Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 1.7

    LOW
    CVE-2006-5749

    The isdn_ppp_ccp_reset_alloc_state function in drivers/isdn/isdn_ppp.c in the Linux 2.4 kernel before 2.4.34-rc4 does not call the init_timer function for the ISDN PPP CCP reset state timer, which has unknown attack vectors and results in a system crash.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.08
    • Published: Dec. 31, 2006
    • Modified: Apr. 09, 2025

  • 1.7

    LOW
    CVE-2013-2997

    IBM Security AppScan Enterprise before 8.7 does not invalidate the session context upon a logout action, which allows remote attackers to hijack sessions by leveraging an unattended workstation.... Read more

    Affected Products : security_appscan
    • EPSS Score: %0.08
    • Published: Sep. 08, 2013
    • Modified: Apr. 11, 2025

  • 1.7

    LOW
    CVE-2006-6510

    An unspecified ActiveX control in SiteKiosk before 6.5.150 is installed "safe for scripting", which allows local users to bypass security protections and read arbitrary files via certain functions.... Read more

    Affected Products : sitekiosk
    • EPSS Score: %0.08
    • Published: Dec. 14, 2006
    • Modified: Apr. 09, 2025

  • 1.7

    LOW
    CVE-2006-0386

    FileVault in Mac OS X 10.4.5 and earlier does not properly mount user directories when creating a FileVault image, which allows local users to access protected files when FileVault is enabled.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • EPSS Score: %0.07
    • Published: Mar. 03, 2006
    • Modified: Apr. 03, 2025

  • 1.7

    LOW
    CVE-2006-6655

    The procfs implementation in NetBSD-current before 20061023, NetBSD 3.0 and 3.0.1 before 20061024, and NetBSD 2.x before 20061029 allows local users to cause a denial of service (kernel panic) by attempting to access /emul/linux/proc/0/stat on a procfs fi... Read more

    Affected Products : netbsd
    • EPSS Score: %0.06
    • Published: Dec. 20, 2006
    • Modified: Apr. 09, 2025

  • 1.7

    LOW
    CVE-2011-0796

    Unspecified vulnerability in the Applications Install component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows local users to affect confidentiality via unknown vectors.... Read more

    Affected Products : e-business_suite
    • EPSS Score: %0.08
    • Published: Apr. 20, 2011
    • Modified: Apr. 11, 2025

  • 1.7

    LOW
    CVE-2006-4642

    AuditWizard 6.3.2, when using "Remote Audit," logs the administrator password in plaintext to LaytonCmdSvc.log, which allows local users to obtain sensitive information by reading the file.... Read more

    Affected Products : auditwizard
    • EPSS Score: %0.07
    • Published: Sep. 08, 2006
    • Modified: Apr. 03, 2025

  • 1.7

    LOW
    CVE-2002-0415

    Directory traversal vulnerability in the web server used in RealPlayer 6.0.7, and possibly other versions, may allow local users to read files that are accessible to RealPlayer via a .. (dot dot) in an HTTP GET request to port 1275.... Read more

    Affected Products : realplayer
    • EPSS Score: %0.37
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 1.7

    LOW
    CVE-2015-1009

    Schneider Electric InduSoft Web Studio before 7.1.3.5 Patch 5 and Wonderware InTouch Machine Edition through 7.1 SP3 Patch 4 use cleartext for project-window password storage, which allows local users to obtain sensitive information by reading a file.... Read more

    Affected Products : intouch web_studio
    • EPSS Score: %0.11
    • Published: Aug. 01, 2015
    • Modified: Apr. 12, 2025

  • 1.7

    LOW
    CVE-2011-3539

    Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows local users to affect availability via unknown vectors related to Zones.... Read more

    Affected Products : solaris
    • EPSS Score: %0.10
    • Published: Oct. 18, 2011
    • Modified: Apr. 11, 2025

  • 1.7

    LOW
    CVE-2009-3401

    Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.1 allows local users to affect confidentiality via unknown vectors.... Read more

    Affected Products : e-business_suite
    • EPSS Score: %0.23
    • Published: Oct. 22, 2009
    • Modified: Apr. 09, 2025

  • 1.7

    LOW
    CVE-2006-6107

    Unspecified vulnerability in the match_rule_equal function in bus/signals.c in D-Bus before 1.0.2 allows local applications to remove match rules for other applications and cause a denial of service (lost process messages).... Read more

    Affected Products : d-bus
    • EPSS Score: %0.10
    • Published: Dec. 14, 2006
    • Modified: Apr. 09, 2025

  • 1.7

    LOW
    CVE-2025-30218

    Next.js is a React framework for building full-stack web applications. To mitigate CVE-2025-29927, Next.js validated the x-middleware-subrequest-id which persisted across multiple incoming requests. However, this subrequest ID is sent to all requests, eve... Read more

    Affected Products : next.js
    • Published: Apr. 02, 2025
    • Modified: Apr. 07, 2025

  • 1.7

    LOW
    CVE-2006-0554

    Linux kernel 2.6 before 2.6.15.5 allows local users to obtain sensitive information via a crafted XFS ftruncate call, which may return stale data.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.11
    • Published: Mar. 07, 2006
    • Modified: Apr. 03, 2025

  • 1.7

    LOW
    CVE-2015-4767

    Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Firewall, a different vulnerability than CVE-2015-4769.... Read more

    Affected Products : ubuntu_linux mysql
    • EPSS Score: %0.82
    • Published: Jul. 16, 2015
    • Modified: Apr. 12, 2025

  • 1.7

    LOW
    CVE-2007-0287

    Unspecified vulnerability in Oracle Application Server 9.0.4.3, 10.1.2.0.0, and 10.1.2.0.2; and Collaboration Suite 9.0.4.2 and 10.1.2; has unknown impact and attack vectors related to Containers for J2EE, aka OC4J08.... Read more

    • EPSS Score: %0.37
    • Published: Jan. 17, 2007
    • Modified: Apr. 09, 2025

  • 1.7

    LOW
    CVE-2007-0288

    Unspecified vulnerability in Oracle Application Server 10.1.4.0 has unknown impact and attack vectors related to Oracle Internet Directory, aka OID01.... Read more

    Affected Products : application_server
    • EPSS Score: %0.37
    • Published: Jan. 17, 2007
    • Modified: Apr. 09, 2025

  • 1.7

    LOW
    CVE-2007-3700

    Sun Java System Access Manager (formerly Java System Identity Server) before 20070710, when the message debug level is configured in the com.iplanet.services.debug.level property in AMConfig.properties, logs cleartext login passwords, which allows local u... Read more

    Affected Products : java_system_access_manager
    • EPSS Score: %0.06
    • Published: Jul. 11, 2007
    • Modified: Apr. 09, 2025

  • 1.7

    LOW
    CVE-2016-0609

    Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to... Read more

    • EPSS Score: %0.86
    • Published: Jan. 21, 2016
    • Modified: Apr. 12, 2025

  • 1.7

    LOW
    CVE-2013-5885

    Unspecified vulnerability in Oracle Solaris 11.1 allows local users to affect integrity via unknown vectors related to Audit.... Read more

    Affected Products : solaris sunos
    • EPSS Score: %0.12
    • Published: Jan. 15, 2014
    • Modified: Apr. 11, 2025
Showing 20 of 291128 Results