Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 1.7

    LOW
    CVE-2025-43866

    vantage6 is an open-source infrastructure for privacy preserving analysis. The JWT secret key in the vantage6 server is auto-generated unless defined by the user. The auto-generated key is a UUID1, which is not cryptographically secure as it is predictabl... Read more

    Affected Products : vantage6
    • Published: Jun. 12, 2025
    • Modified: Jun. 16, 2025
    • Vuln Type: Cryptography

  • 1.7

    LOW
    CVE-2011-0796

    Unspecified vulnerability in the Applications Install component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows local users to affect confidentiality via unknown vectors.... Read more

    Affected Products : e-business_suite
    • EPSS Score: %0.08
    • Published: Apr. 20, 2011
    • Modified: Apr. 11, 2025

  • 1.7

    LOW
    CVE-2009-0905

    IBM WebSphere MQ 6.0 before 6.0.2.8 and 7.0 before 7.0.1.0 does not properly handle long group names, which might allow local users to gain privileges by leveraging combinations of group names with the same initial substring.... Read more

    Affected Products : websphere_mq
    • EPSS Score: %0.05
    • Published: Oct. 30, 2011
    • Modified: Apr. 11, 2025

  • 1.7

    LOW
    CVE-2006-6655

    The procfs implementation in NetBSD-current before 20061023, NetBSD 3.0 and 3.0.1 before 20061024, and NetBSD 2.x before 20061029 allows local users to cause a denial of service (kernel panic) by attempting to access /emul/linux/proc/0/stat on a procfs fi... Read more

    Affected Products : netbsd
    • EPSS Score: %0.06
    • Published: Dec. 20, 2006
    • Modified: Apr. 09, 2025

  • 1.7

    LOW
    CVE-2013-5874

    Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, and 12.2.2 allows local users to affect confidentiality via unknown vectors related to Logging.... Read more

    Affected Products : e-business_suite
    • EPSS Score: %0.08
    • Published: Jan. 15, 2014
    • Modified: Apr. 11, 2025

  • 1.7

    LOW
    CVE-2006-6107

    Unspecified vulnerability in the match_rule_equal function in bus/signals.c in D-Bus before 1.0.2 allows local applications to remove match rules for other applications and cause a denial of service (lost process messages).... Read more

    Affected Products : d-bus
    • EPSS Score: %0.10
    • Published: Dec. 14, 2006
    • Modified: Apr. 09, 2025

  • 1.7

    LOW
    CVE-2006-1601

    Unspecified vulnerability in SunPlex Manager in Sun Cluster 3.1 4/04 allows local users with solaris.cluster.gui authorization to view arbitrary files via unspecified vectors.... Read more

    Affected Products : cluster
    • EPSS Score: %0.07
    • Published: Apr. 04, 2006
    • Modified: Apr. 03, 2025

  • 1.7

    LOW
    CVE-2025-43863

    vantage6 is an open source framework built to enable, manage and deploy privacy enhancing technologies like Federated Learning and Multi-Party Computation. If attacker gets access to an authenticated session, they can try to brute-force the user password ... Read more

    Affected Products : vantage6
    • Published: Jun. 12, 2025
    • Modified: Jun. 16, 2025
    • Vuln Type: Authentication

  • 1.7

    LOW
    CVE-2011-2312

    Unspecified vulnerability in Oracle Solaris 10 allows local users to affect confidentiality, related to ZFS.... Read more

    Affected Products : solaris
    • EPSS Score: %0.15
    • Published: Oct. 18, 2011
    • Modified: Apr. 11, 2025

  • 1.7

    LOW
    CVE-2011-0790

    Unspecified vulnerability in Oracle Solaris 9 and 10 allows local users to affect confidentiality via unknown vectors related to wbem.... Read more

    Affected Products : sunos solaris
    • EPSS Score: %0.05
    • Published: Apr. 20, 2011
    • Modified: Apr. 11, 2025

  • 1.7

    LOW
    CVE-2012-3215

    Unspecified vulnerability in Oracle Sun Solaris 10 and 11, when running on SPARC, allows local users to affect confidentiality via unknown vectors related to Kernel.... Read more

    Affected Products : sunos solaris
    • EPSS Score: %0.06
    • Published: Oct. 17, 2012
    • Modified: Apr. 11, 2025

  • 1.7

    LOW
    CVE-2008-1754

    Symantec Altiris Deployment Solution before 6.9.164 stores the Deployment Solution Agent (aka AClient) password in cleartext in memory, which allows local users to obtain sensitive information by dumping the AClient.exe process memory.... Read more

    Affected Products : altiris_deployment_solution
    • EPSS Score: %0.08
    • Published: Apr. 11, 2008
    • Modified: Apr. 09, 2025

  • 1.7

    LOW
    CVE-2010-3406

    Unspecified vulnerability in sa_snap in the bos.esagent fileset in IBM AIX 5.3 allows local users to leverage system group membership and delete files via unknown vectors.... Read more

    Affected Products : aix
    • EPSS Score: %0.06
    • Published: Sep. 16, 2010
    • Modified: Apr. 11, 2025

  • 1.7

    LOW
    CVE-2011-2291

    Unspecified vulnerability in Oracle Solaris 10 allows local users to affect confidentiality via unknown vectors related to Trusted Extensions.... Read more

    Affected Products : sunos solaris
    • EPSS Score: %0.06
    • Published: Jul. 21, 2011
    • Modified: Apr. 11, 2025

  • 1.7

    LOW
    CVE-2012-0075

    Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect integrity via unknown vectors.... Read more

    Affected Products : mysql mysql
    • EPSS Score: %0.42
    • Published: Jan. 18, 2012
    • Modified: Apr. 11, 2025

  • 1.7

    LOW
    CVE-2006-6510

    An unspecified ActiveX control in SiteKiosk before 6.5.150 is installed "safe for scripting", which allows local users to bypass security protections and read arbitrary files via certain functions.... Read more

    Affected Products : sitekiosk
    • EPSS Score: %0.08
    • Published: Dec. 14, 2006
    • Modified: Apr. 09, 2025

  • 1.7

    LOW
    CVE-2006-0386

    FileVault in Mac OS X 10.4.5 and earlier does not properly mount user directories when creating a FileVault image, which allows local users to access protected files when FileVault is enabled.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • EPSS Score: %0.07
    • Published: Mar. 03, 2006
    • Modified: Apr. 03, 2025

  • 1.7

    LOW
    CVE-2014-1444

    The fst_get_iface function in drivers/net/wan/farsync.c in the Linux kernel before 3.11.7 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN ca... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.05
    • Published: Jan. 18, 2014
    • Modified: Apr. 11, 2025

  • 1.7

    LOW
    CVE-2007-3700

    Sun Java System Access Manager (formerly Java System Identity Server) before 20070710, when the message debug level is configured in the com.iplanet.services.debug.level property in AMConfig.properties, logs cleartext login passwords, which allows local u... Read more

    Affected Products : java_system_access_manager
    • EPSS Score: %0.06
    • Published: Jul. 11, 2007
    • Modified: Apr. 09, 2025

  • 1.7

    LOW
    CVE-2007-0288

    Unspecified vulnerability in Oracle Application Server 10.1.4.0 has unknown impact and attack vectors related to Oracle Internet Directory, aka OID01.... Read more

    Affected Products : application_server
    • EPSS Score: %0.37
    • Published: Jan. 17, 2007
    • Modified: Apr. 09, 2025
Showing 20 of 291275 Results