE-2010-08... Read more

    Affected Products : sun_products_suite
    • EPSS Score: %0.25
    • Published: Apr. 13, 2010
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2006-0555

    The Linux Kernel before 2.6.15.5 allows local users to cause a denial of service (NFS client panic) via unknown attack vectors related to the use of O_DIRECT (direct I/O).... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.10
    • Published: Mar. 07, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-2960

    cfengine 1.6.5 and 2.1.16 allows local users to overwrite arbitrary files via a symlink attack on temporary files used by vicf.in, a different vulnerability than CVE-2005-3137.... Read more

    Affected Products : debian_linux cfengine
    • EPSS Score: %0.07
    • Published: Oct. 05, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2016-0446

    Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 11.1.0.1, 11.2.0.4, 12.1.0.4, and 12.1.0.5 allows local users to affect confidentiality via unknown vectors related to Agent Next Gen.... Read more

    • EPSS Score: %0.16
    • Published: Jan. 21, 2016
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2005-2748

    The malloc function in the libSystem library in Apple Mac OS X 10.3.9 and 10.4.2 allows local users to overwrite arbitrary files by setting the MallocLogFile environment variable to the target file before running a setuid application.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • EPSS Score: %0.10
    • Published: Oct. 25, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2014-0200

    The Red Hat Enterprise Virtualization Manager reports (rhevm-reports) package before 3.3.3-1 uses world-readable permissions on the datasource configuration file (js-jboss7-ds.xml), which allows local users to obtain sensitive information by reading the f... Read more

    Affected Products : rhevm-reports
    • EPSS Score: %0.04
    • Published: May. 29, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2006-2660

    Buffer consumption vulnerability in the tempnam function in PHP 5.1.4 and 4.x before 4.4.3 allows local users to bypass restrictions and create PHP files with fixed names in other directories via a pathname argument longer than MAXPATHLEN, which prevents ... Read more

    Affected Products : php
    • EPSS Score: %0.28
    • Published: Jun. 13, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-0482

    Linux kernel 2.6.15.1 and earlier, when running on SPARC architectures, allows local users to cause a denial of service (hang) via a "date -s" command, which causes invalid sign extended arguments to be provided to the get_compat_timespec function call.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.07
    • Published: Jan. 31, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-3856

    IBM Informix Dynamic Server (IDS) before 9.40.xC7 and 10.00 before 10.00.xC3 allows local users to cause a denial of service (crash) via unspecified vectors.... Read more

    Affected Products : informix_dynamic_server
    • EPSS Score: %0.07
    • Published: Aug. 08, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2015-6252

    The vhost_dev_ioctl function in drivers/vhost/vhost.c in the Linux kernel before 4.1.5 allows local users to cause a denial of service (memory consumption) via a VHOST_SET_LOG_FD ioctl call that triggers permanent file-descriptor allocation.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.09
    • Published: Oct. 19, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2013-4393

    journald in systemd, when the origin of native messages is set to file, allows local users to cause a denial of service (logging service blocking) via a crafted file descriptor.... Read more

    Affected Products : systemd systemd
    • EPSS Score: %0.15
    • Published: Oct. 28, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2005-3111

    The handler code for backupninja 0.8 and earlier creates temporary files with predictable filenames, which allows local users to modify arbitrary files via a symlink attack.... Read more

    Affected Products : backupninja
    • EPSS Score: %0.08
    • Published: Sep. 30, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2015-6109

    The kernel in Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to bypass the KASLR protection mechanism, and consequently discover a driver base address, via a crafted application, aka "Windows... Read more

    • EPSS Score: %2.88
    • Published: Nov. 11, 2015
    • Modified: Apr. 12, 2025
Showing 20 of 291258 Results