Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2006-0431

    Unspecified vulnerability in BEA WebLogic Server and WebLogic Express 8.1 SP5 allows untrusted applications to obtain the server's SSL identity via unknown attack vectors.... Read more

    Affected Products : weblogic_server
    • Published: Jan. 25, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-0464

    Local users can perform a denial of service in Tripwire 1.2 and earlier using long filenames.... Read more

    Affected Products : tripwire
    • Published: Jan. 04, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0293

    aaa_base in SuSE Linux 6.3, and cron.daily in earlier versions, allow local users to delete arbitrary files by creating files whose names include spaces, which are then incorrectly interpreted by aaa_base when it deletes expired files from the /tmp direct... Read more

    Affected Products : suse_linux
    • Published: May. 02, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-0424

    talkback in Netscape 4.5 allows a local user to overwrite arbitrary files of another user whose Netscape crashes.... Read more

    Affected Products : communicator
    • Published: Mar. 18, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-0446

    Local users can perform a denial of service in NetBSD 1.3.3 and earlier versions by creating an unusual symbolic link with the ln command, triggering a bug in VFS.... Read more

    Affected Products : netbsd
    • Published: Apr. 12, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-4697

    The Microsoft Wireless Zero Configuration system (WZCS) allows local users to access WEP keys and pair-wise Master Keys (PMK) of the WPA pre-shared key via certain calls to the WZCQueryInterface API function in wzcsapi.dll.... Read more

    Affected Products : windows_xp
    • Published: Dec. 31, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2008-3528

    The error-reporting functionality in (1) fs/ext2/dir.c, (2) fs/ext3/dir.c, and possibly (3) fs/ext4/dir.c in the Linux kernel 2.6.26.5 does not limit the number of printk console messages that report directory corruption, which allows physically proximate... Read more

    Affected Products : linux_kernel
    • Published: Sep. 27, 2008
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2000-0286

    X fontserver xfs allows local users to cause a denial of service via malformed input to the server.... Read more

    Affected Products : linux
    • Published: Apr. 16, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0375

    The kernel in FreeBSD 3.2 follows symbolic links when it creates core dump files, which allows local attackers to modify arbitrary files.... Read more

    Affected Products : freebsd
    • Published: Mar. 12, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-0585

    A Windows NT administrator account has the default name of Administrator.... Read more

    Affected Products : windows_2000 windows_nt
    • Published: Jul. 01, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0615

    LPRng 3.6.x improperly installs lpd as setuid root, which can allow local users to append lpd trace and logging messages to files.... Read more

    Affected Products : lprng
    • Published: Jul. 19, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0679

    The CVS 1.10.8 client trusts pathnames that are provided by the CVS server, which allows the server to force the client to create arbitrary files.... Read more

    Affected Products : cvs
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0691

    The faxrunq and faxrunqd in the mgetty package allows local users to create or modify arbitrary files via a symlink attack which creates a symlink in from /var/spool/fax/outgoing/.last_run to the target file.... Read more

    Affected Products : linux mgetty
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-1092

    Unspecified vulnerability in the pagedata subsystem of the process file system (/proc) in Solaris 8 through 10 allows local users to cause a denial of service (system hang or panic) via unknown attack vectors that cause cause the kmem_oversize arena to al... Read more

    Affected Products : solaris sunos
    • Published: Mar. 09, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-0893

    userOsa in SCO OpenServer allows local users to corrupt files via a symlink attack.... Read more

    Affected Products : openserver
    • Published: Oct. 11, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-0859

    Solaris arp allows local users to read files via the -f parameter, which lists lines in the file that do not parse properly.... Read more

    Affected Products : solaris sunos
    • Published: Dec. 01, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-0460

    Buffer overflow in Linux autofs module through long directory names allows local users to perform a denial of service.... Read more

    Affected Products : linux_kernel
    • Published: Feb. 19, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0754

    Vulnerability in HP OpenView Network Node Manager (NMM) version 6.1 related to passwords.... Read more

    Affected Products : openview_network_node_manager
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-0640

    Orbicule Undercover allows attackers with physical or root access to disable the protection by using the chmod command to change the permissions of the /private/etc/uc.app/Contents/MacOS/uc file, which prevents the service from being started in LaunchDaem... Read more

    Affected Products : undercover
    • Published: Feb. 10, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0650

    The default installation of VirusScan 4.5 and NetShield 4.5 has insecure permissions for the registry key that identifies the AutoUpgrade directory, which allows local users to execute arbitrary commands by replacing SETUP.EXE in that directory with a Tro... Read more

    Affected Products : netshield virusscan
    • Published: Jul. 11, 2000
    • Modified: Apr. 03, 2025
Showing 20 of 293557 Results