Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-1999-0442

    Solaris ff.core allows local users to modify files.... Read more

    Affected Products : solaris sunos
    • EPSS Score: %0.15
    • Published: Jan. 07, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-1405

    Bugzilla before 2.14 does not restrict access to sanitycheck.cgi, which allows local users to cause a denial of service (CPU consumption) via a flood of requests to sanitycheck.cgi.... Read more

    Affected Products : bugzilla
    • EPSS Score: %0.06
    • Published: Sep. 10, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2014-4768

    IBM Unified Extensible Firmware Interface (UEFI) on Flex System x880 X6, System x3850 X6, and System x3950 X6 devices allows remote authenticated users to cause an unspecified temporary denial of service by using privileged access to enable a legacy boot ... Read more

    • EPSS Score: %0.36
    • Published: Jun. 28, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2012-3223

    Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 5.0.2, 5.0.5, 5.1.0, 5.2.0, 5.3.0 through 5.3.4, and 6.0.1 allows remote authenticated users to affect confidentiality, related to BASE.... Read more

    Affected Products : financial_services_software
    • EPSS Score: %0.22
    • Published: Oct. 17, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2006-0077

    Off-by-one error in the getfattr function in File::ExtAttr before 0.03 allows attackers to trigger a buffer overflow via unspecified attack vectors.... Read more

    Affected Products : file_extattr
    • EPSS Score: %0.09
    • Published: Jan. 04, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-1109

    securetar, as used in AMaViS shell script 0.2.1 and earlier, allows users to cause a denial of service (CPU consumption) via a malformed TAR file, possibly via an incorrect file size parameter.... Read more

    Affected Products : virus_scanner
    • EPSS Score: %0.07
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2013-3272

    EMC Replication Manager (RM) before 5.4.4 places encoded passwords in application log files, which makes it easier for local users to obtain sensitive information by reading a file and conducting an unspecified decoding attack.... Read more

    Affected Products : replication_manager
    • EPSS Score: %0.06
    • Published: Jul. 08, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2013-3929

    Cross-site scripting (XSS) vulnerability in admin/editevent.php in CMS Made Simple (CMSMS) 1.11.9 allows remote authenticated users with the "Modify Events" permission to inject arbitrary web script or HTML via the handler parameter.... Read more

    Affected Products : cms_made_simple
    • EPSS Score: %0.18
    • Published: Dec. 09, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2002-1956

    ROX Filer 1.1.9 and 1.2 is installed with world writable permissions, which allows local users to write to arbitrary files.... Read more

    Affected Products : filer
    • EPSS Score: %0.10
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2010-1539

    Cross-site scripting (XSS) vulnerability in the Workflow module 5.x-2.x before 5.x-2.6 and 6.x-1.x before 6.x-1.4 for Drupal, when used with the Token module, might allow remote authenticated users to inject arbitrary web script or HTML via a certain Comm... Read more

    Affected Products : drupal workflow
    • EPSS Score: %0.34
    • Published: Apr. 26, 2010
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2014-2466

    Unspecified vulnerability in the Oracle Agile PLM Framework component in Oracle Supply Chain Products Suite 9.3.3 allows remote authenticated users to affect confidentiality via unknown vectors related to Security.... Read more

    Affected Products : supply_chain_products_suite
    • EPSS Score: %0.17
    • Published: Apr. 16, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2006-6126

    Apple Mac OS X allows local users to cause a denial of service (memory corruption) via a crafted Mach-O binary with a malformed load_command data structure.... Read more

    Affected Products : mac_os_x mac_os_x_server mac_os_x
    • EPSS Score: %0.09
    • Published: Nov. 27, 2006
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-1999-1402

    The access permissions for a UNIX domain socket are ignored in Solaris 2.x and SunOS 4.x, and other BSD-based operating systems before 4.4, which could allow local users to connect to the socket and possibly disrupt or control the operations of the progra... Read more

    Affected Products : solaris sunos freebsd
    • EPSS Score: %0.27
    • Published: May. 17, 1997
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2003-1295

    Unspecified vulnerability in xscreensaver 4.12, and possibly other versions, allows attackers to cause xscreensaver to crash via unspecified vectors "while verifying the user-password."... Read more

    Affected Products : enterprise_linux suse_linux
    • EPSS Score: %0.06
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-3238

    Multiple unspecified vulnerabilities in Solaris 10 SCTP Socket Option Processing allows local users to cause a denial of service (panic) via unspecified attack vectors.... Read more

    Affected Products : solaris
    • EPSS Score: %0.06
    • Published: Oct. 14, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0069

    The recover program in Solstice Backup allows local users to restore sensitive files.... Read more

    Affected Products : solstice_backup
    • EPSS Score: %0.12
    • Published: Jan. 01, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-0521

    SendLink 1.5 stores sensitive information, possibly including passwords, in plaintext in the data.eat file, which allows local users to gain privileges.... Read more

    Affected Products : sendlink
    • EPSS Score: %0.18
    • Published: Feb. 23, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-1610

    Unknown vulnerability in ping in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to cause a denial of service.... Read more

    Affected Products : hp-ux tru64
    • EPSS Score: %0.13
    • Published: Aug. 30, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-1259

    Microsoft Office 98, Macintosh Edition, does not properly initialize the disk space used by Office 98 files and effectively inserts data from previously deleted files into the Office file, which could allow attackers to obtain sensitive information.... Read more

    Affected Products : office
    • EPSS Score: %1.93
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-1564

    FreeBSD 3.2 and possibly other versions allows a local user to cause a denial of service (panic) with a large number accesses of an NFS v3 mounted directory from a large number of processes.... Read more

    Affected Products : freebsd
    • EPSS Score: %0.06
    • Published: Sep. 02, 1999
    • Modified: Apr. 03, 2025
Showing 20 of 291741 Results