Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2010-3073

    SSL_Cipher.cpp in EncFS before 1.7.0 does not properly handle integer data sizes when constructing headers intended for randomization of initialization vectors, which makes it easier for local users to obtain sensitive information by defeating cryptograph... Read more

    Affected Products : encfs
    • EPSS Score: %0.16
    • Published: Sep. 17, 2010
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2009-2910

    arch/x86/ia32/ia32entry.S in the Linux kernel before 2.6.31.4 on the x86_64 platform does not clear certain kernel registers before a return to user mode, which allows local users to read register values from an earlier process by switching an ia32 proces... Read more

    • EPSS Score: %0.05
    • Published: Oct. 20, 2009
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2008-7258

    The standardise function in Anibal Monsalve Salazar sSMTP 2.61 and 2.62 allows local users to cause a denial of service (application exit) via an e-mail message containing a long line that begins with a . (dot) character. NOTE: CVE disputes this issue be... Read more

    Affected Products : ssmtp
    • EPSS Score: %0.07
    • Published: Aug. 20, 2010
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2011-1356

    IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.39 and 7.0 before 7.0.0.19 allows local users to obtain sensitive stack-trace information via a crafted Administration Console request.... Read more

    Affected Products : websphere_application_server
    • EPSS Score: %0.06
    • Published: Jul. 19, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2010-2522

    The mipv6 daemon in UMIP 0.4 does not verify that netlink messages originated in the kernel, which allows local users to spoof netlink socket communication via a crafted unicast message.... Read more

    Affected Products : umip
    • EPSS Score: %0.06
    • Published: Jul. 13, 2010
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2011-4623

    Integer overflow in the rsCStrExtendBuf function in runtime/stringbuf.c in the imfile module in rsyslog 4.x before 4.6.6, 5.x before 5.7.4, and 6.x before 6.1.4 allows local users to cause a denial of service (daemon hang) via a large file, which triggers... Read more

    Affected Products : rsyslog
    • EPSS Score: %0.09
    • Published: Sep. 25, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2012-1772

    Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than... Read more

    Affected Products : fusion_middleware
    • EPSS Score: %0.64
    • Published: Jul. 17, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2012-4539

    Xen 4.0 through 4.2, when running 32-bit x86 PV guests on 64-bit hypervisors, allows local guest OS administrators to cause a denial of service (infinite loop and hang or crash) via invalid arguments to GNTTABOP_get_status_frames, aka "Grant table hyperca... Read more

    Affected Products : xen
    • EPSS Score: %0.07
    • Published: Nov. 21, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2012-4530

    The load_script function in fs/binfmt_script.c in the Linux kernel before 3.7.2 does not properly handle recursion, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.36
    • Published: Feb. 18, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2006-6921

    Unspecified versions of the Linux kernel allow local users to cause a denial of service (unrecoverable zombie process) via a program with certain instructions that prevent init from properly reaping a child whose parent has died.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.06
    • Published: Jan. 12, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2011-0685

    The Delete Private Data feature in Opera before 11.01 does not properly implement the "Clear all email account passwords" option, which might allow physically proximate attackers to access an e-mail account via an unattended workstation.... Read more

    Affected Products : opera_browser
    • EPSS Score: %0.07
    • Published: Jan. 31, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2010-3861

    The ethtool_get_rxnfc function in net/core/ethtool.c in the Linux kernel before 2.6.36 does not initialize a certain block of heap memory, which allows local users to obtain potentially sensitive information via an ETHTOOL_GRXCLSRLALL ethtool command with... Read more

    • EPSS Score: %0.05
    • Published: Dec. 10, 2010
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2012-6120

    Red Hat OpenStack Essex and Folsom creates the /var/log/puppet directory with world-readable permissions, which allows local users to obtain sensitive information such as Puppet log files.... Read more

    Affected Products : openstack_essex openstack_folsom
    • EPSS Score: %0.04
    • Published: Apr. 10, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2007-3107

    The signal handling in the Linux kernel before 2.6.22, including 2.6.2, when running on PowerPC systems using HTX, allows local users to cause a denial of service via unspecified vectors involving floating point corruption and concurrency, related to clea... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.09
    • Published: Jul. 10, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2011-0710

    The task_show_regs function in arch/s390/kernel/traps.c in the Linux kernel before 2.6.38-rc4-next-20110216 on the s390 platform allows local users to obtain the values of the registers of an arbitrary process by reading a status file under /proc/.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.11
    • Published: Feb. 18, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2012-5561

    script/katello-generate-passphrase in Katello 1.1 uses world-readable permissions for /etc/katello/secure/passphrase, which allows local users to obtain the passphrase by reading the file.... Read more

    Affected Products : subscription_asset_manager katello
    • EPSS Score: %0.05
    • Published: Mar. 01, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2007-5751

    Liferea before 1.4.6 uses weak permissions (0644) for the feedlist.opml backup file, which allows local users to obtain credentials.... Read more

    Affected Products : liferea
    • EPSS Score: %0.05
    • Published: Oct. 31, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2012-4452

    MySQL 5.0.88, and possibly other versions and platforms, allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with ... Read more

    Affected Products : mysql mysql
    • EPSS Score: %0.06
    • Published: Oct. 09, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2012-1767

    Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than... Read more

    Affected Products : fusion_middleware
    • EPSS Score: %0.64
    • Published: Jul. 17, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2011-0016

    Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha does not properly manage key data in memory, which might allow local users to obtain sensitive information by leveraging the ability to read memory that was previously used by a different process.... Read more

    Affected Products : tor tor
    • EPSS Score: %0.06
    • Published: Jan. 19, 2011
    • Modified: Apr. 11, 2025
Showing 20 of 292058 Results