Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 1.7

    LOW
    CVE-2015-4767

    Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Firewall, a different vulnerability than CVE-2015-4769.... Read more

    Affected Products : ubuntu_linux mysql
    • EPSS Score: %0.82
    • Published: Jul. 16, 2015
    • Modified: Apr. 12, 2025

  • 1.7

    LOW
    CVE-2013-5885

    Unspecified vulnerability in Oracle Solaris 11.1 allows local users to affect integrity via unknown vectors related to Audit.... Read more

    Affected Products : solaris sunos
    • EPSS Score: %0.12
    • Published: Jan. 15, 2014
    • Modified: Apr. 11, 2025

  • 1.7

    LOW
    CVE-2013-0982

    The Private Browsing feature in CFNetwork in Apple Mac OS X before 10.8.4 does not prevent storage of permanent cookies upon exit from Safari, which might allow physically proximate attackers to bypass cookie-based authentication by leveraging an unattend... Read more

    Affected Products : mac_os_x mac_os_x_server mac_os_x
    • EPSS Score: %0.05
    • Published: Jun. 05, 2013
    • Modified: Apr. 11, 2025

  • 1.7

    LOW
    CVE-2006-0554

    Linux kernel 2.6 before 2.6.15.5 allows local users to obtain sensitive information via a crafted XFS ftruncate call, which may return stale data.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.11
    • Published: Mar. 07, 2006
    • Modified: Apr. 03, 2025

  • 1.7

    LOW
    CVE-2013-2997

    IBM Security AppScan Enterprise before 8.7 does not invalidate the session context upon a logout action, which allows remote attackers to hijack sessions by leveraging an unattended workstation.... Read more

    Affected Products : security_appscan
    • EPSS Score: %0.08
    • Published: Sep. 08, 2013
    • Modified: Apr. 11, 2025

  • 1.7

    LOW
    CVE-2006-5749

    The isdn_ppp_ccp_reset_alloc_state function in drivers/isdn/isdn_ppp.c in the Linux 2.4 kernel before 2.4.34-rc4 does not call the init_timer function for the ISDN PPP CCP reset state timer, which has unknown attack vectors and results in a system crash.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.08
    • Published: Dec. 31, 2006
    • Modified: Apr. 09, 2025

  • 1.7

    LOW
    CVE-2016-0609

    Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to... Read more

    • EPSS Score: %0.86
    • Published: Jan. 21, 2016
    • Modified: Apr. 12, 2025

  • 1.7

    LOW
    CVE-2011-2291

    Unspecified vulnerability in Oracle Solaris 10 allows local users to affect confidentiality via unknown vectors related to Trusted Extensions.... Read more

    Affected Products : sunos solaris
    • EPSS Score: %0.06
    • Published: Jul. 21, 2011
    • Modified: Apr. 11, 2025

  • 1.7

    LOW
    CVE-2010-3406

    Unspecified vulnerability in sa_snap in the bos.esagent fileset in IBM AIX 5.3 allows local users to leverage system group membership and delete files via unknown vectors.... Read more

    Affected Products : aix
    • EPSS Score: %0.06
    • Published: Sep. 16, 2010
    • Modified: Apr. 11, 2025

  • 1.7

    LOW
    CVE-2015-0498

    Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Replication.... Read more

    Affected Products : mysql
    • EPSS Score: %0.39
    • Published: Apr. 16, 2015
    • Modified: Apr. 12, 2025

  • 1.7

    LOW
    CVE-2009-1990

    Unspecified vulnerability in the Business Intelligence Enterprise Edition component in Oracle Application Server 10.1.3.4.1 allows local users to affect confidentiality via unknown vectors.... Read more

    Affected Products : application_server
    • EPSS Score: %0.11
    • Published: Oct. 22, 2009
    • Modified: Apr. 09, 2025

  • 1.7

    LOW
    CVE-2012-0174

    Windows Firewall in tcpip.sys in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly enforce firewall rules for outbound broadcast packets, which allows remote attackers to obtain potentially ... Read more

    • EPSS Score: %0.96
    • Published: May. 09, 2012
    • Modified: Apr. 11, 2025

  • 1.7

    LOW
    CVE-2012-0494

    Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows local users to affect availability via unknown vectors.... Read more

    Affected Products : mysql
    • EPSS Score: %0.06
    • Published: Jan. 18, 2012
    • Modified: Apr. 11, 2025

  • 1.7

    LOW
    CVE-2016-0405

    Unspecified vulnerability in the Solaris Cluster component in Oracle Sun Systems Products Suite 3.3 and 4 allows local users to affect confidentiality via vectors related to Cluster Manageability and Serviceability.... Read more

    • EPSS Score: %0.14
    • Published: Jan. 21, 2016
    • Modified: Apr. 12, 2025

  • 1.7

    LOW
    CVE-2025-30218

    Next.js is a React framework for building full-stack web applications. To mitigate CVE-2025-29927, Next.js validated the x-middleware-subrequest-id which persisted across multiple incoming requests. However, this subrequest ID is sent to all requests, eve... Read more

    Affected Products : next.js
    • Published: Apr. 02, 2025
    • Modified: Apr. 07, 2025

  • 1.7

    LOW
    CVE-2025-52570

    Letmein is an authenticating port knocker. Prior to version 10.2.1, The connection limiter is implemented incorrectly. It allows an arbitrary amount of simultaneously incoming connections (TCP, UDP and Unix socket) for the services letmeind and letmeinfwd... Read more

    Affected Products :
    • Published: Jun. 24, 2025
    • Modified: Jun. 26, 2025

  • 1.7

    LOW
    CVE-2025-52884

    RISC Zero is a zero-knowledge verifiable general computing platform, with Ethereum integration. The risc0-ethereum repository contains Solidity verifier contracts, Steel EVM view call library, and supporting code. Prior to versions 2.1.1 and 2.2.0, the `S... Read more

    Affected Products :
    • Published: Jun. 24, 2025
    • Modified: Jun. 26, 2025

  • 1.7

    LOW
    CVE-2009-0905

    IBM WebSphere MQ 6.0 before 6.0.2.8 and 7.0 before 7.0.1.0 does not properly handle long group names, which might allow local users to gain privileges by leveraging combinations of group names with the same initial substring.... Read more

    Affected Products : websphere_mq
    • EPSS Score: %0.05
    • Published: Oct. 30, 2011
    • Modified: Apr. 11, 2025

  • 1.7

    LOW
    CVE-2014-2603

    Unspecified vulnerability on HP 8/20q switches, SN6000 switches, and 8Gb Simple SAN Connection Kit with firmware before 8.0.14.08.00 allows remote authenticated users to obtain sensitive information via unknown vectors.... Read more

    • EPSS Score: %0.25
    • Published: May. 10, 2014
    • Modified: Apr. 12, 2025

  • 1.7

    LOW
    CVE-2011-3539

    Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows local users to affect availability via unknown vectors related to Zones.... Read more

    Affected Products : solaris
    • EPSS Score: %0.10
    • Published: Oct. 18, 2011
    • Modified: Apr. 11, 2025
Showing 20 of 291129 Results