Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2005-3238

    Multiple unspecified vulnerabilities in Solaris 10 SCTP Socket Option Processing allows local users to cause a denial of service (panic) via unspecified attack vectors.... Read more

    Affected Products : solaris
    • EPSS Score: %0.06
    • Published: Oct. 14, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-4273

    Multiple unspecified vulnerabilities in (1) getShell and (2) getCommand in IBM AIX 5.3 allow local users to append to arbitrary files.... Read more

    Affected Products : aix
    • EPSS Score: %0.06
    • Published: Dec. 15, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-4697

    The Microsoft Wireless Zero Configuration system (WZCS) allows local users to access WEP keys and pair-wise Master Keys (PMK) of the WPA pre-shared key via certain calls to the WZCQueryInterface API function in wzcsapi.dll.... Read more

    Affected Products : windows_xp
    • EPSS Score: %1.26
    • Published: Dec. 31, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-0694

    Denial of service in AIX ptrace system call allows local users to crash the system.... Read more

    Affected Products : aix
    • EPSS Score: %0.06
    • Published: Aug. 11, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-0055

    The ispell_op function in ee on FreeBSD 4.10 to 6.0 uses predictable filenames and does not confirm which file is being written, which allows local users to overwrite arbitrary files via a symlink attack when ee invokes ispell.... Read more

    Affected Products : freebsd
    • EPSS Score: %0.07
    • Published: Jan. 11, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-1251

    Vulnerability in direct audio user space code on HP-UX 10.20 and 10.10 allows local users to cause a denial of service.... Read more

    Affected Products : hp-ux
    • EPSS Score: %0.08
    • Published: Dec. 24, 1996
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-0570

    The encrypted loop device in Linux kernel 2.4.10 and earlier does not authenticate the entity that is encrypting data, which allows local users to modify encrypted data without knowing the key.... Read more

    Affected Products : linux_kernel linux
    • EPSS Score: %0.12
    • Published: Jul. 03, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-1197

    POP2 or POP3 server (pop3d) in imap-uw IMAP package on FreeBSD and other operating systems creates lock files with predictable names, which allows local users to cause a denial of service (lack of mail access) for other users by creating lock files for ot... Read more

    Affected Products : imap
    • EPSS Score: %0.08
    • Published: Aug. 31, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0458

    The MSWordView application in IMP creates world-readable files in the /tmp directory, which allows other local users to read potentially sensitive information.... Read more

    Affected Products : imp
    • EPSS Score: %0.12
    • Published: Apr. 22, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2007-6150

    The "internal state tracking" code for the random and urandom devices in FreeBSD 5.5, 6.1 through 6.3, and 7.0 beta 4 allows local users to obtain portions of previously-accessed random values, which could be leveraged to bypass protection mechanisms that... Read more

    Affected Products : freebsd
    • EPSS Score: %0.07
    • Published: Nov. 30, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2006-0917

    Melange Chat Server (aka M-Chat), when accessed via a web browser, automatically sends cookies and other sensitive information for a server to any port specified in the associated link, which allows local users on that server to read the cookies from HTTP... Read more

    Affected Products : melange_chat_system
    • EPSS Score: %0.08
    • Published: Feb. 28, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-1259

    Microsoft Office 98, Macintosh Edition, does not properly initialize the disk space used by Office 98 files and effectively inserts data from previously deleted files into the Office file, which could allow attackers to obtain sensitive information.... Read more

    Affected Products : office
    • EPSS Score: %1.93
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-1429

    DIT TransferPro installs devices with world-readable and world-writable permissions, which could allow local users to damage disks through the ff device driver.... Read more

    Affected Products : transferpro
    • EPSS Score: %0.08
    • Published: Jan. 05, 1998
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2015-1996

    IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 does not prevent caching of HTTPS responses, which allows physically proximate attackers to obtain sensitive local-cache information by leveraging an unattended workstation.... Read more

    • EPSS Score: %0.06
    • Published: Nov. 08, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2012-0976

    Cross-site scripting (XSS) vulnerability in admin/EditForm in SilverStripe 2.4.6 allows remote authenticated users with Content Authors privileges to inject arbitrary web script or HTML via the Title parameter. NOTE: some of these details are obtained fr... Read more

    Affected Products : silverstripe
    • EPSS Score: %0.38
    • Published: Feb. 02, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2005-2725

    The inputtrap utility in QNX RTOS 6.1.0, 6.3, and possibly earlier versions does not properly check permissions when the -t flag is specified, which allows local users to read arbitrary files.... Read more

    Affected Products : rtos
    • EPSS Score: %0.13
    • Published: Aug. 30, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0691

    The faxrunq and faxrunqd in the mgetty package allows local users to create or modify arbitrary files via a symlink attack which creates a symlink in from /var/spool/fax/outgoing/.last_run to the target file.... Read more

    Affected Products : linux mgetty
    • EPSS Score: %0.25
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-2809

    silc daemon (silcd.c) in Secure Internet Live Conferencing (SILC) 1.0 and earlier allows local users to overwrite arbitrary files via a symlink attack on the silcd.[PID].stats temporary file.... Read more

    Affected Products : secure_internet_live_conferencing
    • EPSS Score: %0.08
    • Published: Sep. 07, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-1271

    Macromedia Dreamweaver uses weak encryption to store FTP passwords, which could allow local users to easily decrypt the passwords of other users.... Read more

    Affected Products : dreamweaver
    • EPSS Score: %0.01
    • Published: Jun. 11, 1998
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0754

    Vulnerability in HP OpenView Network Node Manager (NMM) version 6.1 related to passwords.... Read more

    Affected Products : openview_network_node_manager
    • EPSS Score: %0.24
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025
Showing 20 of 291293 Results