Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2007-2617

    srsexec in Sun Remote Services (SRS) Net Connect Software Proxy Core package in Sun Solaris 10 does not enforce file permissions when opening files, which allows local users to read the first line of arbitrary files via the -d and -v options.... Read more

    Affected Products : solaris net_connect_software
    • Published: May. 11, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2007-3099

    usr/mgmt_ipc.c in iscsid in open-iscsi (iscsi-initiator-utils) before 2.0-865 checks the client's UID on the listening AF_LOCAL socket instead of the new connection, which allows remote attackers to access the management interface and cause a denial of se... Read more

    Affected Products : enterprise_linux
    • Published: Jun. 14, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2010-3881

    arch/x86/kvm/x86.c in the Linux kernel before 2.6.36.2 does not initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory via read operations on the /dev/kvm device.... Read more

    • Published: Dec. 23, 2010
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2009-0014

    Folder Manager in Apple Mac OS X 10.5.6 uses insecure default permissions when recreating a Downloads folder after it has been deleted, which allows local users to bypass intended access restrictions and read the Downloads folder.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • Published: Feb. 13, 2009
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2015-5854

    The backup implementation in Time Machine in Apple OS X before 10.11 allows local users to obtain access to keychain items via unspecified vectors.... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: Oct. 09, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2015-2661

    Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows local users to affect availability via unknown vectors related to Client.... Read more

    Affected Products : ubuntu_linux mysql
    • Published: Jul. 16, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2015-5892

    Siri in Apple iOS before 9 allows physically proximate attackers to bypass an intended client-side protection mechanism and obtain sensitive content-notification information by listening to a device in the lock-screen state.... Read more

    Affected Products : iphone_os
    • Published: Sep. 18, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2005-1765

    syscall in the Linux kernel 2.6.8.1 and 2.6.10 for the AMD64 platform, when running in 32-bit compatibility mode, allows local users to cause a denial of service (kernel hang) via crafted arguments.... Read more

    Affected Products : linux_kernel
    • Published: May. 31, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2010-2226

    The xfs_swapext function in fs/xfs/xfs_dfrag.c in the Linux kernel before 2.6.35 does not properly check the file descriptors passed to the SWAPEXT ioctl, which allows local users to leverage write access and obtain read access by swapping one file into a... Read more

    • Published: Sep. 03, 2010
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2015-5832

    The iTunes Store component in Apple iOS before 9 does not properly delete AppleID credentials from the keychain upon a signout action, which might allow physically proximate attackers to obtain sensitive information via unspecified vectors.... Read more

    Affected Products : iphone_os
    • Published: Sep. 18, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2005-2032

    Unknown vulnerability in lpadmin on Sun Solaris 7, 8, and 9 allows local users to overwrite arbitrary files.... Read more

    Affected Products : solaris sunos
    • Published: Jun. 16, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2010-0791

    The (1) ncpmount, (2) ncpumount, and (3) ncplogin programs in ncpfs 2.2.6 do not properly create lock files, which allows local users to cause a denial of service (application failure) via unspecified vectors that trigger the creation of a /etc/mtab~ file... Read more

    Affected Products : ncpfs
    • Published: Mar. 10, 2010
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2015-5850

    AppleKeyStore in Apple iOS before 9 allows physically proximate attackers to reset the count of incorrect passcode attempts via a device backup.... Read more

    Affected Products : iphone_os
    • Published: Sep. 18, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2014-8136

    The (1) qemuDomainMigratePerform and (2) qemuDomainMigrateFinish2 functions in qemu/qemu_driver.c in libvirt do not unlock the domain when an ACL check fails, which allow local users to cause a denial of service via unspecified vectors.... Read more

    • Published: Dec. 19, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2014-7824

    D-Bus 1.3.0 through 1.6.x before 1.6.26, 1.8.x before 1.8.10, and 1.9.x before 1.9.2 allows local users to cause a denial of service (prevention of new connections and connection drop) by queuing the maximum number of file descriptors. NOTE: this vulnera... Read more

    Affected Products : ubuntu_linux debian_linux dbus mageia
    • Published: Nov. 18, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2014-4403

    The kernel in Apple OS X before 10.9.5 allows local users to obtain sensitive address information and bypass the ASLR protection mechanism by leveraging predictability of the location of the CPU Global Descriptor Table.... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: Sep. 19, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2015-1680

    The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow local users to bypass the ASLR p... Read more

    • Published: May. 13, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2008-3272

    The snd_seq_oss_synth_make_info function in sound/core/seq/oss/seq_oss_synth.c in the sound subsystem in the Linux kernel before 2.6.27-rc2 does not verify that the device number is within the range defined by max_synthdev before returning certain data to... Read more

    • Published: Aug. 08, 2008
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2013-2546

    The report API in the crypto user configuration API in the Linux kernel through 3.8.2 uses an incorrect C library function for copying strings, which allows local users to obtain sensitive information from kernel stack memory by leveraging the CAP_NET_ADM... Read more

    Affected Products : linux_kernel enterprise_mrg
    • Published: Mar. 15, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2016-8305

    Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Core). Supported versions that are affected are 11.3.0, 11.4.0, 12.0.1, 12.0.2, 12.0.3, 12.1.0 and 12.2.0. Easily exploitable vulnera... Read more

    Affected Products : flexcube_universal_banking
    • Published: Jan. 27, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 293629 Results