Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 1.7

    LOW
    CVE-2009-1990

    Unspecified vulnerability in the Business Intelligence Enterprise Edition component in Oracle Application Server 10.1.3.4.1 allows local users to affect confidentiality via unknown vectors.... Read more

    Affected Products : application_server
    • EPSS Score: %0.11
    • Published: Oct. 22, 2009
    • Modified: Apr. 09, 2025

  • 1.7

    LOW
    CVE-2012-3162

    Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.3 allows local users to affect confidentiality, related to MDS loading.... Read more

    Affected Products : e-business_suite
    • EPSS Score: %0.35
    • Published: Oct. 16, 2012
    • Modified: Apr. 11, 2025

  • 1.7

    LOW
    CVE-2016-0405

    Unspecified vulnerability in the Solaris Cluster component in Oracle Sun Systems Products Suite 3.3 and 4 allows local users to affect confidentiality via vectors related to Cluster Manageability and Serviceability.... Read more

    • EPSS Score: %0.14
    • Published: Jan. 21, 2016
    • Modified: Apr. 12, 2025

  • 1.7

    LOW
    CVE-2011-3539

    Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows local users to affect availability via unknown vectors related to Zones.... Read more

    Affected Products : solaris
    • EPSS Score: %0.10
    • Published: Oct. 18, 2011
    • Modified: Apr. 11, 2025

  • 1.7

    LOW
    CVE-2009-0905

    IBM WebSphere MQ 6.0 before 6.0.2.8 and 7.0 before 7.0.1.0 does not properly handle long group names, which might allow local users to gain privileges by leveraging combinations of group names with the same initial substring.... Read more

    Affected Products : websphere_mq
    • EPSS Score: %0.05
    • Published: Oct. 30, 2011
    • Modified: Apr. 11, 2025

  • 1.7

    LOW
    CVE-2025-52570

    Letmein is an authenticating port knocker. Prior to version 10.2.1, The connection limiter is implemented incorrectly. It allows an arbitrary amount of simultaneously incoming connections (TCP, UDP and Unix socket) for the services letmeind and letmeinfwd... Read more

    Affected Products :
    • Published: Jun. 24, 2025
    • Modified: Jun. 26, 2025
    • Vuln Type: Authentication

  • 1.7

    LOW
    CVE-2025-52884

    RISC Zero is a zero-knowledge verifiable general computing platform, with Ethereum integration. The risc0-ethereum repository contains Solidity verifier contracts, Steel EVM view call library, and supporting code. Prior to versions 2.1.1 and 2.2.0, the `S... Read more

    Affected Products :
    • Published: Jun. 24, 2025
    • Modified: Jun. 26, 2025
    • Vuln Type: Misconfiguration

  • 1.7

    LOW
    CVE-2007-0287

    Unspecified vulnerability in Oracle Application Server 9.0.4.3, 10.1.2.0.0, and 10.1.2.0.2; and Collaboration Suite 9.0.4.2 and 10.1.2; has unknown impact and attack vectors related to Containers for J2EE, aka OC4J08.... Read more

    • EPSS Score: %0.37
    • Published: Jan. 17, 2007
    • Modified: Apr. 09, 2025

  • 1.7

    LOW
    CVE-2007-3700

    Sun Java System Access Manager (formerly Java System Identity Server) before 20070710, when the message debug level is configured in the com.iplanet.services.debug.level property in AMConfig.properties, logs cleartext login passwords, which allows local u... Read more

    Affected Products : java_system_access_manager
    • EPSS Score: %0.06
    • Published: Jul. 11, 2007
    • Modified: Apr. 09, 2025

  • 1.7

    LOW
    CVE-2007-0288

    Unspecified vulnerability in Oracle Application Server 10.1.4.0 has unknown impact and attack vectors related to Oracle Internet Directory, aka OID01.... Read more

    Affected Products : application_server
    • EPSS Score: %0.37
    • Published: Jan. 17, 2007
    • Modified: Apr. 09, 2025

