Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
  • 1.9

    LOW
    CVE-2015-3785

    The Telephony component in Apple OS X before 10.11, when the Continuity feature is enabled, allows local users to bypass intended telephone-call restrictions via unspecified vectors.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.09
    • Published: Oct. 09, 2015
    • Modified: Apr. 12, 2025
  • 1.9

    LOW
    CVE-2013-5187

    The Screen Lock implementation in Apple Mac OS X before 10.9 does not immediately accept Keychain Status menu Lock Screen commands, and instead incorrectly relies on a certain timeout setting, which allows physically proximate attackers to obtain sensitiv... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.13
    • Published: Oct. 24, 2013
    • Modified: Apr. 11, 2025
  • 1.9

    LOW
    CVE-2015-2580

    Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows local users to affect availability via vectors related to NFSv4.... Read more

    Affected Products : solaris
    • EPSS Score: %0.22
    • Published: Jul. 16, 2015
    • Modified: Apr. 12, 2025
  • 1.9

    LOW
    CVE-2015-2534

    Hyper-V in Microsoft Windows 8.1, Windows Server 2012 R2, and Windows 10 improperly processes ACL settings, which allows local users to bypass intended network-traffic restrictions via a crafted application, aka "Hyper-V Security Feature Bypass Vulnerabil... Read more

    • EPSS Score: %0.60
    • Published: Sep. 09, 2015
    • Modified: Apr. 12, 2025
  • 1.9

    LOW
    CVE-2012-0218

    Xen 3.4, 4.0, and 4.1, when the guest OS has not registered a handler for a syscall or sysenter instruction, does not properly clear a flag for exception injection when injecting a General Protection Fault, which allows local PV guest OS users to cause a ... Read more

    Affected Products : xen
    • EPSS Score: %0.07
    • Published: Dec. 03, 2012
    • Modified: Apr. 11, 2025
  • 1.9

    LOW
    CVE-2010-4083

    The copy_semid_to_user function in ipc/sem.c in the Linux kernel before 2.6.36 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via a (1) IPC_INFO, (2) SEM_INFO, (3) IPC... Read more

    • EPSS Score: %0.09
    • Published: Nov. 30, 2010
    • Modified: Apr. 11, 2025
  • 1.9

    LOW
    CVE-2011-3153

    dmrc.c in Light Display Manager (aka LightDM) before 1.1.1 allows local users to read arbitrary files via a symlink attack on ~/.dmrc.... Read more

    Affected Products : ubuntu_linux lightdm
    • EPSS Score: %0.05
    • Published: Mar. 06, 2014
    • Modified: Apr. 12, 2025
  • 1.9

    LOW
    CVE-2009-2948

    mount.cifs in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8 and 3.4 before 3.4.2, when mount.cifs is installed suid root, does not properly enforce permissions, which allows local users to read part of the credentials file and obtain the pa... Read more

    Affected Products : samba
    • EPSS Score: %0.16
    • Published: Oct. 07, 2009
    • Modified: Apr. 09, 2025
  • 1.9

    LOW
    CVE-2009-3556

    A certain Red Hat configuration step for the qla2xxx driver in the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5, when N_Port ID Virtualization (NPIV) hardware is used, sets world-writable permissions for the (1) vport_create and (2) vport_dele... Read more

    Affected Products : linux_kernel enterprise_linux
    • EPSS Score: %0.03
    • Published: Jan. 27, 2010
    • Modified: Apr. 11, 2025
  • 1.9

    LOW
    CVE-2007-0473

    The writeFile function in core/smb4kfileio.cpp in Smb4K before 0.8.0 does not preserve /etc/sudoers permissions across modifications, which allows local users to obtain sensitive information (/etc/sudoers contents) by reading this file.... Read more

    Affected Products : smb4k
    • EPSS Score: %0.06
    • Published: Feb. 03, 2007
    • Modified: Apr. 09, 2025
  • 1.9

    LOW
    CVE-2012-6539

    The dev_ifconf function in net/socket.c in the Linux kernel before 3.6 does not initialize a certain structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.06
    • Published: Mar. 15, 2013
    • Modified: Apr. 11, 2025
  • 1.9

    LOW
    CVE-2012-6538

    The copy_to_user_auth function in net/xfrm/xfrm_user.c in the Linux kernel before 3.6 uses an incorrect C library function for copying a string, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAP_NET_ADM... Read more

    Affected Products : linux_kernel enterprise_linux
    • EPSS Score: %0.06
    • Published: Mar. 15, 2013
    • Modified: Apr. 11, 2025
  • 1.9

    LOW
    CVE-2010-4075

    The uart_get_count function in drivers/serial/serial_core.c in the Linux kernel before 2.6.37-rc1 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a ... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.09
    • Published: Nov. 29, 2010
    • Modified: Apr. 11, 2025
  • 1.9

    LOW
    CVE-2013-1917

    Xen 3.1 through 4.x, when running 64-bit hosts on Intel CPUs, does not clear the NT flag when using an IRET after a SYSENTER instruction, which allows PV guest users to cause a denial of service (hypervisor crash) by triggering a #GP fault, which is not p... Read more

    Affected Products : xen
    • EPSS Score: %0.07
    • Published: May. 13, 2013
    • Modified: Apr. 11, 2025
  • 1.9

    LOW
    CVE-2010-4078

    The sisfb_ioctl function in drivers/video/sis/sis_main.c in the Linux kernel before 2.6.36-rc6 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an FB... Read more

    • EPSS Score: %0.07
    • Published: Nov. 29, 2010
    • Modified: Apr. 11, 2025
  • 1.9

    LOW
    CVE-2013-0541

    Buffer overflow in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.29, 8.0 before 8.0.0.6, and 8.5 before 8.5.0.2 on Windows, when a localOS registry is used in conjunction with WebSphere Identity Manger (WIM), allows local us... Read more

    • EPSS Score: %0.05
    • Published: Apr. 24, 2013
    • Modified: Apr. 11, 2025
  • 1.9

    LOW
    CVE-2010-4074

    The USB subsystem in the Linux kernel before 2.6.36-rc5 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to TIOCGICOUNT ioctl calls, a... Read more

    Affected Products : linux_kernel debian_linux
    • EPSS Score: %0.08
    • Published: Nov. 29, 2010
    • Modified: Apr. 11, 2025
  • 1.9

    LOW
    CVE-2012-6549

    The isofs_export_encode_fh function in fs/isofs/export.c in the Linux kernel before 3.6 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory via a crafted application.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.03
    • Published: Mar. 15, 2013
    • Modified: Apr. 11, 2025
  • 1.9

    LOW
    CVE-2013-1056

    X.org X server 1.13.3 and earlier, when not run as root, allows local users to cause a denial of service (crash) or possibly gain privileges via vectors involving cached xkb files.... Read more

    Affected Products : ubuntu_linux
    • EPSS Score: %0.05
    • Published: Oct. 28, 2013
    • Modified: Apr. 11, 2025
  • 1.9

    LOW
    CVE-2012-6540

    The do_ip_vs_get_ctl function in net/netfilter/ipvs/ip_vs_ctl.c in the Linux kernel before 3.6 does not initialize a certain structure for IP_VS_SO_GET_TIMEOUT commands, which allows local users to obtain sensitive information from kernel stack memory via... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.06
    • Published: Mar. 15, 2013
    • Modified: Apr. 11, 2025
Showing 20 of 291384 Results