Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2011-2977

    Bugzilla 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3 on Windows does not delete the temporary files associated with uploaded attachments, which allows local users to obtain sensitive information by reading these files. NOTE: thi... Read more

    Affected Products : windows bugzilla
    • EPSS Score: %0.07
    • Published: Aug. 09, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2010-1451

    The TSB I-TLB load implementation in arch/sparc/kernel/tsb.S in the Linux kernel before 2.6.33 on the SPARC platform does not properly obtain the value of a certain _PAGE_EXEC_4U bit and consequently does not properly implement a non-executable stack, whi... Read more

    Affected Products : linux_kernel debian_linux
    • EPSS Score: %0.10
    • Published: May. 07, 2010
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2007-5373

    ldapscripts 1.4 and 1.7 sends a password as a command line argument when calling some LDAP programs, which might allow local users to read the password by listing the process and its arguments, as demonstrated by a call to ldappasswd in the _changepasswor... Read more

    Affected Products : ldapscripts
    • EPSS Score: %0.07
    • Published: Oct. 11, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2015-2454

    The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly constrain impersonation levels, which allows l... Read more

    • EPSS Score: %1.04
    • Published: Aug. 15, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2003-0461

    /proc/tty/driver/serial in Linux 2.4.x reveals the exact number of characters used in serial links, which could allow local users to obtain potentially sensitive information such as the length of passwords.... Read more

    Affected Products : linux
    • EPSS Score: %0.09
    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-0971

    The krb5-send-pr script in the kerberos5 (krb5) package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.... Read more

    Affected Products : kerberos_5
    • EPSS Score: %0.11
    • Published: Feb. 09, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-0972

    The lvmcreate_initrd script in the lvm package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.... Read more

    • EPSS Score: %0.08
    • Published: Feb. 09, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2003-0079

    The DEC UDK processing feature in the hanterm (hanterm-xf) terminal emulator before 2.0.5 allows attackers to cause a denial of service via a certain character escape sequence that causes the terminal to enter a tight loop.... Read more

    Affected Products : hanterm-xf
    • EPSS Score: %0.08
    • Published: Mar. 03, 2003
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2003-0071

    The DEC UDK processing feature in the xterm terminal emulator in XFree86 4.2.99.4 and earlier allows attackers to cause a denial of service via a certain character escape sequence that causes the terminal to enter a tight loop.... Read more

    Affected Products : x11r6
    • EPSS Score: %0.08
    • Published: Mar. 03, 2003
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2014-1739

    The media_device_enum_entities function in drivers/media/media-device.c in the Linux kernel before 3.14.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory by leveraging /dev/media0 r... Read more

    • EPSS Score: %0.11
    • Published: Jun. 23, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2001-0067

    The installation of J-Pilot creates the .jpilot directory with the user's umask, which could allow local attackers to read other users' PalmOS backup information if their umasks are not securely set.... Read more

    Affected Products : jpilot
    • EPSS Score: %0.10
    • Published: Feb. 12, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-1400

    Unknown vulnerabilities in the UDP port allocation for Linux kernel before 2.2.19 could allow local users to cause a denial of service (deadlock).... Read more

    Affected Products : linux_kernel linux
    • EPSS Score: %0.06
    • Published: Apr. 17, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2013-7421

    The Crypto API in the Linux kernel before 3.18.5 allows local users to load arbitrary kernel modules via a bind system call for an AF_ALG socket with a module name in the salg_name field, a different vulnerability than CVE-2014-9644.... Read more

    • EPSS Score: %0.03
    • Published: Mar. 02, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2006-5004

    Unspecified vulnerability in the rdist command in IBM AIX 5.2.0 and 5.3.0 allows local users to overwrite arbitrary files via unspecified vectors.... Read more

    Affected Products : aix
    • EPSS Score: %0.06
    • Published: Sep. 27, 2006
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2006-4820

    Unspecified vulnerability in X.25 on HP-UX B.11.00, B.11.11, and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors.... Read more

    Affected Products : hp-ux
    • EPSS Score: %0.06
    • Published: Sep. 15, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2014-0979

    The start_authentication function in lightdm-gtk-greeter.c in LightDM GTK+ Greeter before 1.7.1 does not properly handle the return value from the lightdm_greeter_get_authentication_user function, which allows local users to cause a denial of service (NUL... Read more

    Affected Products : opensuse lightdm_gtk\+_greeter
    • EPSS Score: %0.08
    • Published: Jan. 23, 2014
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2004-0797

    The error handling in the (1) inflate and (2) inflateBack functions in ZLib compression library 1.2.x allows local users to cause a denial of service (application crash).... Read more

    Affected Products : zlib
    • EPSS Score: %0.76
    • Published: Oct. 20, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-4399

    User interface inconsistency in Workgroup Manager in Apple Mac OS X 10.4 through 10.4.7 appears to allow administrators to change the authentication type from crypt to ShadowHash passwords for accounts in a NetInfo parent, when such an operation is not ac... Read more

    Affected Products : mac_os_x mac_os_x_server
    • EPSS Score: %0.22
    • Published: Oct. 03, 2006
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2001-0568

    Digital Creations Zope 2.3.1 b1 and earlier allows a local attacker (Zope user) with through-the-web scripting capabilities to alter ZClasses class attributes.... Read more

    Affected Products : zope
    • EPSS Score: %0.11
    • Published: Aug. 22, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-1382

    The glibcbug script in glibc 2.3.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CVE-2004-0968.... Read more

    Affected Products : glibc
    • EPSS Score: %0.09
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025
Showing 20 of 291783 Results