Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 1.9

    LOW
    CVE-2013-7336

    The qemuMigrationWaitForSpice function in qemu/qemu_migration.c in libvirt before 1.1.3 does not properly enter a monitor when performing seamless SPICE migration, which allows local users to cause a denial of service (NULL pointer dereference and libvirt... Read more

    Affected Products : opensuse libvirt
    • EPSS Score: %0.07
    • Published: May. 07, 2014
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2014-4448

    House Arrest in Apple iOS before 8.1 relies on the hardware UID for its encryption key, which makes it easier for physically proximate attackers to obtain sensitive information from a Documents directory by obtaining this UID.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.05
    • Published: Oct. 22, 2014
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2015-1097

    IOMobileFramebuffer in Apple iOS before 8.3 and Apple TV before 7.2 allows attackers to obtain sensitive information about kernel memory via a crafted app.... Read more

    Affected Products : iphone_os tvos
    • EPSS Score: %0.07
    • Published: Apr. 10, 2015
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2024-42155

    In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe copies of protected- and secure-keys Although the clear-key of neither protected- nor secure-keys is accessible, this key material should only be visible to the calling ... Read more

    Affected Products : linux_kernel
    • Published: Jul. 30, 2024
    • Modified: Nov. 21, 2024

  • 1.9

    LOW
    CVE-2014-2893

    The GetHTMLRunDir function in the scan-build utility in Clang 3.5 and earlier allows local users to obtain sensitive information or overwrite arbitrary files via a symlink attack on temporary directories with predictable names.... Read more

    Affected Products : opensuse clang
    • EPSS Score: %0.08
    • Published: Apr. 23, 2014
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2014-0058

    The security audit functionality in Red Hat JBoss Enterprise Application Platform (EAP) 6.x before 6.2.1 logs request parameters in plaintext, which might allow local users to obtain passwords by reading the log files.... Read more

    • EPSS Score: %0.06
    • Published: Feb. 26, 2014
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2015-2534

    Hyper-V in Microsoft Windows 8.1, Windows Server 2012 R2, and Windows 10 improperly processes ACL settings, which allows local users to bypass intended network-traffic restrictions via a crafted application, aka "Hyper-V Security Feature Bypass Vulnerabil... Read more

    • EPSS Score: %0.60
    • Published: Sep. 09, 2015
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2015-2580

    Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows local users to affect availability via vectors related to NFSv4.... Read more

    Affected Products : solaris
    • EPSS Score: %0.22
    • Published: Jul. 16, 2015
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2014-4447

    Profile Manager in Apple OS X Server before 4.0 allows local users to discover cleartext passwords by reading a file after a (1) profile setup or (2) profile edit occurs.... Read more

    Affected Products : os_x_server
    • EPSS Score: %0.14
    • Published: Oct. 18, 2014
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2011-4944

    Python 2.6 through 3.2 creates ~/.pypirc with world-readable permissions before changing them after data has been written, which introduces a race condition that allows local users to obtain a username and password by reading this file.... Read more

    Affected Products : python
    • EPSS Score: %0.04
    • Published: Aug. 27, 2012
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2013-2635

    The rtnl_fill_ifinfo function in net/core/rtnetlink.c in the Linux kernel before 3.8.4 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.03
    • Published: Mar. 22, 2013
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2013-2168

    The _dbus_printf_string_upper_bound function in dbus/dbus-sysdeps-unix.c in D-Bus (aka DBus) 1.4.x before 1.4.26, 1.6.x before 1.6.12, and 1.7.x before 1.7.4 allows local users to cause a denial of service (service crash) via a crafted message.... Read more

    Affected Products : dbus opensuse
    • EPSS Score: %0.09
    • Published: Jul. 03, 2013
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2012-2737

    The user_change_icon_file_authorized_cb function in /usr/libexec/accounts-daemon in AccountsService before 0.6.22 does not properly check the UID when copying an icon file to the system cache directory, which allows local users to read arbitrary files via... Read more

    Affected Products : accountsservice
    • EPSS Score: %0.07
    • Published: Jul. 22, 2012
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2012-6546

    The ATM implementation in the Linux kernel before 3.6 does not initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.... Read more

    Affected Products : linux_kernel enterprise_linux
    • EPSS Score: %0.03
    • Published: Mar. 15, 2013
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2014-0076

    The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack.... Read more

    Affected Products : openssl
    • EPSS Score: %0.67
    • Published: Mar. 25, 2014
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2010-4081

    The snd_hdspm_hwdep_ioctl function in sound/pci/rme9652/hdspm.c in the Linux kernel before 2.6.36-rc6 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via an SNDRV_HDSPM... Read more

    • EPSS Score: %0.09
    • Published: Nov. 30, 2010
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2014-0135

    Kafo before 0.3.17 and 0.4.x before 0.5.2, as used by Foreman, uses world-readable permissions for default_values.yaml, which allows local users to obtain passwords and other sensitive information by reading the file.... Read more

    Affected Products : kafo
    • EPSS Score: %0.04
    • Published: May. 08, 2014
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2013-0403

    Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows local users to affect availability via unknown vectors related to Utility.... Read more

    Affected Products : sunos solaris
    • EPSS Score: %0.06
    • Published: Apr. 17, 2013
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2012-3520

    The Netlink implementation in the Linux kernel before 3.2.30 does not properly handle messages that lack SCM_CREDENTIALS data, which might allow local users to spoof Netlink communication via a crafted message, as demonstrated by a message to (1) Avahi or... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.06
    • Published: Oct. 03, 2012
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2014-7170

    Race condition in Puppet Server 0.2.0 allows local users to obtain sensitive information by accessing it in between package installation or upgrade and the start of the service.... Read more

    Affected Products : puppet_server
    • EPSS Score: %0.04
    • Published: Dec. 17, 2014
    • Modified: Apr. 12, 2025
Showing 20 of 291293 Results