Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2015-5006

    IBM Java Security Components in IBM SDK, Java Technology Edition 8 before SR2, 7 R1 before SR3 FP20, 7 before SR9 FP20, 6 R1 before SR8 FP15, and 6 before SR16 FP15 allow physically proximate attackers to obtain sensitive information by reading the Kerber... Read more

    • Published: Dec. 07, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2006-2205

    The audio_write function in NetBSD 3.0 allows local users to cause a denial of service (kernel crash) by using the audiosetinfo ioctl to change the sample rate of an audio device.... Read more

    Affected Products : netbsd
    • Published: May. 05, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2011-0515

    KisKrnl.sys 2011.1.13.89 and earlier in Kingsoft AntiVirus 2011 SP5.2 allows local users to cause a denial of service (crash) via a crafted request that is not properly handled by the KiFastCallEntry hook.... Read more

    • Published: Jan. 20, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2025-5991

    There is a "Use After Free" vulnerability in Qt's QHttp2ProtocolHandler in the QtNetwork module. This only affects HTTP/2 handling, HTTP handling is not affected by this at all. This happens due to a race condition between how QHttp2Stream uploads the bod... Read more

    Affected Products :
    • Published: Jun. 11, 2025
    • Modified: Jun. 12, 2025
    • Vuln Type: Race Condition

  • 2.1

    LOW
    CVE-2005-1762

    The ptrace call in the Linux kernel 2.6.8.1 and 2.6.10 for the AMD64 platform allows local users to cause a denial of service (kernel crash) via a "non-canonical" address.... Read more

    Affected Products : linux_kernel
    • Published: Aug. 02, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-6657

    The if_clone_list function in NetBSD-current before 20061027, NetBSD 3.0 and 3.0.1 before 20061027, and NetBSD 2.x before 20061119 allows local users to read potentially sensitive, uninitialized stack memory via unspecified vectors.... Read more

    Affected Products : netbsd
    • Published: Dec. 20, 2006
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2002-0831

    The kqueue mechanism in FreeBSD 4.3 through 4.6 STABLE allows local users to cause a denial of service (kernel panic) via a pipe call in which one end is terminated and an EVFILT_WRITE filter is registered for the other end.... Read more

    Affected Products : freebsd
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-2502

    im-switch before 11.4-46.1 in Fedora Core 2 allows local users to overwrite arbitrary files via a symlink attack on the imswitcher[PID] temporary file.... Read more

    Affected Products : im-switch
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-1065

    tetex in Novell Linux Desktop 9 allows local users to determine the existence of arbitrary files via a symlink attack in the /var/cache/fonts directory.... Read more

    Affected Products : linux_desktop
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-5851

    openexec in OpenBase SQL before 10.0.1 allows local users to create arbitrary files via a symlink attack on the /tmp/output file, a different vulnerability than CVE-2006-5328.... Read more

    Affected Products : openbase
    • Published: Nov. 10, 2006
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-1999-1499

    named in ISC BIND 4.9 and 8.1 allows local users to destroy files via a symlink attack on (1) named_dump.db when root kills the process with a SIGINT, or (2) named.stats when SIGIOT is used.... Read more

    Affected Products : bind
    • Published: Apr. 10, 1998
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-0915

    autorun in Xandros based Linux distributions allows local users to read the first line of arbitrary files via the -c parameter, which causes autorun to print the first line of the file.... Read more

    Affected Products : autorun xandros_desktop_os
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-0757

    The ColdFusion CFCRYPT program for encrypting CFML templates has weak encryption, allowing attackers to decrypt the templates.... Read more

    Affected Products : coldfusion_server
    • Published: Mar. 12, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-0374

    Debian GNU/Linux cfengine package is susceptible to a symlink attack.... Read more

    Affected Products : debian_linux
    • Published: Feb. 16, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-2276

    F-Secure Anti-Virus 5.41 and 5.42 on Windows, Client Security 5.50 and 5.52, 4.60 for Samba Servers, and 4.52 and earlier for Linux does not properly detect certain viruses in a PKZip archive, which allows viruses such as Sober.D and Sober.G to bypass ini... Read more

    Affected Products : f-secure_anti-virus
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-1496

    Sudo 1.5 in Debian Linux 2.1 and Red Hat 6.0 allows local users to determine the existence of arbitrary files by attempting to execute the target filename as a program, which generates a different error message when the file does not exist.... Read more

    Affected Products : debian_linux linux sudo
    • Published: Jun. 08, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-1400

    The Economist screen saver 1999 with the "Password Protected" option enabled allows users with physical access to the machine to bypass the screen saver and read files by running Internet Explorer while the screen is still locked.... Read more

    Affected Products : the_economist_1999_screen_saver
    • Published: Jun. 03, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-2609

    The stuffit.com executable on Symantec PowerQuest DeployCenter 5.5 boot disks allows local users to obtain sensitive information (an unencrypted password for a Windows domain account) via four "stuffit /f:stuffit.dat" invocations, possibly due to a buffer... Read more

    Affected Products : powerquest_deploycenter
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-0458

    L0phtcrack 2.5 used temporary files in the system TEMP directory which could contain password information.... Read more

    Affected Products : l0phtcrack
    • Published: Jan. 06, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-1538

    When IIS 2 or 3 is upgraded to IIS 4, ism.dll is inadvertently left in /scripts/iisadmin, which does not restrict access to the local machine and allows an unauthorized user to gain access to sensitive server information, including the Administrator's pas... Read more

    Affected Products : internet_information_server
    • Published: Jan. 14, 1999
    • Modified: Apr. 03, 2025
Showing 20 of 293499 Results