Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-1999-1364

    Windows NT 4.0 allows local users to cause a denial of service (crash) via an illegal kernel mode address to the functions (1) GetThreadContext or (2) SetThreadContext.... Read more

    Affected Products : windows_nt
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0547

    Memory leak in the proxy service in Microsoft Internet Security and Acceleration (ISA) Server 2000 allows local attackers to cause a denial of service (resource exhaustion).... Read more

    Affected Products : isa_server
    • Published: Sep. 20, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2014-1234

    The paratrooper-newrelic gem 1.0.1 for Ruby allows local users to obtain the X-Api-Key value by listing the curl process.... Read more

    Affected Products : paratrooper-newrelic
    • Published: Jan. 10, 2014
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2014-1233

    The paratrooper-pingdom gem 1.0.0 for Ruby allows local users to obtain the App-Key, username, and password values by listing the curl process.... Read more

    Affected Products : paratrooper-pingdom
    • Published: Jan. 10, 2014
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2000-0008

    FTPPro allows local users to read sensitive information, which is stored in plain text.... Read more

    Affected Products : ftppro
    • Published: Dec. 26, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-1676

    BindView NetInventory 1.0, when used with NetRC 1.0, allows local users to read sensitive information (passwords) by deleting the HOSTCFG._NI file and forcing an audit, which rewrites the HOSTCFG._NI to HOSTCFG.INI and stores the passwords in cleartext un... Read more

    Affected Products : netrc netinventory
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-1146

    Recourse ManTrap 1.6 allows attackers to cause a denial of service via a sequence of commands that navigate into and out of the /proc/self directory and executing various commands such as ls or pwd.... Read more

    Affected Products : mantrap
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-1011

    LetterMerger 1.2 stores user information in Access database files with insecure permissions, which allows local users to obtain sensitive information. NOTE: the provenance of this information is unknown; the details are obtained solely from third party i... Read more

    Affected Products : lettermerger
    • Published: Mar. 06, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-1270

    Mac OS X 10.2.2 allows local users to read files that only allow write access via the map_fd() Mach system call.... Read more

    Affected Products : mac_os_x
    • Published: Dec. 11, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2014-8733

    Cloudera Manager 5.2.0, 5.2.1, and 5.3.0 stores the LDAP bind password in plaintext in unspecified world-readable files under /etc/hadoop, which allows local users to obtain this password.... Read more

    Affected Products : cloudera_manager
    • Published: Feb. 10, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2005-0923

    The SmartScan feature in the Auto-Protect module for Symantec Norton AntiVirus 2004 and 2005, as also used in Internet Security 2004/2005 and System Works 2004/2005, allows attackers to cause a denial of service (CPU consumption and system crash) by renam... Read more

    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2009-2031

    smbfs in Sun OpenSolaris snv_84 through snv_110, when default mount permissions are used, allows local users to read arbitrary files, and list arbitrary directories, on CIFS volumes.... Read more

    Affected Products : opensolaris
    • Published: Jun. 11, 2009
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2013-1956

    The create_user_ns function in kernel/user_namespace.c in the Linux kernel before 3.8.6 does not check whether a chroot directory exists that differs from the namespace root directory, which allows local users to bypass intended filesystem restrictions vi... Read more

    Affected Products : linux_kernel
    • Published: Apr. 24, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2012-4492

    Multiple cross-site scripting (XSS) vulnerabilities in the Shorten URLs module 6.x-1.x before 6.x-1.13 and 7.x-1.x before 7.x-1.2 for Drupal allow remote authenticated users with certain permissions to inject arbitrary web script or HTML via unspecified v... Read more

    Affected Products : drupal shorten
    • Published: Oct. 31, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2014-6147

    IBM Flex System Manager (FSM) 1.1.x.x, 1.2.0.x, 1.2.1.x, 1.3.0.0, 1.3.1.0, and 1.3.2.0 allows local users to obtain sensitive information, and consequently gain privileges or conduct impersonation attacks, via unspecified vectors.... Read more

    Affected Products : flex_system_manager
    • Published: Feb. 19, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2004-2436

    Computer Associates Unicenter Common Services 3.0 and earlier stores the database "SA" password in cleartext in the TndAddNspTmp.bat file, which could allow local users to gain privileges.... Read more

    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-2879

    Advansysperu Software USB Lock Auto-Protect (AP) 1.5 uses a weak encryption scheme to encrypt passwords, which allows local users to gain sensitive information and bypass USB interface protection.... Read more

    Affected Products : usb_lock_auto-protect
    • Published: Sep. 14, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-3782

    Mac OS X 10.4.3 up to 10.4.6, when loginwindow uses the "Name and password" setting, and the "Show the Restart, Sleep, and Shut Down buttons" option is disabled, allows users with physical access to bypass login and reboot the system by entering ">restart... Read more

    Affected Products : mac_os_x mac_os_x_server
    • Published: Dec. 31, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-1844

    The Debian installer for the (1) shadow 4.0.14 and (2) base-config 2.53.10 packages includes sensitive information in world-readable log files, including preseeded passwords and pppoeconf passwords, which might allow local users to gain privileges.... Read more

    Affected Products : shadow base-config
    • Published: Apr. 19, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-2605

    aStats 1.6.5 allows local users to overwrite arbitrary files via a symlink attack on (1) the aStats-Graphic-Signature-Generation file and (2) certain PNG image files.... Read more

    Affected Products : astats
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025
Showing 20 of 293611 Results