Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2008-3894

    IBM Lenovo firmware 7CETB5WW 2.05 stores pre-boot authentication passwords in the BIOS Keyboard buffer and does not clear this buffer after use, which allows local users to obtain sensitive information by reading the physical memory locations associated w... Read more

    Affected Products : lenovo_7cetb5ww
    • EPSS Score: %0.06
    • Published: Sep. 03, 2008
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2012-3107

    Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than... Read more

    Affected Products : fusion_middleware
    • EPSS Score: %0.62
    • Published: Jul. 17, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2001-1534

    mod_usertrack in Apache 1.3.11 through 1.3.20 generates session ID's using predictable information including host IP address, system time and server process ID, which allows local users to obtain session ID's and bypass authentication when these session I... Read more

    Affected Products : http_server
    • EPSS Score: %0.12
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2008-3896

    Grub Legacy 0.97 and earlier stores pre-boot authentication passwords in the BIOS Keyboard buffer and does not clear this buffer before and after use, which allows local users to obtain sensitive information by reading the physical memory locations associ... Read more

    Affected Products : grub_legacy
    • EPSS Score: %0.06
    • Published: Sep. 03, 2008
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2002-1976

    ifconfig, when used on the Linux kernel 2.2 and later, does not report when the network interface is in promiscuous mode if it was put in promiscuous mode using PACKET_MR_PROMISC, which could allow attackers to sniff the network without detection, as demo... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.13
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-1119

    Sudo VISudo 1.6.8 and earlier allows local users to corrupt arbitrary files via a symlink attack on temporary files.... Read more

    Affected Products : sudo
    • EPSS Score: %0.06
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2012-3146

    Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to affect integrity via unknown vectors.... Read more

    Affected Products : database_server
    • EPSS Score: %0.17
    • Published: Oct. 16, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2015-2465

    The Windows shell in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 does not properly constrain impersonation levels, which a... Read more

    • EPSS Score: %0.61
    • Published: Aug. 15, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2014-100039

    mbae.sys in Malwarebytes Anti-Exploit before 1.05.1.2014 allows local users to cause a denial of service (crash) via a crafted size in an unspecified IOCTL call, which triggers an out-of-bounds read. NOTE: some of these details are obtained from third pa... Read more

    Affected Products : malwarebytes_anti-exploit
    • EPSS Score: %0.18
    • Published: Jan. 13, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2014-0876

    Buffer overflow in the Java GUI Configuration Wizard and Preferences Editor in the backup-archive client in IBM Tivoli Storage Manager (TSM) 5.x and 6.x before 6.2.5.2, 6.3.x before 6.3.2, and 6.4.x before 6.4.2 on Windows and OS X allows local users to c... Read more

    • EPSS Score: %0.05
    • Published: Aug. 17, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2014-4817

    The server in IBM Tivoli Storage Manager (TSM) 5.x and 6.x before 6.3.5.10 and 7.x before 7.1.1.100 allows remote attackers to bypass intended access restrictions and replace file backups by using a certain backup option in conjunction with a filename tha... Read more

    Affected Products : tivoli_storage_manager
    • EPSS Score: %0.15
    • Published: Nov. 18, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2012-1923

    RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x store passwords in cleartext under adm_b_db\users\, which allows local users to obtain sensitive information by reading a database.... Read more

    Affected Products : helix_server helix_mobile_server
    • EPSS Score: %0.24
    • Published: Apr. 17, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2015-2529

    The kernel in Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10 allows local users to bypass the ASLR protection mechanism via a crafted application, aka "Kernel ASLR Bypass Vulnerability."... Read more

    • EPSS Score: %4.40
    • Published: Sep. 09, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2014-0202

    The setup script in ovirt-engine-dwh, as used in the Red Hat Enterprise Virtualization Manager data warehouse (rhevm-dwh) package before 3.3.3, stores the history database password in cleartext, which allows local users to obtain sensitive information by ... Read more

    Affected Products : rhevm-dwh
    • EPSS Score: %0.06
    • Published: May. 30, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2012-3205

    Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect integrity via unknown vectors related to Vino server.... Read more

    Affected Products : sunos solaris
    • EPSS Score: %0.06
    • Published: Oct. 17, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2012-3221

    Unspecified vulnerability in the Oracle VM Virtual Box component in Oracle Virtualization 3.2, 4.0, and 4.1 allows local users to affect availability via unknown vectors related to VirtualBox Core. NOTE: The previous information was obtained from the Oct... Read more

    • EPSS Score: %0.40
    • Published: Oct. 17, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2015-3757

    Apple OS X before 10.10.5 does not properly restrict access to the Date & Time preferences pane, which allows local users to spoof the time by visiting this pane.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.05
    • Published: Aug. 16, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2012-3427

    EC2 Amazon Machine Image (AMI) in JBoss Enterprise Application Platform (EAP) 5.1.2 uses 755 permissions for /var/cache/jboss-ec2-eap/, which allows local users to read sensitive information such as Amazon Web Services (AWS) credentials by reading files i... Read more

    • EPSS Score: %0.05
    • Published: Feb. 02, 2014
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2012-5605

    Grinder in Red Hat CloudForms before 1.1 uses world-writable permissions for /var/lib/pulp/cache/grinder/, which allows local users to modify grinder cache files.... Read more

    • EPSS Score: %0.08
    • Published: Jan. 04, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2012-1004

    Multiple cross-site scripting (XSS) vulnerabilities in UI/Register.pm in Foswiki before 1.1.5 allow remote authenticated users with CHANGE privileges to inject arbitrary web script or HTML via the (1) text, (2) FirstName, (3) LastName, (4) OrganisationNam... Read more

    Affected Products : foswiki
    • EPSS Score: %0.26
    • Published: Feb. 08, 2012
    • Modified: Apr. 11, 2025
Showing 20 of 291641 Results