Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2010-1451

    The TSB I-TLB load implementation in arch/sparc/kernel/tsb.S in the Linux kernel before 2.6.33 on the SPARC platform does not properly obtain the value of a certain _PAGE_EXEC_4U bit and consequently does not properly implement a non-executable stack, whi... Read more

    Affected Products : linux_kernel debian_linux
    • EPSS Score: %0.10
    • Published: May. 07, 2010
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2006-4187

    Unspecified vulnerability in HP-UX B.11.00, B.11.11 and B.11.23, when running in trusted mode, allows local users to cause a denial of service via unspecified vectors.... Read more

    Affected Products : hp-ux
    • EPSS Score: %0.06
    • Published: Aug. 17, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-4820

    Unspecified vulnerability in X.25 on HP-UX B.11.00, B.11.11, and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors.... Read more

    Affected Products : hp-ux
    • EPSS Score: %0.06
    • Published: Sep. 15, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-0023

    gnome-pty-helper in GNOME libzvt2 and libvte4 allows local users to spoof the logon hostname via a modified DISPLAY environment variable. NOTE: the severity of this issue has been disputed.... Read more

    Affected Products : libvte4 libzvt2
    • EPSS Score: %0.15
    • Published: Oct. 05, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-0387

    remstats 1.0.13 and earlier, when processing uptime data, allows local users to create or overwrite arbitrary files via a symlink attack on temporary files.... Read more

    Affected Products : remstats
    • EPSS Score: %0.08
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-0423

    The log_event function in ssmtp 2.50.6 and earlier allows local users to overwrite arbitrary files via a symlink attack on the ssmtp.log temporary log file.... Read more

    Affected Products : ssmtp
    • EPSS Score: %0.08
    • Published: Jul. 07, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-1237

    Unknown vulnerability in the system call filtering code in the audit subsystem for Red Hat Enterprise Linux 3 allows local users to cause a denial of service (system crash) via unknown vectors.... Read more

    • EPSS Score: %0.06
    • Published: Apr. 14, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2009-0754

    PHP 4.4.4, 5.1.6, and other versions, when running on Apache, allows local users to modify behavior of other sites hosted on the same web server by modifying the mbstring.func_overload setting within .htaccess, which causes this setting to be applied to o... Read more

    Affected Products : php apache
    • EPSS Score: %0.27
    • Published: Mar. 03, 2009
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2015-1426

    Puppet Labs Facter 1.6.0 through 2.4.0 allows local users to obtains sensitive Amazon EC2 IAM instance metadata by reading a fact for an Amazon EC2 node.... Read more

    Affected Products : facter facter
    • EPSS Score: %0.06
    • Published: Feb. 23, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2025-3840

    An improper neutralization of input vulnerability was identified in the End of Life (EOL) OVA based connect installer component which is deployed for installation purposes in a customer network. This EOL component was deprecated in September 2023 with end... Read more

    Affected Products :
    • Published: Apr. 21, 2025
    • Modified: Apr. 21, 2025
    • Vuln Type: Cross-Site Scripting

  • 2.1

    LOW
    CVE-2011-1307

    The installer in IBM WebSphere Application Server (WAS) before 7.0.0.15 uses 777 permissions for a temporary log directory, which allows local users to have unintended access to log files via standard filesystem operations, a different vulnerability than ... Read more

    Affected Products : websphere_application_server
    • EPSS Score: %0.05
    • Published: Mar. 08, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2024-12706

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in OpenText™ Digital Asset Management. T he vulnerability could allow an authenticated user to run arbitrary SQL commands on the underlying database. Thi... Read more

    Affected Products :
    • Published: Apr. 28, 2025
    • Modified: Apr. 29, 2025
    • Vuln Type: Injection

  • 2.1

    LOW
    CVE-2005-1858

    FUSE 2.x before 2.3.0 does not properly clear previously used memory from unfilled pages when the filesystem returns a short byte count to a read request, which may allow local users to obtain sensitive information.... Read more

    Affected Products : fuse
    • EPSS Score: %0.18
    • Published: Jun. 03, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-2353

    run-mozilla.sh in Thunderbird, with debugging enabled, allows local users to create or overwrite arbitrary files via a symlink attack on temporary files.... Read more

    Affected Products : thunderbird
    • EPSS Score: %0.08
    • Published: Aug. 05, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-0732

    The logging facility of the Debian smtp-refuser package allows local users to delete arbitrary files using symbolic links.... Read more

    Affected Products : debian_linux
    • EPSS Score: %0.14
    • Published: Aug. 19, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-1761

    Linux kernel 2.6 and 2.4 on the IA64 architecture allows local users to cause a denial of service (kernel crash) via ptrace and the restore_sigcontext function.... Read more

    • EPSS Score: %0.03
    • Published: Aug. 05, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2012-1717

    Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows local users to affect confidentiality via unknown vectors... Read more

    • EPSS Score: %0.16
    • Published: Jun. 16, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2002-0497

    Buffer overflow in mtr 0.46 and earlier, when installed setuid root, allows local users to access a raw socket via a long MTR_OPTIONS environment variable.... Read more

    Affected Products : mtr
    • EPSS Score: %0.24
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0474

    Utah-glx in Mesa before 3.3-14 on Mandrake Linux 7.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/glxmemory file.... Read more

    Affected Products : mandrake_linux mesa
    • EPSS Score: %0.14
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-2533

    OpenVPN before 2.0.1, when running in "dev tap" Ethernet bridging mode, allows remote authenticated clients to cause a denial of service (memory exhaustion) via a flood of packets with a large number of spoofed MAC addresses.... Read more

    Affected Products : openvpn
    • EPSS Score: %0.27
    • Published: Aug. 24, 2005
    • Modified: Apr. 03, 2025
Showing 20 of 291623 Results