Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2001-1302

    The change password option in the Windows Security interface for Windows 2000 allows attackers to use the option to attempt to change passwords of other users on other systems or identify valid accounts by monitoring error messages, possibly due to a prob... Read more

    Affected Products : windows_2000
    • Published: Jul. 18, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2008-2517

    The sarab.sh script in SaraB before 0.2.4 places the dar program's encryption key on the command line, which allows local users to obtain sensitive information by listing the process.... Read more

    Affected Products : sarab
    • Published: Jun. 03, 2008
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2000-0264

    Panda Security 3.0 with registry editing disabled allows users to edit the registry and gain privileges by directly executing a .reg file or using other methods.... Read more

    Affected Products : panda_security
    • Published: Apr. 17, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-1360

    Unknown vulnerability in conv_fix in Sun Solaris 7 through 9, when invoked by conv_lpd, allows local users to overwrite arbitrary files.... Read more

    Affected Products : solaris sunos
    • Published: Feb. 27, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2007-6434

    Linux kernel 2.6.23 allows local users to create low pages in virtual userspace memory and bypass mmap_min_addr protection via a crafted executable file that calls the do_brk function.... Read more

    Affected Products : linux_kernel
    • Published: Dec. 18, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-1999-1408

    Vulnerability in AIX 4.1.4 and HP-UX 10.01 and 9.05 allows local users to cause a denial of service (crash) by using a socket to connect to a port on the localhost, calling shutdown to clear the socket, then using the same socket to connect to a different... Read more

    Affected Products : aix hp-ux
    • Published: Mar. 05, 1997
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2008-3900

    Intel firmware PE94510M.86A.0050.2007.0710.1559 stores pre-boot authentication passwords in the BIOS Keyboard buffer and does not clear this buffer after use, which allows local users to obtain sensitive information by reading the physical memory location... Read more

    Affected Products : bios bios
    • Published: Sep. 03, 2008
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2001-1122

    Windows NT 4.0 SP 6a allows a local user with write access to winnt/system32 to cause a denial of service (crash in lsass.exe) by running the NT4ALL exploit program in 'SPECIAL' mode.... Read more

    Affected Products : windows_nt
    • Published: Aug. 03, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2015-6375

    The debug-logging (aka debug cns) feature in Cisco Networking Services (CNS) for IOS 15.2(2)E3 allows local users to obtain sensitive information by reading an unspecified file, aka Bug ID CSCux18010.... Read more

    Affected Products : ios
    • Published: Nov. 21, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2001-0020

    Directory traversal vulnerability in Arrowpoint (aka Cisco Content Services, or CSS) allows local unprivileged users to read arbitrary files via a .. (dot dot) attack.... Read more

    Affected Products : arrowpoint content_services_switch
    • Published: Feb. 12, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2008-7020

    McAfee SafeBoot Device Encryption 4 build 4750 and earlier stores pre-boot authentication passwords in the BIOS Keyboard buffer and does not clear this buffer after use, which allows local users to obtain sensitive information by reading the physical memo... Read more

    Affected Products : safeboot_device_encryption
    • Published: Aug. 21, 2009
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2006-0229

    Unquoted Windows search path vulnerability in Wehntrust might allow local users to gain privileges via a malicious "program.exe" file in the C: folder, which is run when Wehntrust creates the autostart key.... Read more

    Affected Products : wehntrust
    • Published: Jan. 17, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-0912

    FreeBSD VFS cache (vfs_cache) allows local users to cause a denial of service by opening a large number of files.... Read more

    Affected Products : freebsd
    • Published: Sep. 22, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2015-7368

    Revive Adserver before 3.2.2 does not send the appropriate Cache-Control HTTP headers in responses for admin UI pages, which allows local users to obtain sensitive information via the web browser cache.... Read more

    Affected Products : revive_adserver
    • Published: Oct. 14, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2006-5817

    prl_dhcpd in Parallels Desktop for Mac Build 1940 uses insecure permissions (0666) for /Library/Parallels/.dhcpd_configuration, which allows local users to modify DHCP configuration.... Read more

    Affected Products : parallels_desktop
    • Published: Nov. 08, 2006
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-1999-0782

    KDE kppp allows local users to create a directory in an arbitrary location via the HOME environmental variable.... Read more

    Affected Products : linux_kernel freebsd kde
    • Published: Nov. 18, 1998
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2015-0996

    Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 rely on a hardcoded cleartext password to control read access to Project files and Project Configuration files, which makes it ea... Read more

    Affected Products : aveva_edge wonderware_intouch_2014
    • Published: Mar. 29, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2005-2132

    RPC portmapper (rpcbind) in SCO UnixWare 7.1.1 m5, 7.1.3 mp5, and 7.1.4 mp2 allows remote attackers or local users to cause a denial of service (lack of response) via multiple invalid portmap requests.... Read more

    Affected Products : unixware
    • Published: Aug. 03, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2014-5400

    The installation component in Hospira MedNet before 6.1 places cleartext credentials in configuration files, which allows local users to obtain sensitive information by reading a file.... Read more

    Affected Products : mednet
    • Published: Apr. 03, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2004-0622

    Apple Mac OS X 10.3.4, 10.4, 10.5, and possibly other versions does not properly clear memory for login (aka Loginwindow.app), Keychain, or FileVault passwords, which could allow the root user or an attacker with physical access to obtain sensitive inform... Read more

    Affected Products : mac_os_x
    • Published: Dec. 06, 2004
    • Modified: Apr. 03, 2025
Showing 20 of 293493 Results