Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2005-4869

    The (1) to_char and (2) to_date function in IBM DB2 8.1 allows local users to cause a denial of service (application crash) via an empty string in the second parameter, which causes a null pointer dereference.... Read more

    Affected Products : db2
    • EPSS Score: %0.16
    • Published: Dec. 31, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-0970

    The (1) gzexe, (2) zdiff, and (3) znew scripts in the gzip package, as used by other packages such as ncompress, allows local users to overwrite files via a symlink attack on temporary files. NOTE: the znew vulnerability may overlap CVE-2003-0367.... Read more

    Affected Products : gzip
    • EPSS Score: %0.10
    • Published: Feb. 09, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2007-6418

    The libdspam7-drv-mysql cron job in Debian GNU/Linux includes the MySQL dspam database password in a command line argument, which might allow local users to read the password by listing the process and its arguments.... Read more

    Affected Products : debian_linux
    • EPSS Score: %0.06
    • Published: Dec. 18, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2008-0009

    The vmsplice_to_user function in fs/splice.c in the Linux kernel 2.6.22 through 2.6.24 does not validate a certain userspace pointer before dereference, which might allow local users to access arbitrary kernel memory locations.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %1.00
    • Published: Feb. 12, 2008
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2004-1108

    qpkg in Gentoolkit 0.2.0_pre10 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary directory.... Read more

    Affected Products : linux
    • EPSS Score: %0.07
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-1087

    Terminal for Apple Mac OS X 10.3.6 may indicate that "Secure Keyboard Entry" is enabled even when it is not, which could result in a false sense of security for the user.... Read more

    • EPSS Score: %0.09
    • Published: Dec. 02, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-1085

    Human Interface Toolbox (HIToolBox) for Apple Mac 0S X 10.3.6 allows local users to exit applications via the force-quit key combination, even when the system is running in kiosk mode.... Read more

    • EPSS Score: %0.07
    • Published: Dec. 02, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2009-0504

    WSPolicy in the Web Services component in IBM WebSphere Application Server (WAS) 7.0.x before 7.0.0.1 does not properly recognize the IDAssertion.isUsed binding property, which allows local users to discover a password by reading a SOAP message.... Read more

    Affected Products : websphere_application_server
    • EPSS Score: %0.05
    • Published: Feb. 17, 2009
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2004-1081

    The Application Framework (AppKit) for Apple Mac OS X 10.2.8 and 10.3.6 does not properly restrict access to a secure text input field, which allows local users to read keyboard input from other applications within the same window session.... Read more

    • EPSS Score: %0.08
    • Published: Dec. 02, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-6145

    CRYPTOCard CRYPTO-Server before 6.4.56 stores LDAP credentials in plaintext in UninstallerData\installvariables.properties, which has insecure permissions and allows local users to obtain the credentials. NOTE: The provenance of this information is unknow... Read more

    Affected Products : crypto-server
    • EPSS Score: %0.05
    • Published: Nov. 28, 2006
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2006-6127

    Apple Mac OS X kernel allows local users to cause a denial of service via a process that uses kevent to register a queue and an event, then fork a child process that uses kevent to register an event for the same queue as the parent.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • EPSS Score: %0.52
    • Published: Nov. 27, 2006
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2011-1007

    Best Practical Solutions RT before 3.8.9 does not perform certain redirect actions upon a login, which allows physically proximate attackers to obtain credentials by resubmitting the login form via the back button of a web browser on an unattended worksta... Read more

    Affected Products : rt request_tracker
    • EPSS Score: %0.11
    • Published: Feb. 28, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2004-0851

    The (1) write_list and (2) dump_curr_list functions in Net-Acct before 0.71 allows local users to overwrite arbitrary files via a symlink attack on temporary files.... Read more

    Affected Products : net-acct
    • EPSS Score: %0.07
    • Published: Sep. 08, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-3486

    Off-by-one buffer overflow in the Instance_options::complete_initialization function in instance_options.cc in the Instance Manager in MySQL before 5.0.23 and 5.1 before 5.1.12 might allow local users to cause a denial of service (application crash) via u... Read more

    Affected Products : mysql mysql
    • EPSS Score: %0.10
    • Published: Jul. 10, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-3495

    AFP Server in Apple Mac OS X 10.3.9 and 10.4.7 stores reconnect keys in a world-readable file, which allows local users to obtain the keys and access files and folders of other users.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • EPSS Score: %0.07
    • Published: Aug. 02, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-3825

    The IPv4 implementation in Sun Solaris 10 before 20060721 allows local users to select routes that differ from the routing table, possibly facilitating firewall bypass or unauthorized network communication.... Read more

    Affected Products : solaris
    • EPSS Score: %0.07
    • Published: Jul. 25, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-5397

    The Xinput module (modules/im/ximcp/imLcIm.c) in X.Org libX11 1.0.2 and 1.0.3 opens a file for reading twice using the same file descriptor, which causes a file descriptor leak that allows local users to read files specified by the XCOMPOSEFILE environmen... Read more

    Affected Products : libx11
    • EPSS Score: %0.08
    • Published: Nov. 03, 2006
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2006-5364

    Unspecified vulnerability in Oracle Containers for J2EE component in Oracle Application Server 9.0.4.1 and 10.1.2.0.2, and Collaboration Suite 10.1.2, has unknown impact and remote authenticated attack vectors, aka Vuln# OC4J05.... Read more

    • EPSS Score: %1.40
    • Published: Oct. 18, 2006
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2006-0382

    Apple Mac OS X 10.4.5 and allows local users to cause a denial of service (crash) via an undocumented system call.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.07
    • Published: Feb. 14, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2015-4753

    Unspecified vulnerability in the RDBMS Support Tools component in Oracle Database Server 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect confidentiality via unknown vectors.... Read more

    Affected Products : database_server
    • EPSS Score: %0.42
    • Published: Jul. 16, 2015
    • Modified: Apr. 12, 2025
Showing 20 of 291804 Results