Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-1999-1010

    An SSH 1.2.27 server allows a client to use the "none" cipher, even if it is not allowed by the server policy.... Read more

    Affected Products : openssh
    • Published: Dec. 14, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-1098

    Cisco PIX firewall manager (PFM) 4.3(2)g logs the enable password in plaintext in the pfm.log file, which could allow local users to obtain the password by reading the file.... Read more

    Affected Products : pix_firewall_manager
    • Published: Oct. 10, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-2076

    HP Version Control Repository Manager (VCRM) before 2.1.1.730 does not properly handle the "@" character in a proxy password, which could allow attackers with physical access to obtain portions of the password when it is displayed to the screen.... Read more

    • Published: Jun. 29, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0444

    Cisco CBOS 2.3.0.053 sends output of the "sh nat" (aka "show nat") command to the terminal of the next user who attempts to connect to the router via telnet, which could allow that user to obtain sensitive information.... Read more

    Affected Products : cbos
    • Published: Jul. 02, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0890

    Certain backend drivers in the SANE library 1.0.3 and earlier, as used in frontend software such as XSane, allows local users to modify files via a symlink attack on temporary files.... Read more

    Affected Products : linux sane
    • Published: Dec. 11, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-0787

    The SSH authentication agent follows symlinks via a UNIX domain socket.... Read more

    Affected Products : ssh
    • Published: Sep. 17, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-0499

    The d_path function in Linux kernel 2.2.20 and earlier, and 2.4.18 and earlier, truncates long pathnames without generating an error, which could allow local users to force programs to perform inappropriate operations on the wrong directories.... Read more

    Affected Products : linux_kernel
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-0577

    Vulnerability in passwd for HP-UX 11.00 and 11.11 allows local users to corrupt the password file and cause a denial of service.... Read more

    Affected Products : hp-ux
    • Published: Jun. 18, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-0803

    The fwluser script in AIX eNetwork Firewall allows local users to write to arbitrary files via a symlink attack.... Read more

    Affected Products : aix_enetwork_firewall
    • Published: May. 25, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-0507

    An interaction between Microsoft Outlook Web Access (OWA) with RSA SecurID allows local users to bypass the SecurID authentication for a previous user via several submissions of an OWA Authentication request with the proper OWA password for the previous u... Read more

    Affected Products : exchange_server securid
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-0712

    Entrust Authority Security Manager (EASM) 6.0 does not properly require multiple master users to change the password of a master user, which could allow a master user to perform operations that require multiple authorizations.... Read more

    • Published: Feb. 03, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-0967

    NCP Network Communication Secure Client 8.11 Build 146, and possibly other versions, allows local users to cause a denial of service (memory usage and cpu utilization) via a flood of arbitrary UDP datagrams to ports 0 to 65000. NOTE: this issue was report... Read more

    Affected Products : secure_client
    • Published: Mar. 02, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0691

    The faxrunq and faxrunqd in the mgetty package allows local users to create or modify arbitrary files via a symlink attack which creates a symlink in from /var/spool/fax/outgoing/.last_run to the target file.... Read more

    Affected Products : linux mgetty
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0881

    The dccscan setuid program in LPPlus does not properly check if the user has the permissions to print the file that is specified to dccscan, which allows local users to print arbitrary files.... Read more

    Affected Products : lpplus
    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-1118

    ndd in Solaris 2.6 allows local users to cause a denial of service by modifying certain TCP/IP parameters.... Read more

    Affected Products : solaris
    • Published: Mar. 11, 1998
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0679

    The CVS 1.10.8 client trusts pathnames that are provided by the CVS server, which allows the server to force the client to create arbitrary files.... Read more

    Affected Products : cvs
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-0859

    Solaris arp allows local users to read files via the -f parameter, which lists lines in the file that do not parse properly.... Read more

    Affected Products : solaris sunos
    • Published: Dec. 01, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-0893

    userOsa in SCO OpenServer allows local users to corrupt files via a symlink attack.... Read more

    Affected Products : openserver
    • Published: Oct. 11, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-1083

    The xp_showcolv function in SQL Server and Microsoft SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an at... Read more

    Affected Products : sql_server sql_server data_engine
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-0640

    Orbicule Undercover allows attackers with physical or root access to disable the protection by using the chmod command to change the permissions of the /private/etc/uc.app/Contents/MacOS/uc file, which prevents the service from being started in LaunchDaem... Read more

    Affected Products : undercover
    • Published: Feb. 10, 2006
    • Modified: Apr. 03, 2025
Showing 20 of 293608 Results