Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2012-0943

    debian/guest-account in Light Display Manager (lightdm) 1.0.x before 1.0.6 and 1.1.x before 1.1.7, as used in Ubuntu Linux 11.10, allows local users to delete arbitrary files via a space in the name of a file in /tmp. NOTE: this identifier was SPLIT per ... Read more

    Affected Products : ubuntu_linux lightdm
    • Published: May. 22, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2014-6551

    Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidentiality via vectors related to CLIENT:MYSQLADMIN.... Read more

    • Published: Oct. 15, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2012-4530

    The load_script function in fs/binfmt_script.c in the Linux kernel before 3.7.2 does not properly handle recursion, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.... Read more

    Affected Products : linux_kernel
    • Published: Feb. 18, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2007-0636

    Unspecified vulnerability in inotify before 0.3.5 has unknown impact and attack vectors, related to "access rights to watched files."... Read more

    Affected Products : incron
    • Published: Jan. 31, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2013-2006

    OpenStack Identity (Keystone) Grizzly 2013.1.1, when DEBUG mode logging is enabled, logs the (1) admin_token and (2) LDAP password in plaintext, which allows local users to obtain sensitive by reading the log file.... Read more

    Affected Products : keystone
    • Published: May. 21, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2013-2030

    keystone/middleware/auth_token.py in OpenStack Nova Folsom, Grizzly, and Havana uses an insecure temporary directory for storing signing certificates, which allows local users to spoof servers by pre-creating this directory, which is reused by Nova, as de... Read more

    Affected Products : compute folsom grizzly havana
    • Published: Dec. 27, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2007-1322

    QEMU 0.8.2 allows local users to halt a virtual machine by executing the icebp instruction.... Read more

    Affected Products : debian_linux qemu
    • Published: May. 02, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2007-3107

    The signal handling in the Linux kernel before 2.6.22, including 2.6.2, when running on PowerPC systems using HTX, allows local users to cause a denial of service via unspecified vectors involving floating point corruption and concurrency, related to clea... Read more

    Affected Products : linux_kernel
    • Published: Jul. 10, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2012-0034

    The NonManagedConnectionFactory in JBoss Enterprise Application Platform (EAP) 5.1.2 and 5.2.0, Web Platform (EWP) 5.1.2 and 5.2.0, and BRMS Platform before 5.3.1 logs the username and password in cleartext when an exception is thrown, which allows local ... Read more

    • Published: Feb. 05, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2007-3337

    wakeup in Ingres database server 2006 9.0.4, r3, 2.6, and 2.5, as used in multiple CA (Computer Associates) products, allows local users to truncate arbitrary files via a symlink attack on the alarmwkp.def file.... Read more

    Affected Products : database_server
    • Published: Jun. 22, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2007-0710

    The Bonjour functionality in iChat in Apple Mac OS X 10.3.9 allows remote attackers to cause a denial of service (persistent application crash) via unspecified vectors, possibly related to CVE-2007-0614.... Read more

    Affected Products : mac_os_x ichat
    • Published: Feb. 16, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2000-0936

    Samba Web Administration Tool (SWAT) in Samba 2.0.7 installs the cgi.log logging file with world readable permissions, which allows local users to read sensitive information such as user names and passwords.... Read more

    Affected Products : samba
    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-1362

    Win32k.sys in Windows NT 4.0 before SP2 allows local users to cause a denial of service (crash) by calling certain WIN32K functions with incorrect parameters.... Read more

    Affected Products : windows_nt
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-0367

    NetBSD netstat command allows local users to access kernel memory.... Read more

    Affected Products : netbsd
    • Published: Feb. 09, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0881

    The dccscan setuid program in LPPlus does not properly check if the user has the permissions to print the file that is specified to dccscan, which allows local users to print arbitrary files.... Read more

    Affected Products : lpplus
    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-1939

    FlashFXP 1.4 prints FTP passwords in plaintext when there are transfers in the queue, which allows attackers to obtain FTP passwords of other users by editing the queue properties.... Read more

    Affected Products : flashfxp
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0624

    QNX 2.4 allows a local user to read arbitrary files by directly accessing the mount point for the FAT disk partition, e.g. /fs-dos.... Read more

    Affected Products : qnx
    • Published: Aug. 02, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-1545

    Joe's Own Editor (joe) 2.8 sets the world-readable permission on its crash-save file, DEADJOE, which could allow local users to read files that were being edited by other users.... Read more

    Affected Products : joe
    • Published: Jul. 14, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-0837

    IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 has world-readable permissions for (1) /etc/neusecure.conf, (2) /opt/NeuSecure/etc/cms-3.0.236.buildconf, and (3) /opt/NeuSecure/bin/ns_archiver.log, which allows local users to read sensitive information suc... Read more

    Affected Products : netcool_neusecure
    • Published: Feb. 22, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0373

    The default configuration of the Dr. Watson program in Windows NT and Windows 2000 generates user.dmp crash dump files with world-readable permissions, which could allow a local user to gain access to sensitive information.... Read more

    Affected Products : windows_2000 windows_nt
    • Published: Jun. 18, 2001
    • Modified: Apr. 03, 2025
Showing 20 of 293414 Results