Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2007-3024

    libclamav/others.c in ClamAV before 0.90.3 and 0.91 before 0.91rc1 uses insecure permissions for temporary files that are created by the cli_gentempstream function in clamd/clamdscan, which might allow local users to read sensitive files.... Read more

    Affected Products : clamav clamav
    • EPSS Score: %0.06
    • Published: Jun. 07, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2011-4922

    cipher.c in the Cipher API in libpurple in Pidgin before 2.7.10 retains encryption-key data in process memory, which might allow local users to obtain sensitive information by reading a core file or other representation of memory contents.... Read more

    Affected Products : pidgin
    • EPSS Score: %0.11
    • Published: Aug. 08, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-1999-0862

    Insecure directory permissions in RPM distribution for PostgreSQL allows local users to gain privileges by reading a plaintext password file.... Read more

    Affected Products : postgresql
    • EPSS Score: %0.09
    • Published: Dec. 02, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-1319

    The Linux kernel 2.4.20 and earlier, and 2.5.x, when running on x86 systems, allows local users to cause a denial of service (hang) via the emulation mode, which does not properly clear TF and NT EFLAGs.... Read more

    Affected Products : linux_kernel linux secure_linux
    • EPSS Score: %0.06
    • Published: Dec. 11, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2013-5173

    The random-number generator in the kernel in Apple Mac OS X before 10.9 provides lengthy exclusive access for processing of large requests, which allows local users to cause a denial of service (temporary generator outage) via an application that requires... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.13
    • Published: Oct. 24, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2006-0369

    MySQL 5.0.18 allows local users with access to a VIEW to obtain sensitive information via the "SELECT * FROM information_schema.views;" query, which returns the query that created the VIEW. NOTE: this issue has been disputed by third parties, saying that... Read more

    Affected Products : mysql
    • EPSS Score: %0.12
    • Published: Jan. 22, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2014-3586

    The default configuration for the Command Line Interface in Red Hat Enterprise Application Platform before 6.4.0 and WildFly (formerly JBoss Application Server) uses weak permissions for .jboss-cli-history, which allows local users to obtain sensitive inf... Read more

    • EPSS Score: %0.05
    • Published: Apr. 21, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2015-4801

    Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect confidentiality via unknown vectors related to Solaris Kernel Zones.... Read more

    Affected Products : solaris
    • EPSS Score: %0.16
    • Published: Oct. 21, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2011-3149

    The _expand_arg function in the pam_env module (modules/pam_env/pam_env.c) in Linux-PAM (aka pam) before 1.1.5 does not properly handle when environment variable expansion can overflow, which allows local users to cause a denial of service (CPU consumptio... Read more

    Affected Products : linux-pam linux-pam
    • EPSS Score: %0.06
    • Published: Jul. 22, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2015-4920

    Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect integrity via vectors related to NDMP Backup Service.... Read more

    Affected Products : solaris
    • EPSS Score: %0.11
    • Published: Jan. 21, 2016
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2011-3257

    The Data Access component in Apple iOS before 5 does not properly handle the existence of multiple user accounts on the same mail server, which allows local users to bypass intended access restrictions in opportunistic circumstances by leveraging a differ... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.05
    • Published: Oct. 14, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2009-3228

    The tc_fill_tclass function in net/sched/sch_api.c in the tc subsystem in the Linux kernel 2.4.x before 2.4.37.6 and 2.6.x before 2.6.31-rc9 does not initialize certain (1) tcm__pad1 and (2) tcm__pad2 structure members, which might allow local users to ob... Read more

    • EPSS Score: %0.08
    • Published: Oct. 19, 2009
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2011-5056

    The authoritative server in MaraDNS through 2.0.04 computes hash values for DNS data without restricting the ability to trigger hash collisions predictably, which might allow local users to cause a denial of service (CPU consumption) via crafted records i... Read more

    Affected Products : maradns
    • EPSS Score: %0.08
    • Published: Jan. 08, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2014-1738

    The raw_cmd_copyout function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly restrict access to certain pointers during processing of an FDRAWCMD ioctl call, which allows local users to obtain sensitive information from kern... Read more

    • EPSS Score: %0.03
    • Published: May. 11, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2009-2489

    Unspecified vulnerability in the utdmsession program in Sun Ray Server Software (SRSS) 4.0 allows local users to access the sessions of arbitrary users via unknown vectors.... Read more

    Affected Products : ray_server_software
    • EPSS Score: %0.06
    • Published: Jul. 16, 2009
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2012-3430

    The rds_recvmsg function in net/rds/recv.c in the Linux kernel before 3.0.44 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a (1) recvfrom or (2) recvmsg sy... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.20
    • Published: Oct. 03, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2004-1857

    Directory traversal vulnerability in setinfo.hts in HP Web Jetadmin 7.5.2546 allows remote authenticated attackers to read arbitrary files via a .. (dot dot) in the setinclude parameter.... Read more

    Affected Products : web_jetadmin
    • EPSS Score: %78.04
    • Published: Mar. 24, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-1983

    The arch_get_unmapped_area function in mmap.c in the PaX patches for Linux kernel 2.6, when Address Space Layout Randomization (ASLR) is enabled, allows local users to cause a denial of service (infinite loop) via unknown attack vectors.... Read more

    Affected Products : linux pax_linux
    • EPSS Score: %0.21
    • Published: May. 02, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2010-4341

    The pam_parse_in_data_v2 function in src/responder/pam/pamsrv_cmd.c in the PAM responder in SSSD 1.5.0, 1.4.x, and 1.3 allows local users to cause a denial of service (infinite loop, crash, and login prevention) via a crafted packet.... Read more

    Affected Products : sssd sssd
    • EPSS Score: %0.17
    • Published: Jan. 25, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2013-0980

    The Passcode Lock implementation in Apple iOS before 6.1.3 does not properly manage the lock state, which allows physically proximate attackers to bypass an intended passcode requirement by leveraging an error in the emergency-call feature.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.05
    • Published: Mar. 20, 2013
    • Modified: Apr. 11, 2025
Showing 20 of 292110 Results