Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 1.9

    LOW
    CVE-2009-5084

    IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.2, when com.tivoli.am.fim.infocard.delegates.InfoCardSTSDelegate tracing is enabled, creates a cleartext log entry containing a password, which might allow local users to obtain sensitive inf... Read more

    Affected Products : tivoli_federated_identity_manager
    • EPSS Score: %0.05
    • Published: Aug. 12, 2011
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2011-5204

    Akiva WebBoard 8.x stores passwords in plaintext, which allows local users to obtain sensitive information by reading from the database.... Read more

    Affected Products : webboard
    • EPSS Score: %0.37
    • Published: Oct. 04, 2012
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2012-0700

    The client in InfoSphere FastTrack 8.1 through 8.7 in IBM InfoSphere Information Server 8.1, 8.5 before FP3, and 8.7 does not properly store credentials, which allows local users to bypass intended access restrictions via unspecified vectors.... Read more

    • EPSS Score: %0.05
    • Published: Jan. 31, 2013
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2008-2143

    Unspecified versions of Microsoft Outlook Web Access (OWA) use the Cache-Control: no-cache HTTP directive instead of no-store, which might cause web browsers that follow RFC-2616 to cache sensitive information.... Read more

    Affected Products : outlook_web_access
    • EPSS Score: %0.46
    • Published: May. 12, 2008
    • Modified: Apr. 09, 2025

  • 1.9

    LOW
    CVE-2012-3116

    Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 5.5.06, 6.0, 6.1, and 6.2 allows local users to affect confidentiality via unknown vectors.... Read more

    Affected Products : supply_chain_products_suite
    • EPSS Score: %0.09
    • Published: Jul. 17, 2012
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2006-1810

    Multiple cross-site scripting (XSS) vulnerabilities in FlexBB 0.5.5 BETA allow remote attackers to inject arbitrary web script or HTML via the (1) ICQ, (2) AIM, (3) MSN, (4) Google Talk, (5) Website Name, (6) Website Address, (7) Email Address, (8) Locati... Read more

    Affected Products : flexbb
    • EPSS Score: %0.20
    • Published: Apr. 18, 2006
    • Modified: Apr. 03, 2025

  • 1.9

    LOW
    CVE-2011-5119

    Multiple race conditions in Comodo Internet Security before 5.8.211697.2124 allow local users to bypass the Defense+ feature via unspecified vectors.... Read more

    Affected Products : comodo_internet_security
    • EPSS Score: %0.04
    • Published: Aug. 26, 2012
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2014-5036

    The Storage Controller (SC) component in Eucalyptus 3.4.2 through 4.0.x before 4.0.1, when Dell Equallogic SAN is used, logs the CHAP user credentials, which allows local users to obtain sensitive information by reading the logs.... Read more

    Affected Products : eucalyptus
    • EPSS Score: %0.06
    • Published: Sep. 05, 2014
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2015-1901

    The installer in IBM InfoSphere Information Server 8.5 through 11.3 before 11.3.1.2 allows local users to obtain sensitive information via unspecified commands.... Read more

    Affected Products : infosphere_information_server
    • EPSS Score: %0.06
    • Published: Jun. 28, 2015
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2002-2283

    Microsoft Windows XP with Fast User Switching (FUS) enabled does not remove the "show processes from all users" privilege when the user is removed from the administrator group, which allows that user to view processes of other users.... Read more

    Affected Products : windows_xp
    • EPSS Score: %1.92
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 1.9

    LOW
    CVE-2015-2580

    Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows local users to affect availability via vectors related to NFSv4.... Read more

    Affected Products : solaris
    • EPSS Score: %0.22
    • Published: Jul. 16, 2015
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2015-3785

    The Telephony component in Apple OS X before 10.11, when the Continuity feature is enabled, allows local users to bypass intended telephone-call restrictions via unspecified vectors.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.09
    • Published: Oct. 09, 2015
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2015-2534

    Hyper-V in Microsoft Windows 8.1, Windows Server 2012 R2, and Windows 10 improperly processes ACL settings, which allows local users to bypass intended network-traffic restrictions via a crafted application, aka "Hyper-V Security Feature Bypass Vulnerabil... Read more

    • EPSS Score: %0.60
    • Published: Sep. 09, 2015
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2014-0058

    The security audit functionality in Red Hat JBoss Enterprise Application Platform (EAP) 6.x before 6.2.1 logs request parameters in plaintext, which might allow local users to obtain passwords by reading the log files.... Read more

    • EPSS Score: %0.06
    • Published: Feb. 26, 2014
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2013-7336

    The qemuMigrationWaitForSpice function in qemu/qemu_migration.c in libvirt before 1.1.3 does not properly enter a monitor when performing seamless SPICE migration, which allows local users to cause a denial of service (NULL pointer dereference and libvirt... Read more

    Affected Products : opensuse libvirt
    • EPSS Score: %0.07
    • Published: May. 07, 2014
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2014-4448

    House Arrest in Apple iOS before 8.1 relies on the hardware UID for its encryption key, which makes it easier for physically proximate attackers to obtain sensitive information from a Documents directory by obtaining this UID.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.05
    • Published: Oct. 22, 2014
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2014-4447

    Profile Manager in Apple OS X Server before 4.0 allows local users to discover cleartext passwords by reading a file after a (1) profile setup or (2) profile edit occurs.... Read more

    Affected Products : os_x_server
    • EPSS Score: %0.14
    • Published: Oct. 18, 2014
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2014-1352

    Lock Screen in Apple iOS before 7.1.2 does not properly enforce the limit on failed passcode attempts, which makes it easier for physically proximate attackers to conduct brute-force passcode-guessing attacks via unspecified vectors.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.07
    • Published: Jul. 01, 2014
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2008-6722

    Novell Access Manager 3 SP4 does not properly expire X.509 certificate sessions, which allows physically proximate attackers to obtain a logged-in session by using a victim's web-browser process that continues to send the original and valid SSL sessionID,... Read more

    Affected Products : access_manager
    • EPSS Score: %0.06
    • Published: Apr. 14, 2009
    • Modified: Apr. 09, 2025

  • 1.9

    LOW
    CVE-2008-5107

    The installation process for Citrix Presentation Server 4.5 and Desktop Server 1.0, when MSI logging is enabled, stores database credentials in MSI log files, which allows local users to obtain these credentials by reading the log files.... Read more

    Affected Products : presentation_server desktop_server
    • EPSS Score: %0.10
    • Published: Nov. 17, 2008
    • Modified: Apr. 09, 2025
Showing 20 of 291293 Results