Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2012-6110

    bcron-exec in bcron before 0.10 does not close file descriptors associated with temporary files when running a cron job, which allows local users to modify job files and send spam messages by accessing an open file descriptor.... Read more

    Affected Products : bcron_exec
    • EPSS Score: %0.07
    • Published: Sep. 29, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2001-1503

    The finger daemon (in.fingerd) in Sun Solaris 2.5 through 8 and SunOS 5.5 through 5.8 allows remote attackers to list all accounts on a host by typing finger 'a b c d e f g h'@host.... Read more

    Affected Products : solaris sunos
    • EPSS Score: %0.22
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2010-1536

    Cross-site scripting (XSS) vulnerability in the AddThis Button module 5.x before 5.x-2.2 and 6.x before 6.x-2.9 for Drupal allows remote authenticated users, with administer addthis privileges, to inject arbitrary web script or HTML via unspecified vector... Read more

    Affected Products : drupal addthis
    • EPSS Score: %0.23
    • Published: Apr. 26, 2010
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2001-1551

    Linux kernel 2.2.19 enables CAP_SYS_RESOURCE for setuid processes, which allows local users to exceed disk quota restrictions during execution of setuid programs.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.08
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0866

    Interbase 6 SuperServer for Linux allows an attacker to cause a denial of service via a query containing 0 bytes.... Read more

    Affected Products : interbase_superserver
    • EPSS Score: %0.07
    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-1725

    launchd 106 in Apple Mac OS X 10.4.x up to 10.4.1 allows local users to overwrite arbitrary files via a symlink attack on the socket file in an insecure temporary directory.... Read more

    Affected Products : mac_os_x_server
    • EPSS Score: %0.16
    • Published: Jun. 08, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-3107

    fs/exec.c in Linux 2.6, when one thread is tracing another thread that shares the same memory map, might allow local users to cause a denial of service (deadlock) by forcing a core dump when the traced thread is in the TASK_TRACED state.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.09
    • Published: Sep. 30, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2007-1856

    Vixie Cron before 4.1-r10 on Gentoo Linux is installed with insecure permissions, which allows local users to cause a denial of service (cron failure) by creating hard links, which results in a failed st_nlink check in database.c.... Read more

    Affected Products : linux vixie_cron
    • EPSS Score: %0.05
    • Published: Apr. 18, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2007-2894

    The emulated floppy disk controller in Bochs 2.3 allows local users of the guest operating system to cause a denial of service (virtual machine crash) via unspecified vectors, resulting in a divide-by-zero error.... Read more

    Affected Products : bochs
    • EPSS Score: %0.11
    • Published: May. 30, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2005-1981

    Unknown vulnerability in Microsoft Windows 2000 Server and Windows Server 2003 domain controllers allows remote authenticated users to cause a denial of service (system crash) via a crafted Kerberos message.... Read more

    Affected Products : windows_2000 windows_2003_server
    • EPSS Score: %2.25
    • Published: Aug. 10, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2011-2527

    The change_process_uid function in os-posix.c in Qemu 0.14.0 and earlier does not properly drop group privileges when the -runas option is used, which allows local guest users to access restricted files on the host.... Read more

    Affected Products : qemu
    • EPSS Score: %0.09
    • Published: Jun. 21, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2006-1439

    NSSecureTextField in AppKit in Apple Mac OS X 10.4.6 does not re-enable secure event input under certain circumstances, which could allow other applications in the window session to monitor input characters and keyboard events.... Read more

    Affected Products : mac_os_x
    • EPSS Score: %0.08
    • Published: May. 12, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-2553

    The find_target function in ptrace32.c in the Linux kernel 2.4.x before 2.4.29 does not properly handle a NULL return value from another function, which allows local users to cause a denial of service (kernel crash/oops) by running a 32-bit ltrace program... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.09
    • Published: Aug. 12, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-2512

    Mail.app in Mac OS 10.4.2 and earlier, when printing or forwarding an HTML message, loads remote images even when the user's preferences state otherwise, which could result in a privacy leak.... Read more

    Affected Products : mac_os_x mail
    • EPSS Score: %0.06
    • Published: Aug. 19, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-2426

    FTPshell Server 3.38 allows remote authenticated users to cause a denial of service (application crash) by multiple connections and disconnections without using the QUIT command.... Read more

    Affected Products : ftpshell_server
    • EPSS Score: %1.11
    • Published: Aug. 03, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-2120

    The TIFFToRGB function in libtiff before 3.8.1 allows remote attackers to cause a denial of service (crash) via a crafted TIFF image with Yr/Yg/Yb values that exceed the YCR/YCG/YCB values, which triggers an out-of-bounds read.... Read more

    Affected Products : libtiff
    • EPSS Score: %0.32
    • Published: May. 01, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-3858

    IBM Informix Dynamic Server (IDS) before 9.40.xC8 and 10.00 before 10.00.xC4 stores passwords in plaintext in shared memory, which allows local users to obtain passwords by reading the memory (product defects 171893, 171894, 173772).... Read more

    Affected Products : informix_dynamic_server
    • EPSS Score: %0.07
    • Published: Aug. 08, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2011-3262

    tools/libxc/xc_dom_bzimageloader.c in Xen 3.2, 3.3, 4.0, and 4.1 allows local users to cause a denial of service (management software infinite loop and management domain resource consumption) via unspecified vectors related to "Lack of error checking in t... Read more

    Affected Products : xen
    • EPSS Score: %0.10
    • Published: Aug. 19, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2005-2231

    High Availability Linux Project Heartbeat 1.2.3 allows local users to overwrite arbitrary files via a symlink attack on temporary files.... Read more

    Affected Products : heartbeat
    • EPSS Score: %0.10
    • Published: Jul. 12, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-2660

    apachetop 0.12.5 and earlier, when running in debug mode, allows local users to create or append to arbitrary files via a symlink attack on atop.debug.... Read more

    Affected Products : apachetop
    • EPSS Score: %0.08
    • Published: Sep. 30, 2005
    • Modified: Apr. 03, 2025
Showing 20 of 291921 Results