Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2007-3720

    The process scheduler in the Linux kernel 2.4 performs scheduling based on CPU billing gathered from periodic process sampling ticks, which allows local users to cause a denial of service (CPU consumption) by performing voluntary nanosecond sleeps that re... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.06
    • Published: Jul. 12, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2008-5417

    HP DECnet-Plus 8.3 before ECO03 for OpenVMS on the Alpha platform uses world-writable permissions for the OSIT$NAMES logical name table, which allows local users to bypass intended access restrictions and modify this table via the (1) SYS$CRELNM and (2) S... Read more

    Affected Products : decnet_plus_for_openvms openvms
    • EPSS Score: %0.08
    • Published: Dec. 10, 2008
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2007-4394

    Unspecified vulnerability in a "core clean" cron job created by the findutils-locate package on SUSE Linux 10.0 and 10.1 and Enterprise Server 9 and 10 before 20070810 allows local users to delete of arbitrary files via unknown vectors.... Read more

    Affected Products : suse_linux suse_linux
    • EPSS Score: %0.04
    • Published: Aug. 17, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2007-4898

    Unspecified vulnerability in the Multiwiki plugin in XWiki before 1.1 Enterprise RC2 allows remote authenticated users, with administrative access to one wiki in a multiwiki environment, to obtain sensitive information via unknown attack vectors. NOTE: S... Read more

    Affected Products : xwiki
    • EPSS Score: %0.05
    • Published: Sep. 14, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2007-6680

    Trusted Execution in IBM AIX 6.1 uses an incorrect pathname argument in a call to the trustchk_block_write function, which might allow local users to modify trusted files, related to an error in the support for links in the TSD_FILES_LOCK policy.... Read more

    Affected Products : aix
    • EPSS Score: %0.07
    • Published: Jan. 10, 2008
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2007-6267

    Citrix EdgeSight 4.2 and 4.5 for Presentation Server, EdgeSight 4.2 and 4.5 for Endpoints, and EdgeSight for NetScaler 1.0 and 1.1 do not properly store database credentials in configuration files, which allows local users to obtain sensitive information.... Read more

    • EPSS Score: %0.08
    • Published: Dec. 07, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2007-5701

    Incomplete blacklist vulnerability in the Certificate Authority (CA) in IBM Lotus Domino before 7.0.3 allows local users, or attackers with physical access, to obtain sensitive information (passwords) when an administrator enters a "ca activate" or "ca un... Read more

    Affected Products : lotus_domino
    • EPSS Score: %0.05
    • Published: Oct. 29, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2007-5086

    Kaspersky Anti-Virus (KAV) and Internet Security 7.0 build 125 do not properly validate certain parameters to System Service Descriptor Table (SSDT) and Shadow SSDT function handlers, which allows local users to cause a denial of service (crash) via the (... Read more

    • EPSS Score: %0.06
    • Published: Sep. 26, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2008-7207

    RivetTracker before 1.0 stores passwords in cleartext in config.php, which allows local users to discover passwords by reading config.php.... Read more

    Affected Products : rivettracker
    • EPSS Score: %0.06
    • Published: Sep. 11, 2009
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2009-2796

    The UIKit component in Apple iPhone OS 3.0, and iPhone OS 3.0.1 for iPod touch, allows physically proximate attackers to discover a password by watching a user undo deletions of characters in the password.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.07
    • Published: Sep. 10, 2009
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2007-5040

    Ghost Security Suite alpha 1.200 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via the (1) NtCreateKey,... Read more

    Affected Products : ghost_security_suite
    • EPSS Score: %0.06
    • Published: Sep. 24, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2007-5827

    iSCSI Enterprise Target (iscsitarget) 0.4.15 uses weak permissions for /etc/ietd.conf, which allows local users to obtain passwords.... Read more

    Affected Products : debian_linux iscsitarget
    • EPSS Score: %0.05
    • Published: Nov. 05, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2008-2159

    Microsoft Internet Explorer 7 can save encrypted pages in the cache even when the DisableCachingOfSSLPages registry setting is enabled, which might allow local users to obtain sensitive information.... Read more

    Affected Products : internet_explorer
    • EPSS Score: %0.84
    • Published: May. 12, 2008
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2007-5039

    Ghost Security Suite beta 1.110 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via the (1) NtCreateKey, ... Read more

    Affected Products : ghost_security_suite
    • EPSS Score: %0.07
    • Published: Sep. 24, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2007-3722

    The 4BSD process scheduler in the FreeBSD kernel performs scheduling based on CPU billing gathered from periodic process sampling ticks, which allows local users to cause a denial of service (CPU consumption) by performing voluntary nanosecond sleeps that... Read more

    Affected Products : freebsd
    • EPSS Score: %0.06
    • Published: Jul. 12, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2007-3706

    The _sanitize_globals function in CodeIgniter 1.5.3 before 20070628 allows remote attackers to unset arbitrary global variables with unspecified impact, as demonstrated by a _SERVER cookie.... Read more

    Affected Products : codeigniter
    • EPSS Score: %0.16
    • Published: Jul. 11, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2008-1431

    RaidSonic NAS-4220-B with 2.6.0-n(2007-10-11) firmware stores a partition encryption key in an unencrypted /system/.crypt file with base64 encoding, which allows local users to obtain the key.... Read more

    Affected Products : firmware nas-4220-b
    • EPSS Score: %0.04
    • Published: Mar. 20, 2008
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2009-3488

    Cross-site scripting (XSS) vulnerability in the Bibliography (aka Biblio) module 6.x-1.6 for Drupal allows remote authenticated users, with certain content-creation privileges, to inject arbitrary web script or HTML via the Title field, probably a differe... Read more

    Affected Products : drupal bibliography
    • EPSS Score: %0.20
    • Published: Sep. 30, 2009
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2025-0883

    Improper Neutralization of Script in an Error Message Web Page vulnerability in OpenText™ Service Manager.  The vulnerability could reveal sensitive information retained by the browser. This issue affects Service Manager: 9.70, 9.71, 9.72, 9.80.... Read more

    Affected Products :
    • Published: Mar. 12, 2025
    • Modified: Mar. 12, 2025
    • Vuln Type: Information Disclosure

  • 2.1

    LOW
    CVE-2020-14541

    Vulnerability in the Hyperion Financial Close Management product of Oracle Hyperion (component: Close Manager). The supported version that is affected is 11.1.2.4. Difficult to exploit vulnerability allows high privileged attacker with network access via ... Read more

    • EPSS Score: %0.22
    • Published: Jul. 15, 2020
    • Modified: Nov. 21, 2024
Showing 20 of 291578 Results