Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2002-1888

    CommonName Toolbar 3.5.2.0 sends unqualified domain name requests to the CommonName organization and possibly other web servers for name resolution, which allows those organizations to obtain internal server names.... Read more

    Affected Products : commonname_toolbar
    • EPSS Score: %0.14
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-0622

    Apple Mac OS X 10.3.4, 10.4, 10.5, and possibly other versions does not properly clear memory for login (aka Loginwindow.app), Keychain, or FileVault passwords, which could allow the root user or an attacker with physical access to obtain sensitive inform... Read more

    Affected Products : mac_os_x
    • EPSS Score: %0.12
    • Published: Dec. 06, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-0619

    Einstein 1.0.1 stores sensitive information such as usernames and passwords in plaintext in the registry, which allows local users to gain privileges.... Read more

    Affected Products : einstein
    • EPSS Score: %0.36
    • Published: Feb. 28, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0409

    vim (aka gvim) allows local users to modify files being edited by other users via a symlink attack on the backup and swap files, when the victim is editing the file in a world writable directory.... Read more

    Affected Products : vim
    • EPSS Score: %0.16
    • Published: Jun. 18, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-0887

    scoadmin for Caldera/SCO OpenServer 5.0.5 and 5.0.6 allows local users to overwrite arbitrary files via a symlink attack on temporary files, as demonstrated using log files.... Read more

    Affected Products : openserver
    • EPSS Score: %0.23
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2015-0996

    Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 rely on a hardcoded cleartext password to control read access to Project files and Project Configuration files, which makes it ea... Read more

    Affected Products : aveva_edge wonderware_intouch_2014
    • EPSS Score: %0.06
    • Published: Mar. 29, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2004-1276

    IglooFTP 0.6.1, when recursively uploading a directory, allows local users to overwrite the files that are being uploaded by creating temporary files with names generated by the tmpnam function, before the files are opened by IglooFTP.... Read more

    Affected Products : iglooftp
    • EPSS Score: %0.06
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-2083

    The Novell Netware client running on Windows 95 allows local users to bypass the login and open arbitrary files via the "What is this?" help feature, which can be launched from the Novell Netware login screen.... Read more

    Affected Products : netware
    • EPSS Score: %0.03
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-2028

    The screensaver on Windows NT 4.0, 2000, XP, and 2002 does not verify if a domain account has already been locked when a valid password is provided, which makes it easier for users with physical access to conduct brute force password guessing.... Read more

    Affected Products : windows_2000 windows_xp windows_nt
    • EPSS Score: %0.81
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2012-4578

    The geli encryption provider 7 before r239184 on FreeBSD 10 uses a weak Master Key, which makes it easier for local users to defeat a cryptographic protection mechanism via a brute-force attack.... Read more

    Affected Products : freebsd geli
    • EPSS Score: %0.03
    • Published: Aug. 21, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2002-1490

    NetBSD 1.4 through 1.6 beta allows local users to cause a denial of service (kernel panic) via a series of calls to the TIOCSCTTY ioctl, which causes an integer overflow in a structure counter and sets the counter to zero, which frees memory that is still... Read more

    Affected Products : netbsd
    • EPSS Score: %0.06
    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0311

    The Windows 2000 domain controller allows a malicious user to modify Active Directory information by modifying an unprotected attribute, aka the "Mixed Object Access" vulnerability.... Read more

    Affected Products : windows_2000
    • EPSS Score: %0.65
    • Published: Apr. 20, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2012-2068

    Multiple cross-site scripting (XSS) vulnerabilities in fancy_slide.module in the Fancy Slide module before 6.x-2.7 for Drupal allow remote authenticated users with the administer fancy_slide permission to inject arbitrary web script or HTML via the (1) no... Read more

    Affected Products : drupal fancy_slide
    • EPSS Score: %0.34
    • Published: Sep. 05, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2006-5817

    prl_dhcpd in Parallels Desktop for Mac Build 1940 uses insecure permissions (0666) for /Library/Parallels/.dhcpd_configuration, which allows local users to modify DHCP configuration.... Read more

    Affected Products : parallels_desktop
    • EPSS Score: %0.05
    • Published: Nov. 08, 2006
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2001-0373

    The default configuration of the Dr. Watson program in Windows NT and Windows 2000 generates user.dmp crash dump files with world-readable permissions, which could allow a local user to gain access to sensitive information.... Read more

    Affected Products : windows_2000 windows_nt
    • EPSS Score: %1.26
    • Published: Jun. 18, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2014-6147

    IBM Flex System Manager (FSM) 1.1.x.x, 1.2.0.x, 1.2.1.x, 1.3.0.0, 1.3.1.0, and 1.3.2.0 allows local users to obtain sensitive information, and consequently gain privileges or conduct impersonation attacks, via unspecified vectors.... Read more

    Affected Products : flex_system_manager
    • EPSS Score: %0.13
    • Published: Feb. 19, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2011-3536

    Unspecified vulnerability in Oracle Solaris 10 allows local users to affect availability, related to DTrace Software Library (libdtrace).... Read more

    Affected Products : solaris
    • EPSS Score: %0.14
    • Published: Oct. 18, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2012-1660

    Multiple cross-site scripting (XSS) vulnerabilities in components/select.inc in the Webform module 6.x-3.x before 6.x-3.17 and 7.x-3.x before 7.x-3.17 for Drupal, when the "Select (or other)" module is enabled, allow remote authenticated users with the cr... Read more

    Affected Products : drupal webform webform
    • EPSS Score: %0.46
    • Published: Sep. 18, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2015-8100

    The net-snmp package in OpenBSD through 5.8 uses 0644 permissions for snmpd.conf, which allows local users to obtain sensitive community information by reading this file.... Read more

    Affected Products : net-snmp
    • EPSS Score: %0.14
    • Published: Nov. 10, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2013-4293

    The server in Red Hat JBoss Operations Network (JON) 3.1.2 logs passwords in plaintext, which allows local users to obtain sensitive information by reading the log files.... Read more

    Affected Products : jboss_operations_network
    • EPSS Score: %0.05
    • Published: Oct. 24, 2013
    • Modified: Apr. 11, 2025
Showing 20 of 291750 Results