Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 1.9

    LOW
    CVE-2010-4083

    The copy_semid_to_user function in ipc/sem.c in the Linux kernel before 2.6.36 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via a (1) IPC_INFO, (2) SEM_INFO, (3) IPC... Read more

    • EPSS Score: %0.09
    • Published: Nov. 30, 2010
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2013-1952

    Xen 4.x, when using Intel VT-d for a bus mastering capable PCI device, does not properly check the source when accessing a bridge device's interrupt remapping table entries for MSI interrupts, which allows local guest domains to cause a denial of service ... Read more

    Affected Products : xen
    • EPSS Score: %0.07
    • Published: May. 13, 2013
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2012-4535

    Xen 3.4 through 4.2, and possibly earlier versions, allows local guest OS administrators to cause a denial of service (Xen infinite loop and physical CPU consumption) by setting a VCPU with an "inappropriate deadline."... Read more

    Affected Products : xen
    • EPSS Score: %0.11
    • Published: Nov. 21, 2012
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2014-4419

    The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive memory-content and memory-layout information via a crafted application, a different ... Read more

    Affected Products : mac_os_x iphone_os tvos
    • EPSS Score: %0.08
    • Published: Sep. 18, 2014
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2012-6542

    The llc_ui_getname function in net/llc/af_llc.c in the Linux kernel before 3.6 has an incorrect return value in certain circumstances, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that leverag... Read more

    Affected Products : linux_kernel enterprise_linux
    • EPSS Score: %0.09
    • Published: Mar. 15, 2013
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2013-4369

    The xlu_vif_parse_rate function in the libxlu library in Xen 4.2.x and 4.3.x allows local users to cause a denial of service (NULL pointer dereference) by using the "@" character as the VIF rate configuration.... Read more

    Affected Products : xen
    • EPSS Score: %0.06
    • Published: Oct. 17, 2013
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2005-3126

    The (1) kantiword (kantiword.sh) and (2) gantiword (gantiword.sh) scripts in antiword 0.35 and earlier allow local users to overwrite arbitrary files via a symlink attack on temporary (a) output and (b) error files.... Read more

    Affected Products : antiword
    • EPSS Score: %0.06
    • Published: Dec. 31, 2005
    • Modified: Apr. 03, 2025

  • 1.9

    LOW
    CVE-2015-0430

    Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect confidentiality via vectors related to RPC Utility.... Read more

    Affected Products : sunos solaris
    • EPSS Score: %0.08
    • Published: Jan. 21, 2015
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2015-1197

    cpio 2.11, when using the --no-absolute-filenames option, allows local users to write to arbitrary files via a symlink attack on a file in an archive.... Read more

    Affected Products : cpio
    • EPSS Score: %3.33
    • Published: Feb. 19, 2015
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2010-2803

    The drm_ioctl function in drivers/gpu/drm/drm_drv.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 2.6.27.53, 2.6.32.x before 2.6.32.21, 2.6.34.x before 2.6.34.6, and 2.6.35.x before 2.6.35.4 allows local users to obtain potent... Read more

    • EPSS Score: %0.08
    • Published: Sep. 08, 2010
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2010-2192

    The make_lockdir_name function in policy.c in pmount 0.9.18 allow local users to overwrite arbitrary files via a symlink attack on a file in /var/lock/.... Read more

    Affected Products : pmount
    • EPSS Score: %0.03
    • Published: Jun. 18, 2010
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2011-3153

    dmrc.c in Light Display Manager (aka LightDM) before 1.1.1 allows local users to read arbitrary files via a symlink attack on ~/.dmrc.... Read more

    Affected Products : ubuntu_linux lightdm
    • EPSS Score: %0.05
    • Published: Mar. 06, 2014
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2015-0245

    D-Bus 1.4.x through 1.6.x before 1.6.30, 1.8.x before 1.8.16, and 1.9.x before 1.9.10 does not validate the source of ActivationFailure signals, which allows local users to cause a denial of service (activation failure error returned) by leveraging a race... Read more

    Affected Products : dbus opensuse
    • EPSS Score: %0.04
    • Published: Feb. 13, 2015
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2015-1420

    Race condition in the handle_to_path function in fs/fhandle.c in the Linux kernel through 3.19.1 allows local users to bypass intended size restrictions and trigger read operations on additional memory locations by changing the handle_bytes value of a fil... Read more

    Affected Products : linux_kernel debian_linux
    • EPSS Score: %0.04
    • Published: Mar. 16, 2015
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2012-2934

    Xen 4.0, and 4.1, when running a 64-bit PV guest on "older" AMD CPUs, does not properly protect against a certain AMD processor bug, which allows local guest OS users to cause a denial of service (host hang) via sequential execution of instructions across... Read more

    Affected Products : xen
    • EPSS Score: %0.16
    • Published: Dec. 03, 2012
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2012-1568

    The ExecShield feature in a certain Red Hat patch for the Linux kernel in Red Hat Enterprise Linux (RHEL) 5 and 6 and Fedora 15 and 16 does not properly handle use of many shared libraries by a 32-bit executable file, which makes it easier for context-dep... Read more

    Affected Products : enterprise_linux fedora
    • EPSS Score: %0.05
    • Published: Mar. 01, 2013
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2015-0413

    Unspecified vulnerability in Oracle Java SE 7u72 and 8u25 allows local users to affect integrity via unknown vectors related to Serviceability.... Read more

    • EPSS Score: %0.10
    • Published: Jan. 21, 2015
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2011-1098

    Race condition in the createOutputFile function in logrotate.c in logrotate 3.7.9 and earlier allows local users to read log data by opening a file before the intended permissions are in place.... Read more

    Affected Products : logrotate
    • EPSS Score: %0.04
    • Published: Mar. 30, 2011
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2015-1096

    IOHIDFamily in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows attackers to obtain sensitive information about kernel memory via a crafted app.... Read more

    Affected Products : mac_os_x iphone_os tvos
    • EPSS Score: %0.07
    • Published: Apr. 10, 2015
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2015-6563

    The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous username data in MONITOR_REQ_PAM_INIT_CTX requests, which allows local users to conduct impersonation attacks by leveraging any SSH login access in conjunction... Read more

    Affected Products : openssh mac_os_x
    • EPSS Score: %0.09
    • Published: Aug. 24, 2015
    • Modified: Apr. 12, 2025
Showing 20 of 291305 Results