Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 1.9

    LOW
    CVE-2013-2302

    TransWARE Active! mail 6, when an external public interface is used, allows local users to obtain sensitive information belonging to arbitrary users by leveraging shell access, as demonstrated by a TELNET or SSH session to the server.... Read more

    Affected Products : active\!_mail
    • EPSS Score: %0.06
    • Published: Apr. 04, 2013
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2010-1775

    Race condition in Passcode Lock in Apple iOS before 4 on the iPhone and iPod touch allows physically proximate attackers to bypass intended passcode requirements, and pair a locked device with a computer and access arbitrary data, via vectors involving th... Read more

    Affected Products : iphone_os ipod_touch
    • EPSS Score: %0.05
    • Published: Jun. 22, 2010
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2011-3693

    NetSaro Enterprise Messenger Server 2.0 allows local users to discover cleartext server credentials by reading the NetSaro.fdb file.... Read more

    Affected Products : enterprise_messenger_server
    • EPSS Score: %0.06
    • Published: Sep. 27, 2011
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2014-1515

    Mozilla Firefox before 28.0.1 on Android processes a file: URL by copying a local file onto the SD card, which allows attackers to obtain sensitive information from the Firefox profile directory via a crafted application.... Read more

    Affected Products : android firefox
    • EPSS Score: %0.07
    • Published: Mar. 25, 2014
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2008-3876

    Apple iPhone 2.0.2, in some configurations, allows physically proximate attackers to bypass intended access restrictions, and obtain sensitive information or make arbitrary use of the device, via an Emergency Call tap and a Home double-tap, followed by a ... Read more

    Affected Products : iphone
    • EPSS Score: %0.06
    • Published: Sep. 02, 2008
    • Modified: Apr. 09, 2025

  • 1.9

    LOW
    CVE-2010-2371

    Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 6.1.1 allows local users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2010-2372.... Read more

    Affected Products : supply_chain_products_suite
    • EPSS Score: %0.07
    • Published: Jul. 13, 2010
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2003-1399

    eject 2.0.10, when installed setuid on systems such as SuSE Linux 7.3, generates different error messages depending on whether a specified file exists or not, which allows local users to obtain sensitive information.... Read more

    Affected Products : eject
    • EPSS Score: %0.06
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 1.9

    LOW
    CVE-2014-9415

    Huawei eSpace Desktop before V100R001C03 allows local users to cause a denial of service (program exit) via a crafted QES file.... Read more

    Affected Products : espace_desktop
    • EPSS Score: %0.11
    • Published: Dec. 24, 2014
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2010-3542

    Unspecified vulnerability in Oracle Solaris 8, 9, and 10, and OpenSolaris, allows local users to affect confidentiality, related to USB.... Read more

    Affected Products : solaris opensolaris
    • EPSS Score: %0.14
    • Published: Oct. 14, 2010
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2010-2619

    Citrix XenServer 5.0 Update 2 and earlier, and 5.5 Update 1 and earlier, when using a pvops kernel, allows guest users to cause a denial of service in the host via unspecified vectors that trigger "incorrectly set flags."... Read more

    Affected Products : xenserver
    • EPSS Score: %0.09
    • Published: Jul. 02, 2010
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2012-4693

    Invensys Wonderware InTouch 2012 R2 and earlier and Siemens ProcessSuite use a weak encryption algorithm for data in Ps_security.ini, which makes it easier for local users to discover passwords by reading this file.... Read more

    Affected Products : wonderware_intouch processsuite
    • EPSS Score: %0.08
    • Published: Dec. 18, 2012
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2013-0122

    The avast! Mobile Security application before 2.0.4400 for Android allows attackers to cause a denial of service (application crash) via a crafted application that sends an intent to com.avast.android.mobilesecurity.app.scanner.DeleteFileActivity with zer... Read more

    Affected Products : avast\!_mobile_security
    • EPSS Score: %0.07
    • Published: Apr. 22, 2013
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2011-3685

    Tembria Server Monitor before 6.0.5 Build 2252 uses a substitution cipher to encrypt application credentials, which allows local users to obtain sensitive information by leveraging read access to (1) authentication.dat or (2) XML files in the Exports dire... Read more

    Affected Products : server_monitor
    • EPSS Score: %0.05
    • Published: Sep. 27, 2011
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2014-4822

    IBM WebSphere MQ classes for Java libraries 8.0 before 8.0.0.1 and Websphere MQ Explorer 7.5 before 7.5.0.5 and 8.0 before 8.0.0.2 allow local users to discover preconfigured cleartext passwords via an unspecified trace operation.... Read more

    Affected Products : websphere_mq websphere_mq_explorer
    • EPSS Score: %0.05
    • Published: Oct. 19, 2014
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2013-0534

    The Connect client in IBM Sametime 8.5.1, 8.5.1.1, 8.5.1.2, 8.5.2, and 8.5.2.1, as used in the Lotus Notes client and separately, might allow local users to obtain sensitive information by leveraging the persistence of cleartext password strings within pr... Read more

    • EPSS Score: %0.05
    • Published: Jun. 21, 2013
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2007-4570

    Algorithmic complexity vulnerability in the MCS translation daemon in mcstrans 0.2.3 allows local users to cause a denial of service (temporary daemon outage) via a large range of compartments in sensitivity labels.... Read more

    Affected Products : enterprise_linux mcstrans
    • EPSS Score: %0.07
    • Published: Nov. 10, 2007
    • Modified: Apr. 09, 2025

  • 1.9

    LOW
    CVE-2007-1476

    The SymTDI device driver (SYMTDI.SYS) in Symantec Norton Personal Firewall 2006 9.1.1.7 and earlier, Internet Security 2005 and 2006, AntiVirus Corporate Edition 3.0.x through 10.1.x, and other Norton products, allows local users to cause a denial of serv... Read more

    • EPSS Score: %0.27
    • Published: Mar. 16, 2007
    • Modified: Apr. 09, 2025

  • 1.9

    LOW
    CVE-2024-53995

    SickChill is an automatic video library manager for TV shows. A user-controlled `login` endpoint's `next_` parameter takes arbitrary content. Prior to commit c7128a8946c3701df95c285810eb75b2de18bf82, an authenticated attacker may use this to redirect the ... Read more

    Affected Products :
    • Published: Jan. 08, 2025
    • Modified: Jan. 08, 2025
    • Vuln Type: Authentication

  • 1.9

    LOW
    CVE-2012-4508

    Race condition in fs/ext4/extents.c in the Linux kernel before 3.4.16 allows local users to obtain sensitive information from a deleted file by reading an extent that was not properly marked as uninitialized.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.06
    • Published: Dec. 21, 2012
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2012-6544

    The Bluetooth protocol stack in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that targets the (1) L2CAP or (2) HCI ... Read more

    Affected Products : linux_kernel enterprise_linux
    • EPSS Score: %0.08
    • Published: Mar. 15, 2013
    • Modified: Apr. 11, 2025
Showing 20 of 291209 Results