Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2010-4080

    The snd_hdsp_hwdep_ioctl function in sound/pci/rme9652/hdsp.c in the Linux kernel before 2.6.36-rc6 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via an SNDRV_HDSP_IO... Read more

    • EPSS Score: %0.09
    • Published: Nov. 30, 2010
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2010-3684

    The FTP authentication module in Synology Disk Station 2.x logs passwords to the web application interface in cases of incorrect login attempts, which allows local users to obtain sensitive information by reading a log, a different vulnerability than CVE-... Read more

    • EPSS Score: %0.05
    • Published: Sep. 29, 2010
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2006-3499

    The dynamic linker (dyld) in Apple Mac OS X 10.3.9 allows local users to obtain sensitive information via unspecified dynamic linker options that affect the use of standard error (stderr) by privileged applications.... Read more

    Affected Products : mac_os_x mac_os_x_server mac_os_x
    • EPSS Score: %0.08
    • Published: Aug. 03, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2015-1319

    The Unity Settings Daemon before 14.04.0+14.04.20150825-0ubuntu2 and 15.04.x before 15.04.1+15.04.20150408-0ubuntu1.2 does not properly detect if the screen is locked, which allows physically proximate attackers to mount removable media while the screen i... Read more

    Affected Products : ubuntu_linux
    • EPSS Score: %0.06
    • Published: Sep. 17, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2010-2928

    The vCenter Tomcat Management Application in VMware vCenter Server 4.1 before Update 1 stores log-on credentials in a configuration file, which allows local users to gain privileges by reading this file.... Read more

    Affected Products : vcenter_server
    • EPSS Score: %0.06
    • Published: Feb. 16, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2015-1679

    The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow local users to bypass the ASLR p... Read more

    • EPSS Score: %2.99
    • Published: May. 13, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2015-2045

    The HYPERVISOR_xen_version hypercall in Xen 3.2.x through 4.5.x does not properly initialize data structures, which allows local guest users to obtain sensitive information via unspecified vectors.... Read more

    Affected Products : fedora debian_linux xen
    • EPSS Score: %0.08
    • Published: Mar. 12, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2013-6387

    Cross-site scripting (XSS) vulnerability in the Image module in Drupal 7.x before 7.24 allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via the description field.... Read more

    Affected Products : drupal
    • EPSS Score: %0.16
    • Published: Dec. 24, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2013-4064

    Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.x before 8.5.3 FP6 and 9.0.x before 9.0.1, when ultra-light mode is enabled, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTH... Read more

    Affected Products : lotus_inotes lotus_domino
    • EPSS Score: %0.17
    • Published: Dec. 21, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2013-6480

    Libcloud 0.12.3 through 0.13.2 does not set the scrub_data parameter for the destroy DigitalOcean API, which allows local users to obtain sensitive information by leveraging a new VM.... Read more

    Affected Products : libcloud
    • EPSS Score: %0.56
    • Published: Jan. 07, 2014
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2005-2104

    sysreport before 1.3.7 allows local users to obtain sensitive information via a symlink attack on a temporary directory.... Read more

    Affected Products : sysreport
    • EPSS Score: %0.07
    • Published: Oct. 07, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-2462

    Kayako liveResponse 2.x, when logging in a user, records the password in plaintext in the URL, which allows local users and possibly remote attackers to gain privileges.... Read more

    Affected Products : liveresponse
    • EPSS Score: %0.21
    • Published: Dec. 31, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-3137

    The (1) cfmailfilter and (2) cfcron.in files for cfengine 1.6.5 allow local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CVE-2005-2960.... Read more

    Affected Products : cfengine
    • EPSS Score: %0.07
    • Published: Oct. 05, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2013-5872

    Unspecified vulnerability in Oracle Solaris 10 and 11.1 allows local users to affect availability via vectors related to Name Service Cache Daemon (NSCD).... Read more

    Affected Products : sunos solaris sunos
    • EPSS Score: %0.10
    • Published: Jan. 15, 2014
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2005-3181

    The audit system in Linux kernel 2.6.6, and other versions before 2.6.13.4, when CONFIG_AUDITSYSCALL is enabled, uses an incorrect function to free names_cache memory, which prevents the memory from being tracked by AUDITSYSCALL code and leads to a memory... Read more

    • EPSS Score: %0.15
    • Published: Oct. 12, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-4031

    MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to access a table through a previously created MERGE table, even after the user's privileges are revoked for the original table, which might violate intended security policy.... Read more

    Affected Products : mysql mysql
    • EPSS Score: %0.26
    • Published: Aug. 09, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2013-6497

    clamscan in ClamAV before 0.98.5, when using -a option, allows remote attackers to cause a denial of service (crash) as demonstrated by the jwplayer.js file.... Read more

    Affected Products : clamav
    • EPSS Score: %0.45
    • Published: Dec. 01, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2006-2110

    Virtual Private Server (Vserver) 2.0.x before 2.0.2-rc18 and 2.1.x before 2.1.1-rc18 provides certain context capabilities (ccaps) that allow local guest users to perform operations that were only intended to be allowed by the guest-root.... Read more

    Affected Products : vserver
    • EPSS Score: %0.09
    • Published: May. 01, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-0512

    PADL MigrationTools 46 creates temporary files insecurely, which allows local users to overwrite arbitrary files via a symlink attack on the temporary files, which are not properly created by (1) migrate_all_online.sh, (2) migrate_all_offline.sh, (3) migr... Read more

    Affected Products : migrationtools
    • EPSS Score: %0.07
    • Published: Feb. 02, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-2071

    Linux kernel 2.4.x and 2.6.x up to 2.6.16 allows local users to bypass IPC permissions and modify a readonly attachment of shared memory by using mprotect to give write permission to the attachment. NOTE: some original raw sources combined this issue wit... Read more

    Affected Products : linux_kernel enterprise_linux
    • EPSS Score: %0.11
    • Published: Apr. 27, 2006
    • Modified: Apr. 03, 2025
Showing 20 of 291722 Results