Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 1.4

    LOW
    CVE-2014-2485

    Unspecified vulnerability in the Siebel Core - EAI component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows local users to affect confidentiality via unknown vectors related to Integration Business Services.... Read more

    Affected Products : siebel_crm
    • EPSS Score: %0.18
    • Published: Jul. 17, 2014
    • Modified: Apr. 12, 2025

  • 1.4

    LOW
    CVE-2016-0618

    Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality via unknown vectors related to Zones.... Read more

    Affected Products : solaris
    • EPSS Score: %0.08
    • Published: Jan. 21, 2016
    • Modified: Apr. 12, 2025

  • 1.3

    LOW
    CVE-2025-46826

    insa-auth is an authentication server for INSA Rouen. A minor issue allowed third-party websites to access the server's secondary authentication bridge, potentially revealing basic student information (name and number). However, the issue posed minimal ri... Read more

    Affected Products :
    • Published: May. 07, 2025
    • Modified: May. 08, 2025

  • 1.3

    LOW
    CVE-2025-53904

    The Scratch Channel is a news website that is under development as of time of this writing. The file `/api/admin.js` contains code that could make the website vulnerable to cross-site scripting. No known patches exist as of time of publication.... Read more

    Affected Products :
    • Published: Jul. 16, 2025
    • Modified: Jul. 17, 2025

  • 1.3

    LOW
    CVE-2025-53374

    Dokploy is a self-hostable Platform as a Service (PaaS) that simplifies the deployment and management of applications and databases. An authenticated low-privileged account can retrieve detailed profile information about another users in the same organiza... Read more

    Affected Products :
    • Published: Jul. 07, 2025
    • Modified: Jul. 08, 2025

  • 1.3

    LOW
    CVE-2011-2242

    Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.2.0.1 and 11.2.0.2 allows local users to affect confidentiality, related to XML DB FTP.... Read more

    Affected Products : database_server
    • EPSS Score: %0.30
    • Published: Jul. 20, 2011
    • Modified: Apr. 11, 2025

  • 1.3

    LOW
    CVE-2015-5464

    The Gemalto SafeNet Luna HSM allows remote authenticated users to bypass intended key-export restrictions by leveraging (1) crypto-user or (2) crypto-officer access to an HSM partition.... Read more

    • EPSS Score: %0.06
    • Published: Jul. 22, 2015
    • Modified: Apr. 12, 2025

  • 1.3

    LOW
    CVE-2025-53903

    The Scratch Channel is a news website that is under development as of time of this writing. The file `/api/users.js` doesn't properly sanitize text box inputs, leading to a potential vulnerability to cross-site scripting attacks. Commit 90b39eb56b27b2bac2... Read more

    Affected Products :
    • Published: Jul. 15, 2025
    • Modified: Jul. 15, 2025

  • 1.2

    LOW
    CVE-2002-1674

    procfs on FreeBSD before 4.5 allows local users to cause a denial of service (kernel panic) by removing a file that the fstatfs function refers to.... Read more

    Affected Products : freebsd
    • EPSS Score: %0.06
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2002-0760

    Race condition in bzip2 before 1.0.2 in FreeBSD 4.5 and earlier, OpenLinux 3.1 and 3.1.1, and possibly other operating systems, decompresses files with world-readable permissions before setting the permissions to what is specified in the bzip2 archive, wh... Read more

    Affected Products : bzip2
    • EPSS Score: %0.12
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2004-2231

    Zero G Software InstallAnywhere 5.0.6, 5.0.7, and earlier allows local users to overwrite arbitrary files via a symlink attack on the (1) persistent_state or (2) env.properties.X temporary files.... Read more

    Affected Products : installanywhere
    • EPSS Score: %0.10
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2002-0271

    Runtime library in GNU Ada compiler (GNAT) 3.12p through 3.14p allows local users to modify files of other users via a symlink attack on temporary files.... Read more

    Affected Products : gnat_pro_native
    • EPSS Score: %0.08
    • Published: May. 29, 2002
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-1999-1042

    Cisco Resource Manager (CRM) 1.0 and 1.1 creates world-readable log files and temporary files, which may expose sensitive information, to local users such as user IDs, passwords and SNMP community strings.... Read more

    Affected Products : resource_manager
    • EPSS Score: %0.21
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2005-1396

    Race condition in Ce/Ceterm (aka ARPUS/Ce) 2.5.4 and earlier allows local users to write to arbitrary files via a symlink attack on the ce_edit_log temporary file.... Read more

    Affected Products : ce_ceterm
    • EPSS Score: %0.17
    • Published: May. 03, 2005
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2014-6134

    IBM Rational ClearCase 8.0.0 before 8.0.0.14 and 8.0.1 before 8.0.1.7, when Installation Manager before 1.8.2 is used, retains cleartext server passwords in process memory throughout the installation procedure, which might allow local users to obtain sens... Read more

    • EPSS Score: %0.12
    • Published: Mar. 25, 2015
    • Modified: Apr. 12, 2025

  • 1.2

    LOW
    CVE-2006-1167

    SGI ProPack 3 SP6 kernel displays the frame buffer contents of the last session after a reboot, which might allow local users to obtain sensitive information.... Read more

    Affected Products : propack
    • EPSS Score: %0.07
    • Published: Feb. 06, 2007
    • Modified: Apr. 09, 2025

  • 1.2

    LOW
    CVE-2001-0095

    catman in Solaris 2.7 and 2.8 allows local users to overwrite arbitrary files via a symlink attack on the sman_PID temporary file.... Read more

    Affected Products : sunos
    • EPSS Score: %0.14
    • Published: Feb. 12, 2001
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2005-1066

    Race condition in rpdump in Pine 4.62 and earlier allows local users to overwrite arbitrary files via a symlink attack.... Read more

    Affected Products : enterprise_linux pine
    • EPSS Score: %0.08
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2005-1286

    Unquoted Windows search path vulnerability in BitDefender 8 allows local users to prevent BitDefender from starting by creating a malicious C:\program.exe, possibly due to the lack of quoting of the full pathname when executing a process.... Read more

    Affected Products : bitdefender_antivirus
    • EPSS Score: %0.08
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2025-48382

    Fess is a deployable Enterprise Search Server. Prior to version 14.19.2, the createTempFile() method in org.codelibs.fess.helper.SystemHelper creates temporary files without explicitly setting restrictive permissions. This could lead to potential informat... Read more

    Affected Products : fess
    • Published: May. 27, 2025
    • Modified: May. 28, 2025
Showing 20 of 291157 Results