Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2005-2725

    The inputtrap utility in QNX RTOS 6.1.0, 6.3, and possibly earlier versions does not properly check permissions when the -t flag is specified, which allows local users to read arbitrary files.... Read more

    Affected Products : rtos
    • Published: Aug. 30, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-2612

    Novell Client for Windows 4.8 and 4.9 does not restrict access to the clipboard contents while a machine is locked, which allows users with physical access to read the current clipboard contents by pasting them into the "User Name" field on the login prom... Read more

    Affected Products : client
    • Published: May. 26, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-3531

    fusermount in FUSE before 2.4.1, if installed setuid root, allows local users to corrupt /etc/mtab and possibly modify mount options by performing a mount over a directory whose name contains certain special characters.... Read more

    Affected Products : fuse
    • Published: Nov. 23, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-3146

    StoreBackup before 1.19 allows local users to perform unauthorized operations on arbitrary files via a symlink attack on temporary files.... Read more

    Affected Products : suse_linux storebackup
    • Published: Oct. 05, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-0977

    The make_oidjoins_check script in PostgreSQL 7.4.5 and earlier allows local users to overwrite files via a symlink attack on temporary files.... Read more

    • Published: Feb. 09, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-4778

    The powersave daemon in SUSE Linux 10.0 before 20051007 has an unspecified "configuration problem," which allows local users to suspend the computer and possibly perform certain other unauthorized actions.... Read more

    Affected Products : suse_linux suse_sled_beagle
    • Published: Dec. 31, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-0732

    The logging facility of the Debian smtp-refuser package allows local users to delete arbitrary files using symbolic links.... Read more

    Affected Products : debian_linux
    • Published: Aug. 19, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-0365

    The dcopidlng script in KDE 3.2.x and 3.3.x creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack.... Read more

    Affected Products : enterprise_linux kde
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-2663

    masqmail before 0.2.18 allows local users to overwrite arbitrary files via a symlink attack on a log file.... Read more

    Affected Products : masqmail masqmail
    • Published: Sep. 21, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-3356

    The mq_open system call in Linux kernel 2.6.9, in certain situations, can decrement a counter twice ("double decrement") as a result of multiple calls to the mntput function when the dentry_open function call fails, which allows local users to cause a den... Read more

    Affected Products : linux_kernel enterprise_linux
    • Published: Dec. 31, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-2554

    The web server for Network Associates ePolicy Orchestrator Agent 3.5.0 (patch 3) uses insecure permissions for the "Common Framework\Db" folder, which allows local users to read arbitrary files by creating a subfolder in the EPO agent web root directory.... Read more

    Affected Products : epolicy_orchestrator_agent
    • Published: Aug. 12, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-0201

    D-BUS (dbus) before 0.22 does not properly restrict access to a socket, if the socket address is known, which allows local users to listen or send arbitrary messages on another user's per-user session bus via that socket.... Read more

    Affected Products : enterprise_linux d-bus
    • Published: Jun. 29, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-3179

    drm.c in Linux kernel 2.6.10 to 2.6.13 creates a debug file in sysfs with world-readable and world-writable permissions, which allows local users to enable DRM debugging and obtain sensitive information.... Read more

    Affected Products : linux_kernel
    • Published: Oct. 12, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-1016

    The scm_send function in the scm layer for Linux kernel 2.4.x up to 2.4.28, and 2.6.x up to 2.6.9, allows local users to cause a denial of service (system hang) via crafted auxiliary messages that are passed to the sendmsg function, which causes a deadloc... Read more

    Affected Products : linux_kernel ubuntu_linux
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-1032

    fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to delete arbitrary files or create arbitrary empty files via a target filename with a large number of leading slash (/) characters such that fcronsighup does not properly... Read more

    Affected Products : linux fcron
    • Published: Mar. 01, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2007-5751

    Liferea before 1.4.6 uses weak permissions (0644) for the feedlist.opml backup file, which allows local users to obtain credentials.... Read more

    Affected Products : liferea
    • Published: Oct. 31, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2005-0072

    zhcon before 0.2 does not drop privileges before reading a user configuration file, which allows local users to read arbitrary files.... Read more

    Affected Products : zhcon
    • Published: Jan. 24, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-1400

    Unknown vulnerabilities in the UDP port allocation for Linux kernel before 2.2.19 could allow local users to cause a denial of service (deadlock).... Read more

    Affected Products : linux_kernel linux
    • Published: Apr. 17, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2003-0461

    /proc/tty/driver/serial in Linux 2.4.x reveals the exact number of characters used in serial links, which could allow local users to obtain potentially sensitive information such as the length of passwords.... Read more

    Affected Products : linux
    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2012-2679

    Red Hat Network (RHN) Configuration Client (rhncfg-client) in rhncfg before 5.10.27-8 uses weak permissions (world-readable) for /var/log/rhncfg-actions, which allows local users to obtain sensitive information about the rhncfg-client actions by reading t... Read more

    Affected Products : rhncfg
    • Published: Oct. 22, 2012
    • Modified: Apr. 11, 2025
Showing 20 of 293639 Results