Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-1999-0105

    finger allows recursive searches by using a long string of @ symbols.... Read more

    Affected Products :
    • EPSS Score: %0.08
    • Published: Mar. 01, 1997
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2007-6207

    Xen 3.x, possibly before 3.1.2, when running on IA64 systems, does not check the RID value for mov_to_rr, which allows a VTi domain to read memory of other domains.... Read more

    Affected Products : xen
    • EPSS Score: %0.09
    • Published: Dec. 04, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2012-0570

    Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows local users to affect availability via unknown vectors related to Libraries/Libc.... Read more

    Affected Products : sunos solaris
    • EPSS Score: %0.09
    • Published: Apr. 17, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2007-0010

    The GdkPixbufLoader function in GIMP ToolKit (GTK+) in GTK 2 (gtk2) before 2.4.13 allows context-dependent attackers to cause a denial of service (crash) via a malformed image file.... Read more

    Affected Products : gtk
    • EPSS Score: %0.87
    • Published: Jan. 24, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2012-0961

    Apt 0.8.16~exp5ubuntu13.x before 0.8.16~exp5ubuntu13.6, 0.8.16~exp12ubuntu10.x before 0.8.16~exp12ubuntu10.7, and 0.9.7.5ubuntu5.x before 0.9.7.5ubuntu5.2, as used in Ubuntu, uses world-readable permissions for /var/log/apt/term.log, which allows local us... Read more

    Affected Products : advanced_package_tool apt
    • EPSS Score: %0.05
    • Published: Dec. 26, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2002-0881

    Cisco IP Phone (VoIP) models 7910, 7940, and 7960 use a default administrative password, which allows attackers with physical access to the phone to modify the configuration settings.... Read more

    • EPSS Score: %0.13
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2003-0207

    ps2epsi creates insecure temporary files when calling ghostscript, which allows local attackers to overwrite arbitrary files.... Read more

    Affected Products : gs-common
    • EPSS Score: %0.11
    • Published: May. 05, 2003
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-5173

    Linux kernel does not properly save or restore EFLAGS during a context switch, or reset the flags when creating new threads, which allows local users to cause a denial of service (process crash), as demonstrated using a process that sets the Alignment Che... Read more

    Affected Products : linux_kernel ubuntu_linux
    • EPSS Score: %0.06
    • Published: Oct. 17, 2006
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2011-1172

    net/ipv6/netfilter/ip6_tables.c in the IPv6 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially se... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.04
    • Published: Jun. 22, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-1999-1572

    cpio on FreeBSD 2.1.0, Debian GNU/Linux 3.0, and possibly other operating systems, uses a 0 umask when creating files using the -O (archive) or -F options, which creates the files with mode 0666 and allows local users to read or overwrite those files.... Read more

    • EPSS Score: %0.11
    • Published: Jul. 16, 1996
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2011-4607

    PuTTY 0.59 through 0.61 does not clear sensitive process memory when managing user replies that occur during keyboard-interactive authentication, which might allow local users to read login passwords by obtaining access to the process' memory.... Read more

    Affected Products : putty putty
    • EPSS Score: %0.06
    • Published: Aug. 23, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2003-0381

    Multiple vulnerabilities in noweb 2.9 and earlier creates temporary files insecurely, which allows local users to overwrite arbitrary files via multiple vectors including the noroff script.... Read more

    Affected Products : noweb
    • EPSS Score: %0.11
    • Published: Jul. 24, 2003
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2015-2585

    Unspecified vulnerability in the Application Express component in Oracle Database Server before 5.0 allows remote authenticated users to affect availability via unknown vectors.... Read more

    Affected Products : database_server
    • EPSS Score: %0.36
    • Published: Jul. 16, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2015-6102

    The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to bypass the KASLR protection ... Read more

    • EPSS Score: %3.68
    • Published: Nov. 11, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2007-2448

    Subversion 1.4.3 and earlier does not properly implement the "partial access" privilege for users who have access to changed paths but not copied paths, which allows remote authenticated users to obtain sensitive information (revision properties) via svn ... Read more

    Affected Products : subversion subversion
    • EPSS Score: %0.25
    • Published: Jun. 14, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2012-3203

    Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability, related to Gnome Display Manager GDM.... Read more

    Affected Products : sunos solaris
    • EPSS Score: %0.06
    • Published: Oct. 17, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2012-2690

    virt-edit in libguestfs before 1.18.0 does not preserve the permissions from the original file and saves the new file with world-readable permissions when editing, which might allow local guest users to obtain sensitive information.... Read more

    Affected Products : libguestfs
    • EPSS Score: %0.05
    • Published: Jun. 29, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2007-6206

    The do_coredump function in fs/exec.c in Linux kernel 2.4.x and 2.6.x up to 2.6.24-rc3, and possibly other versions, does not change the UID of a core dump file if it exists before a root process creates a core dump in the same location, which might allow... Read more

    • EPSS Score: %0.08
    • Published: Dec. 04, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2025-32699

    Vulnerability in Wikimedia Foundation MediaWiki, Wikimedia Foundation Parsoid.This issue affects MediaWiki: before 1.39.12, 1.42.6, 1.43.1; Parsoid: before 0.16.5, 0.19.2, 0.20.2.... Read more

    Affected Products : mediawiki
    • Published: Apr. 10, 2025
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2011-4922

    cipher.c in the Cipher API in libpurple in Pidgin before 2.7.10 retains encryption-key data in process memory, which might allow local users to obtain sensitive information by reading a core file or other representation of memory contents.... Read more

    Affected Products : pidgin
    • EPSS Score: %0.11
    • Published: Aug. 08, 2012
    • Modified: Apr. 11, 2025
Showing 20 of 291736 Results