Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 1.9

    LOW
    CVE-2012-2737

    The user_change_icon_file_authorized_cb function in /usr/libexec/accounts-daemon in AccountsService before 0.6.22 does not properly check the UID when copying an icon file to the system cache directory, which allows local users to read arbitrary files via... Read more

    Affected Products : accountsservice
    • EPSS Score: %0.07
    • Published: Jul. 22, 2012
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2012-6546

    The ATM implementation in the Linux kernel before 3.6 does not initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.... Read more

    Affected Products : linux_kernel enterprise_linux
    • EPSS Score: %0.03
    • Published: Mar. 15, 2013
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2013-2168

    The _dbus_printf_string_upper_bound function in dbus/dbus-sysdeps-unix.c in D-Bus (aka DBus) 1.4.x before 1.4.26, 1.6.x before 1.6.12, and 1.7.x before 1.7.4 allows local users to cause a denial of service (service crash) via a crafted message.... Read more

    Affected Products : dbus opensuse
    • EPSS Score: %0.09
    • Published: Jul. 03, 2013
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2005-3349

    GNU Gnump3d before 2.9.8 allows local users to modify or delete arbitrary files via a symlink attack on the index.lok temporary file.... Read more

    Affected Products : gnump3d
    • EPSS Score: %0.04
    • Published: Nov. 18, 2005
    • Modified: Apr. 03, 2025

  • 1.9

    LOW
    CVE-2010-4081

    The snd_hdspm_hwdep_ioctl function in sound/pci/rme9652/hdspm.c in the Linux kernel before 2.6.36-rc6 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via an SNDRV_HDSPM... Read more

    • EPSS Score: %0.09
    • Published: Nov. 30, 2010
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2014-4421

    The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive memory-content and memory-layout information via a crafted application, a different ... Read more

    Affected Products : mac_os_x iphone_os tvos
    • EPSS Score: %0.08
    • Published: Sep. 18, 2014
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2014-6146

    IBM Sterling B2B Integrator 5.2.x through 5.2.4, when the Connect:Direct Server Adapter is configured, does not properly process the logging configuration, which allows local users to obtain sensitive information by reading log files.... Read more

    Affected Products : sterling_b2b_integrator
    • EPSS Score: %0.06
    • Published: Nov. 08, 2014
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2014-5423

    CareFusion Pyxis SupplyStation 8.1 with hardware test tool before 1.0.16 allows local users to obtain potentially sensitive information by reading a temporary (1) debugging file or (2) developer file.... Read more

    Affected Products : pyxis_supplystation
    • EPSS Score: %0.06
    • Published: Oct. 19, 2014
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2014-3716

    Xen 4.4.x does not properly check alignment, which allows local users to cause a denial of service (crash) via an unspecified field in a DTB header in a 32-bit guest kernel.... Read more

    Affected Products : xen
    • EPSS Score: %0.15
    • Published: May. 19, 2014
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2023-31305

    Generation of weak and predictable Initialization Vector (IV) in PMFW (Power Management Firmware) may allow an attacker with privileges to reuse IV values to reverse-engineer debug data, potentially resulting in information disclosure.... Read more

    Affected Products :
    • Published: Aug. 13, 2024
    • Modified: Nov. 06, 2024

  • 1.9

    LOW
    CVE-2014-5036

    The Storage Controller (SC) component in Eucalyptus 3.4.2 through 4.0.x before 4.0.1, when Dell Equallogic SAN is used, logs the CHAP user credentials, which allows local users to obtain sensitive information by reading the logs.... Read more

    Affected Products : eucalyptus
    • EPSS Score: %0.06
    • Published: Sep. 05, 2014
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2009-1215

    Race condition in GNU screen 4.0.3 allows local users to create or overwrite arbitrary files via a symlink attack on the /tmp/screen-exchange temporary file.... Read more

    Affected Products : screen gnu_screen
    • EPSS Score: %0.09
    • Published: Apr. 01, 2009
    • Modified: Apr. 09, 2025

  • 1.9

    LOW
    CVE-2013-3287

    EMC Unisphere for VMAX before 1.6.1.6, when using an unspecified level of debug logging in LDAP configurations, allows local users to discover the cleartext LDAP bind password by reading the console.... Read more

    Affected Products : emc_unisphere unisphere
    • EPSS Score: %0.06
    • Published: Nov. 02, 2013
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2014-0974

    The boot_linux_from_mmc function in app/aboot/aboot.c in the Little Kernel (LK) bootloader, as distributed with Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not properly validate a certain address value,... Read more

    Affected Products : little_kernel_bootloader
    • EPSS Score: %0.06
    • Published: Aug. 25, 2014
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2008-6722

    Novell Access Manager 3 SP4 does not properly expire X.509 certificate sessions, which allows physically proximate attackers to obtain a logged-in session by using a victim's web-browser process that continues to send the original and valid SSL sessionID,... Read more

    Affected Products : access_manager
    • EPSS Score: %0.06
    • Published: Apr. 14, 2009
    • Modified: Apr. 09, 2025

  • 1.9

    LOW
    CVE-2013-4025

    IBM Data Studio Web Console 3.x before 3.2, Optim Performance Manager 5.x before 5.2, InfoSphere Optim Configuration Manager 2.x before 2.2, and DB2 Recovery Expert 2.x do not have an off autocomplete attribute for the login-password field, which makes it... Read more

    • EPSS Score: %0.08
    • Published: Sep. 25, 2013
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2013-1958

    The scm_check_creds function in net/core/scm.c in the Linux kernel before 3.8.6 does not properly enforce capability requirements for controlling the PID value associated with a UNIX domain socket, which allows local users to bypass intended access restri... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.04
    • Published: Apr. 24, 2013
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2024-53855

    Centurion ERP (Enterprise Rescource Planning) is a simple application developed to provide open source IT management with a large emphasis on the IT Service Management (ITSM) modules. A user who is authenticated and has view permissions for a ticket, can ... Read more

    Affected Products : centurion_erp
    • Published: Nov. 27, 2024
    • Modified: Nov. 27, 2024

  • 1.9

    LOW
    CVE-2015-1901

    The installer in IBM InfoSphere Information Server 8.5 through 11.3 before 11.3.1.2 allows local users to obtain sensitive information via unspecified commands.... Read more

    Affected Products : infosphere_information_server
    • EPSS Score: %0.06
    • Published: Jun. 28, 2015
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2011-5119

    Multiple race conditions in Comodo Internet Security before 5.8.211697.2124 allow local users to bypass the Defense+ feature via unspecified vectors.... Read more

    Affected Products : comodo_internet_security
    • EPSS Score: %0.04
    • Published: Aug. 26, 2012
    • Modified: Apr. 11, 2025
Showing 20 of 291255 Results