  • 1.7

    LOW
    CVE-2011-2240

    Unspecified vulnerability in the Oracle Universal Installer component in Oracle Database Server 10.1.0.5 allows local users to affect confidentiality via unknown vectors.... Read more

    Affected Products : database_server
    • EPSS Score: %0.39
    • Published: Jul. 20, 2011
    • Modified: Apr. 11, 2025

  • 1.7

    LOW
    CVE-2014-1444

    The fst_get_iface function in drivers/net/wan/farsync.c in the Linux kernel before 3.11.7 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN ca... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.05
    • Published: Jan. 18, 2014
    • Modified: Apr. 11, 2025

  • 1.7

    LOW
    CVE-2012-3215

    Unspecified vulnerability in Oracle Sun Solaris 10 and 11, when running on SPARC, allows local users to affect confidentiality via unknown vectors related to Kernel.... Read more

    Affected Products : sunos solaris
    • EPSS Score: %0.06
    • Published: Oct. 17, 2012
    • Modified: Apr. 11, 2025

  • 1.7

    LOW
    CVE-2025-43866

    vantage6 is an open-source infrastructure for privacy preserving analysis. The JWT secret key in the vantage6 server is auto-generated unless defined by the user. The auto-generated key is a UUID1, which is not cryptographically secure as it is predictabl... Read more

    Affected Products : vantage6
    • Published: Jun. 12, 2025
    • Modified: Jun. 16, 2025
    • Vuln Type: Cryptography

  • 1.7

    LOW
    CVE-2005-1976

    Novell NetMail 3.5.2a, 3.5.2b, and 3.5.2c, when running on Linux, sets the owner and group ID to 500 for certain files, which could allow users or groups with that ID to execute arbitrary code or cause a denial of service by modifying those files.... Read more

    Affected Products : netmail
    • EPSS Score: %0.07
    • Published: Dec. 31, 2005
    • Modified: Apr. 03, 2025

  • 1.7

    LOW
    CVE-2025-43863

    vantage6 is an open source framework built to enable, manage and deploy privacy enhancing technologies like Federated Learning and Multi-Party Computation. If attacker gets access to an authenticated session, they can try to brute-force the user password ... Read more

    Affected Products : vantage6
    • Published: Jun. 12, 2025
    • Modified: Jun. 16, 2025
    • Vuln Type: Authentication

  • 1.7

    LOW
    CVE-2011-2312

    Unspecified vulnerability in Oracle Solaris 10 allows local users to affect confidentiality, related to ZFS.... Read more

    Affected Products : solaris
    • EPSS Score: %0.15
    • Published: Oct. 18, 2011
    • Modified: Apr. 11, 2025

  • 1.7

    LOW
    CVE-2014-2603

    Unspecified vulnerability on HP 8/20q switches, SN6000 switches, and 8Gb Simple SAN Connection Kit with firmware before 8.0.14.08.00 allows remote authenticated users to obtain sensitive information via unknown vectors.... Read more

    • EPSS Score: %0.25
    • Published: May. 10, 2014
    • Modified: Apr. 12, 2025

  • 1.7

    LOW
    CVE-2006-0956

    nuauth in NuFW before 1.0.21 does not properly handle blocking TLS sockets, which allows remote authenticated users to cause a denial of service (service hang) by flooding packets at the authentication server.... Read more

    Affected Products : nufw_firewall
    • EPSS Score: %0.24
    • Published: Mar. 02, 2006
    • Modified: Apr. 03, 2025

  • 1.7

    LOW
    CVE-2007-0294

    Unspecified vulnerability in Oracle Enterprise Manager 10.2.0.1 has unknown impact and attack vectors related to Database Cloning & Data Guard Management, aka EM06.... Read more

    Affected Products : enterprise_manager
    • EPSS Score: %0.37
    • Published: Jan. 17, 2007
    • Modified: Apr. 09, 2025
Showing 20 of 291258 Results