Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 1.9

    LOW
    CVE-2011-3154

    DistUpgrade/DistUpgradeViewKDE.py in Update Manager before 1:0.87.31.1, 1:0.134.x before 1:0.134.11.1, 1:0.142.x before 1:0.142.23.1, 1:0.150.x before 1:0.150.5.1, and 1:0.152.x before 1:0.152.25.5 does not properly create temporary files, which allows lo... Read more

    Affected Products : ubuntu_linux update-manager
    • EPSS Score: %0.05
    • Published: Apr. 17, 2014
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2009-2911

    SystemTap 1.0, when the --unprivileged option is used, does not properly restrict certain data sizes, which allows local users to (1) cause a denial of service or gain privileges via a print operation with a large number of arguments that trigger a kernel... Read more

    Affected Products : systemtap
    • EPSS Score: %0.08
    • Published: Oct. 22, 2009
    • Modified: Apr. 09, 2025

  • 1.9

    LOW
    CVE-2015-7404

    IBM Tivoli Storage Manager for Databases: Data Protection for Microsoft SQL Server (aka Spectrum Protect for Databases) 5.5 before 5.5.6.2, 6.3 before 6.3.1.6, 6.4 before 6.4.1.8, and 7.1 before 7.1.4; Tivoli Storage Manager for Mail: Data Protection for ... Read more

    • EPSS Score: %0.03
    • Published: Nov. 14, 2015
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2007-5143

    F-Secure Anti-Virus for Windows Servers 7.0 64-bit edition allows local users to bypass virus scanning by using the system32 directory to store a crafted (1) archive or (2) packed executable. NOTE: in many environments, this does not cross privilege boun... Read more

    • EPSS Score: %0.07
    • Published: Oct. 01, 2007
    • Modified: Apr. 09, 2025

  • 1.9

    LOW
    CVE-2004-2713

    Zone Alarm Pro 1.0 through 5.1 gives full access to %windir%\Internet Logs\* to the EVERYONE group, which allows local users to cause a denial of service by modifying the folder contents or permissions. NOTE: this issue has been disputed by the vendor, wh... Read more

    Affected Products : zonealarm
    • EPSS Score: %0.05
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 1.9

    LOW
    CVE-2008-0049

    AppKit in Apple Mac OS X 10.4.11 inadvertently makes an NSApplication mach port available for inter-process communication instead of inter-thread communication, which allows local users to execute arbitrary code via crafted messages to privileged applicat... Read more

    Affected Products : mac_os_x mac_os_x_server
    • EPSS Score: %0.19
    • Published: Mar. 18, 2008
    • Modified: Apr. 09, 2025

  • 1.9

    LOW
    CVE-2007-4751

    RemoteDocs R-Viewer before 1.6.3768 stores encrypted RDZ file data in unencrypted temporary files, which allows local users to obtain sensitive information by reading the temporary files.... Read more

    Affected Products : remotedocs_r-viewer
    • EPSS Score: %0.07
    • Published: Sep. 18, 2007
    • Modified: Apr. 09, 2025

  • 1.9

    LOW
    CVE-2014-6195

    The (1) Java GUI and (2) Web GUI components in the IBM Tivoli Storage Manager (TSM) Backup-Archive client 5.4 and 5.5 before 5.5.4.4 on AIX, Linux, and Solaris; 5.4.x and 5.5.x on Windows and z/OS; 6.1 before 6.1.5.7 on z/OS; 6.1 and 6.2 before 6.2.5.2 on... Read more

    • EPSS Score: %0.04
    • Published: Feb. 14, 2015
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2011-3692

    NetSaro Enterprise Messenger Server 2.0 stores cleartext console credentials in configuration.xml, which allows local users to obtain sensitive information by reading this file and performing a base64 decoding step.... Read more

    Affected Products : enterprise_messenger_server
    • EPSS Score: %0.06
    • Published: Sep. 27, 2011
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2011-3541

    Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows local users to affect availability via unknown vectors related to Outside In Filters.... Read more

    Affected Products : fusion_middleware
    • EPSS Score: %0.47
    • Published: Oct. 18, 2011
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2011-2267

    Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.2.0 and 8.3.5.0 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters.... Read more

    Affected Products : fusion_middleware
    • EPSS Score: %0.57
    • Published: Jul. 21, 2011
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2013-5187

    The Screen Lock implementation in Apple Mac OS X before 10.9 does not immediately accept Keychain Status menu Lock Screen commands, and instead incorrectly relies on a certain timeout setting, which allows physically proximate attackers to obtain sensitiv... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.13
    • Published: Oct. 24, 2013
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2024-42155

    In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe copies of protected- and secure-keys Although the clear-key of neither protected- nor secure-keys is accessible, this key material should only be visible to the calling ... Read more

    Affected Products : linux_kernel
    • Published: Jul. 30, 2024
    • Modified: Nov. 21, 2024

  • 1.9

    LOW
    CVE-2015-1064

    Springboard in Apple iOS before 8.2 allows physically proximate attackers to bypass an intended activation requirement and read the home screen by leveraging an application crash during the activation process.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.07
    • Published: Mar. 12, 2015
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2015-1113

    The Sandbox Profiles component in Apple iOS before 8.3 allows attackers to read the (1) telephone number or (2) e-mail address of a recent contact via a crafted app.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.07
    • Published: Apr. 10, 2015
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2015-1146

    The Code Signing implementation in Apple OS X before 10.10.3 does not properly validate signatures, which allows local users to bypass intended access restrictions via a crafted bundle, a different vulnerability than CVE-2015-1145.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.07
    • Published: Apr. 10, 2015
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2015-1097

    IOMobileFramebuffer in Apple iOS before 8.3 and Apple TV before 7.2 allows attackers to obtain sensitive information about kernel memory via a crafted app.... Read more

    Affected Products : iphone_os tvos
    • EPSS Score: %0.07
    • Published: Apr. 10, 2015
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2013-4481

    Race condition in Luci 0.26.0 creates /var/lib/luci/etc/luci.ini with world-readable permissions before restricting the permissions, which allows local users to read the file and obtain sensitive information such as "authentication secrets."... Read more

    Affected Products : enterprise_linux luci
    • EPSS Score: %0.03
    • Published: Nov. 23, 2013
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2008-3230

    The ffmpeg lavf demuxer allows user-assisted attackers to cause a denial of service (application crash) via a crafted GIF file, possibly related to gstreamer, as demonstrated by lol-giftopnm.gif.... Read more

    Affected Products : lavf_demuxer
    • EPSS Score: %0.12
    • Published: Jul. 18, 2008
    • Modified: Apr. 09, 2025

  • 1.9

    LOW
    CVE-2015-0001

    The Windows Error Reporting (WER) component in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to bypass the Protected Process Light protection mechanism and read the contents of arbitrary ... Read more

    • EPSS Score: %0.55
    • Published: Jan. 13, 2015
    • Modified: Apr. 12, 2025
Showing 20 of 291160 Results