Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
  • 2.1

    LOW
    CVE-2008-4011

    Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, and 9.0 allows remote authenticated users to affect integrity via unknown vectors.... Read more

    Affected Products : bea_product_suite
    • EPSS Score: %0.17
    • Published: Oct. 14, 2008
    • Modified: Apr. 09, 2025
  • 2.1

    LOW
    CVE-2010-3094

    Multiple cross-site scripting (XSS) vulnerabilities in Drupal 6.x before 6.18 allow remote authenticated users with certain privileges to inject arbitrary web script or HTML via (1) an action description, (2) an action message, (3) a node, or (4) a taxono... Read more

    Affected Products : drupal
    • EPSS Score: %0.21
    • Published: Sep. 21, 2010
    • Modified: Apr. 11, 2025
  • 2.1

    LOW
    CVE-2004-1085

    Human Interface Toolbox (HIToolBox) for Apple Mac 0S X 10.3.6 allows local users to exit applications via the force-quit key combination, even when the system is running in kiosk mode.... Read more

    • EPSS Score: %0.07
    • Published: Dec. 02, 2004
    • Modified: Apr. 03, 2025
  • 2.1

    LOW
    CVE-2004-1340

    Debian GNU/Linux 3.0 installs the libpam-radius-auth package with the pam_radius_auth.conf set to be world-readable, which allows local users to obtain sensitive information.... Read more

    Affected Products : debian_linux
    • EPSS Score: %0.06
    • Published: Jan. 26, 2005
    • Modified: Apr. 03, 2025
  • 2.1

    LOW
    CVE-2009-1716

    CFNetwork in Apple Safari before 4.0 on Windows does not properly protect the temporary files created for downloads, which allows local users to obtain sensitive information by reading these files.... Read more

    Affected Products : safari
    • EPSS Score: %0.10
    • Published: Jun. 10, 2009
    • Modified: Apr. 09, 2025
  • 2.1

    LOW
    CVE-2011-1828

    usb-creator-helper in usb-creator before 0.2.28.3 does not enforce intended PolicyKit restrictions, which allows local users to perform arbitrary unmount operations via the UnmountFile method in a dbus-send command.... Read more

    Affected Products : usb-creator
    • EPSS Score: %0.06
    • Published: May. 16, 2011
    • Modified: Apr. 11, 2025
  • 2.1

    LOW
    CVE-2007-0710

    The Bonjour functionality in iChat in Apple Mac OS X 10.3.9 allows remote attackers to cause a denial of service (persistent application crash) via unspecified vectors, possibly related to CVE-2007-0614.... Read more

    Affected Products : mac_os_x ichat
    • EPSS Score: %1.18
    • Published: Feb. 16, 2007
    • Modified: Apr. 09, 2025
  • 2.1

    LOW
    CVE-2008-1005

    WebCore, as used in Apple Safari before 3.1, does not properly mask the password field when reverse conversion is used with the Kotoeri input method, which allows physically proximate attackers to read the password.... Read more

    Affected Products : safari
    • EPSS Score: %0.09
    • Published: Mar. 19, 2008
    • Modified: Apr. 09, 2025
  • 2.1

    LOW
    CVE-2010-1149

    probers/udisks-dm-export.c in udisks before 1.0.1 exports UDISKS_DM_TARGETS_PARAMS information to udev even for a crypt UDISKS_DM_TARGETS_TYPE, which allows local users to discover encryption keys by (1) running a certain udevadm command or (2) reading a ... Read more

    Affected Products : udisks
    • EPSS Score: %0.04
    • Published: Apr. 12, 2010
    • Modified: Apr. 11, 2025
  • 2.1

    LOW
    CVE-2004-1087

    Terminal for Apple Mac OS X 10.3.6 may indicate that "Secure Keyboard Entry" is enabled even when it is not, which could result in a false sense of security for the user.... Read more

    • EPSS Score: %0.09
    • Published: Dec. 02, 2004
    • Modified: Apr. 03, 2025
  • 2.1

    LOW
    CVE-2008-4278

    VMware VirtualCenter 2.5 before Update 3 build 119838 on Windows displays a user's password in cleartext when the password contains unspecified special characters, which allows physically proximate attackers to steal the password.... Read more

    • EPSS Score: %0.06
    • Published: Oct. 06, 2008
    • Modified: Apr. 09, 2025
  • 2.1

    LOW
    CVE-2010-0854

    Unspecified vulnerability in the Audit component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote authenticated users to affect integrity, related to "SELECT, INSERT or DELETE on tables subject to auditing."... Read more

    Affected Products : database_server
    • EPSS Score: %0.28
    • Published: Apr. 13, 2010
    • Modified: Apr. 11, 2025
  • 2.1

    LOW
    CVE-2004-1296

    The (1) eqn2graph and (2) pic2graph scripts in groff 1.18.1 allow local users to overwrite arbitrary files via a symlink attack on temporary files.... Read more

    Affected Products : groff
    • EPSS Score: %0.15
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025
  • 2.1

    LOW
    CVE-2010-3735

    The "Query Compiler, Rewrite, Optimizer" component in IBM DB2 UDB 9.5 before FP6a allows remote authenticated users to cause a denial of service (CPU consumption) via a crafted query involving certain UNION ALL views, leading to an indefinitely large amou... Read more

    Affected Products : db2
    • EPSS Score: %0.41
    • Published: Oct. 05, 2010
    • Modified: Apr. 11, 2025
  • 2.1

    LOW
    CVE-2010-0750

    pkexec.c in pkexec in libpolkit in PolicyKit 0.96 allows local users to determine the existence of arbitrary files via the argument.... Read more

    Affected Products : policykit
    • EPSS Score: %0.08
    • Published: Apr. 06, 2010
    • Modified: Apr. 11, 2025
  • 2.1

    LOW
    CVE-2004-0602

    The binary compatibility mode for FreeBSD 4.x and 5.x does not properly handle certain Linux system calls, which could allow local users to access kernel memory to gain privileges or cause a system panic.... Read more

    Affected Products : freebsd
    • EPSS Score: %0.06
    • Published: Dec. 06, 2004
    • Modified: Apr. 03, 2025
  • 2.1

    LOW
    CVE-2008-0009

    The vmsplice_to_user function in fs/splice.c in the Linux kernel 2.6.22 through 2.6.24 does not validate a certain userspace pointer before dereference, which might allow local users to access arbitrary kernel memory locations.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %1.00
    • Published: Feb. 12, 2008
    • Modified: Apr. 09, 2025
  • 2.1

    LOW
    CVE-2004-0462

    The built-in web servers for multiple networking devices do not set the Secure attribute for sensitive cookies in HTTPS sessions, which could cause the user agent to send those cookies in plaintext over an HTTP session with the same server.... Read more

    Affected Products :
    • EPSS Score: %0.23
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025
  • 2.1

    LOW
    CVE-2004-1108

    qpkg in Gentoolkit 0.2.0_pre10 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary directory.... Read more

    Affected Products : linux
    • EPSS Score: %0.07
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025
  • 2.1

    LOW
    CVE-2003-0334

    BitchX IRC client 1.0c20cvs and earlier allows attackers to cause a denial of service (core dump) via certain channel mode changes that are not properly handled in names.c.... Read more

    Affected Products : bitchx
    • EPSS Score: %0.08
    • Published: May. 10, 2003
    • Modified: Apr. 03, 2025
Showing 20 of 291739 Results