Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2001-0069

    dialog before 0.9a-20000118-3bis in Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack.... Read more

    Affected Products : debian_linux
    • EPSS Score: %0.11
    • Published: Feb. 12, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0502

    Mcafee VirusScan 4.03 does not properly restrict access to the alert text file before it is sent to the Central Alert Server, which allows local users to modify alerts in an arbitrary fashion.... Read more

    Affected Products : virusscan
    • EPSS Score: %0.09
    • Published: Jun. 08, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0936

    Samba Web Administration Tool (SWAT) in Samba 2.0.7 installs the cgi.log logging file with world readable permissions, which allows local users to read sensitive information such as user names and passwords.... Read more

    Affected Products : samba
    • EPSS Score: %0.36
    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2012-6117

    Aeolus Configuration Server, as used in Red Hat CloudForms Cloud Engine before 1.1.2, uses world-readable permissions for /var/log/aeolus-configserver/configserver.log, which allows local users to read plaintext passwords by reading the log file.... Read more

    • EPSS Score: %0.10
    • Published: Mar. 12, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2001-0079

    Support Tools Manager (STM) A.22.00 for HP-UX allows local users to overwrite arbitrary files via a symlink attack on the tool_stat.txt log file.... Read more

    Affected Products : support_tools_manager
    • EPSS Score: %0.27
    • Published: Feb. 12, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-1731

    The System Request menu in IBM AS/400 allows local users to list valid user accounts by viewing the object names that are type USRPRF.... Read more

    Affected Products : os_400
    • EPSS Score: %0.76
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-1010

    An SSH 1.2.27 server allows a client to use the "none" cipher, even if it is not allowed by the server policy.... Read more

    Affected Products : openssh
    • EPSS Score: %0.24
    • Published: Dec. 14, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0559

    eTrust Intrusion Detection System (formerly SessionWall-3) uses weak encryption (XOR) to store administrative passwords in the registry, which allows local users to easily decrypt the passwords.... Read more

    Affected Products : etrust_intrusion_detection
    • EPSS Score: %0.12
    • Published: Jun. 07, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0275

    CRYPTOCard CryptoAdmin for PalmOS uses weak encryption to store a user's PIN number, which allows an attacker with access to the .PDB file to generate valid PT-1 tokens after cracking the PIN.... Read more

    Affected Products : cryptoadmin
    • EPSS Score: %0.32
    • Published: Apr. 10, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2014-2040

    Multiple cross-site scripting (XSS) vulnerabilities in the (1) callback_multicheck, (2) callback_radio, and (3) callback_wysiwygin functions in mfrh_class.settings-api.php in the Media File Renamer plugin 1.7.0 for WordPress allow remote authenticated use... Read more

    Affected Products : media_file_renamer
    • EPSS Score: %0.15
    • Published: Mar. 03, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2000-0462

    ftpd in NetBSD 1.4.2 does not properly parse entries in /etc/ftpchroot and does not chroot the specified users, which allows those users to access other files outside of their home directory.... Read more

    Affected Products : netbsd
    • EPSS Score: %0.14
    • Published: May. 28, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-1302

    The change password option in the Windows Security interface for Windows 2000 allows attackers to use the option to attempt to change passwords of other users on other systems or identify valid accounts by monitoring error messages, possibly due to a prob... Read more

    Affected Products : windows_2000
    • EPSS Score: %0.72
    • Published: Jul. 18, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-4691

    imake in NetBSD before 2.0.3, NetBSD-current before 12 September 2005, certain versions of X.Org, and certain versions of XFree86 allows local users to overwrite arbitrary files via a symlink attack on the temporary file for the file.0 target, which is us... Read more

    Affected Products : netbsd
    • EPSS Score: %0.08
    • Published: Dec. 31, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-0770

    romload.c in DGen Emulator 1.23 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files during decompression of (1) gzip or (2) bzip ROM files.... Read more

    Affected Products : debian_linux emulator
    • EPSS Score: %0.06
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0605

    Blackboard CourseInfo 4.0 stores the local and SQL administrator user names and passwords in cleartext in a registry key whose access control allows users to access the passwords.... Read more

    Affected Products : courseinfo
    • EPSS Score: %0.13
    • Published: Jul. 10, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-1141

    Recourse ManTrap 1.6 modifies the kernel so that ".." does not appear in the /proc listing, which allows attackers to determine that they are in a honeypot system.... Read more

    Affected Products : mantrap
    • EPSS Score: %0.12
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-1892

    NETGEAR FVS318 running firmware 1.1 stores the username and password in a readable format when a backup of the configuration file is made, which allows local users to obtain sensitive information.... Read more

    Affected Products : fvs318
    • EPSS Score: %0.14
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0445

    The pgpk command in PGP 5.x on Unix systems uses an insufficiently random data source for non-interactive key pair generation, which may produce predictable keys.... Read more

    Affected Products : pgp
    • EPSS Score: %0.26
    • Published: May. 24, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-1122

    Windows NT 4.0 SP 6a allows a local user with write access to winnt/system32 to cause a denial of service (crash in lsass.exe) by running the NT4ALL exploit program in 'SPECIAL' mode.... Read more

    Affected Products : windows_nt
    • EPSS Score: %0.30
    • Published: Aug. 03, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2011-5187

    Cross-site scripting (XSS) vulnerability in the Support Ticketing System module 6.x-1.x before 6.x-1.7 for Drupal allows remote authenticated users with the "administer support projects" permission to inject arbitrary web script or HTML via unspecified ve... Read more

    Affected Products : drupal support
    • EPSS Score: %0.34
    • Published: Sep. 20, 2012
    • Modified: Apr. 11, 2025
Showing 20 of 292228 Results