Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2004-0812

    Unknown vulnerability in the Linux kernel before 2.4.23, on the AMD AMD64 and Intel EM64T architectures, associated with "setting up TSS limits," allows local users to cause a denial of service (crash) and possibly execute arbitrary code.... Read more

    • Published: Apr. 14, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2003-0727

    Multiple buffer overflows in the XML Database (XDB) functionality for Oracle 9i Database Release 2 allow local users to cause a denial of service or hijack user sessions.... Read more

    Affected Products : database_server
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-2100

    The rw_vm function in usercopy.c in the 4GB split patch for the Linux kernel in Red Hat Enterprise Linux 4 does not perform proper bounds checking, which allows local users to cause a denial of service (crash).... Read more

    • Published: Oct. 25, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0019

    Arrowpoint (aka Cisco Content Services, or CSS) allows local users to cause a denial of service via a long argument to the "show script," "clear script," "show archive," "clear archive," "show log," or "clear log" commands.... Read more

    Affected Products : arrowpoint content_services_switch
    • Published: Feb. 12, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-3825

    The IPv4 implementation in Sun Solaris 10 before 20060721 allows local users to select routes that differ from the routing table, possibly facilitating firewall bypass or unauthorized network communication.... Read more

    Affected Products : solaris
    • Published: Jul. 25, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-1144

    Recourse ManTrap 1.6 sets up a chroot environment to hide the fact that it is running, but the inode number for the resulting "/" file system is higher than normal, which allows attackers to determine that they are in a chroot environment.... Read more

    Affected Products : mantrap
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-1560

    Win32k.sys (aka Graphics Device Interface (GDI)) in Windows 2000 and XP allows local users to cause a denial of service (system crash) by calling the ShowWindow function after receiving a WM_NCCREATE message.... Read more

    Affected Products : windows_2000 windows_xp
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-1387

    iptables-save in iptables before 1.2.4 records the "--reject-with icmp-host-prohibited" rule as "--reject-with tcp-reset," which causes iptables to generate different responses than specified by the administrator, possibly leading to an information leak.... Read more

    Affected Products : linux iptables
    • Published: Nov. 05, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-0798

    Vulnerability in swinstall for HP-UX 11.00 and 11.11 allows local users to view obtain data views for files that cannot be directly read by the user, which reportedly can be used to cause a denial of service.... Read more

    Affected Products : hp-ux
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-0806

    Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, allows authenticated users with editing privileges to delete other users by directly calling the editusers.cgi script with the "del" option.... Read more

    Affected Products : bugzilla
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-0214

    Compaq Intel PRO/Wireless 2011B LAN USB Device Driver 1.5.16.0 through 1.5.18.0 stores the 128-bit WEP (Wired Equivalent Privacy) key in plaintext in a registry key with weak permissions, which allows local users to decrypt network traffic by reading the ... Read more

    • Published: May. 16, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-1190

    imwheel-solo in imwheel package allows local users to modify arbitrary files via a symlink attack from the .imwheelrc file.... Read more

    Affected Products : imwheel
    • Published: Aug. 31, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-1340

    Debian GNU/Linux 3.0 installs the libpam-radius-auth package with the pam_radius_auth.conf set to be world-readable, which allows local users to obtain sensitive information.... Read more

    Affected Products : debian_linux
    • Published: Jan. 26, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-3124

    syslogtocern in Acme thttpd before 2.23 allows local users to write arbitrary files via a symlink attack on a temporary file.... Read more

    Affected Products : thttpd
    • Published: Nov. 06, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-1517

    RunAs (runas.exe) in Windows 2000 stores cleartext authentication information in memory, which could allow attackers to obtain usernames and passwords by executing a process that is allocated the same memory page after termination of a RunAs command. NOT... Read more

    Affected Products : windows_2000
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-1108

    qpkg in Gentoolkit 0.2.0_pre10 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary directory.... Read more

    Affected Products : linux
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0928

    WQuinn QuotaAdvisor 4.1 allows users to list directories and files by running a report on the targeted shares.... Read more

    Affected Products : diskadvisor
    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-1259

    Microsoft Office 98, Macintosh Edition, does not properly initialize the disk space used by Office 98 files and effectively inserts data from previously deleted files into the Office file, which could allow attackers to obtain sensitive information.... Read more

    Affected Products : office
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-0970

    The (1) gzexe, (2) zdiff, and (3) znew scripts in the gzip package, as used by other packages such as ncompress, allows local users to overwrite files via a symlink attack on temporary files. NOTE: the znew vulnerability may overlap CVE-2003-0367.... Read more

    Affected Products : gzip
    • Published: Feb. 09, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-0662

    scrollkeeper-get-cl in ScrollKeeper 0.3 to 0.3.11 allows local users to create and overwrite files via a symlink attack on the scrollkeeper-tempfile.x temporary files.... Read more

    Affected Products : linux scrollkeeper
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025
Showing 20 of 293298 Results