Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2003-0175

    SGI IRIX before 6.5.21 allows local users to cause a denial of service (kernel panic) via a certain call to the PIOCSWATCH ioctl.... Read more

    Affected Products : irix
    • EPSS Score: %0.10
    • Published: Feb. 03, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-2022

    ActivePerl 5.8.x and others, and Larry Wall's Perl 5.6.1 and others, when running on Windows systems, allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long argument to the system command, which leads to a sta... Read more

    Affected Products : activeperl
    • EPSS Score: %1.74
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2007-5470

    Microsoft Expression Media stores the catalog password in cleartext in the catalog IVC file, which allows local users to obtain sensitive information and gain access to the catalog by reading the IVC file.... Read more

    Affected Products : expression_media
    • EPSS Score: %1.25
    • Published: Oct. 16, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2012-1640

    Multiple cross-site scripting (XSS) vulnerabilities in the Managesite module 6.x-1.x before 6.1-1.1 for Drupal allow remote authenticated users with "administer managesite" permissions to inject arbitrary web script or HTML via the title parameter when (1... Read more

    Affected Products : drupal managesite
    • EPSS Score: %0.25
    • Published: Sep. 19, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2013-3273

    EMC RSA Authentication Manager 8.0 before P2 and 7.1 before SP4 P26, as used in Appliance 3.0, does not omit the cleartext administrative password from trace logging in custom SDK applications, which allows local users to obtain sensitive information by r... Read more

    • EPSS Score: %0.05
    • Published: Jul. 08, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2005-1774

    WEB-DAV Linux File System (davfs2) 0.2.3 does not properly enforce Unix permissions, which allows local users to write arbitrary files on a davfs2 mounted filesystem.... Read more

    Affected Products : davfs2
    • EPSS Score: %0.05
    • Published: May. 31, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-2280

    syslogd on OpenBSD 2.9 through 3.2 does not change the source IP address of syslog packets when the machine's IP addressed is changed without rebooting, e.g. via ifconfig, which can cause incorrect information to be sent to the syslog server.... Read more

    Affected Products : openbsd
    • EPSS Score: %0.07
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2014-9418

    The eSpace Meeting ActiveX control (eSpaceStatusCtrl.dll) in Huawei eSpace Desktop before V200R001C03 allows local users to cause a denial of service (memory overflow) via unspecified vectors.... Read more

    Affected Products : espace_desktop
    • EPSS Score: %0.23
    • Published: Dec. 24, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2004-2169

    Application Access Server (A-A-S) 1.0.37 and earlier allows remote authenticated users to cause a denial of service (application crash) via a long file request.... Read more

    Affected Products : a-a-s_application_access_server
    • EPSS Score: %0.23
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-1499

    named in ISC BIND 4.9 and 8.1 allows local users to destroy files via a symlink attack on (1) named_dump.db when root kills the process with a SIGINT, or (2) named.stats when SIGIOT is used.... Read more

    Affected Products : bind
    • EPSS Score: %0.19
    • Published: Apr. 10, 1998
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-1407

    ifdhcpc-done script for configuring DHCP on Red Hat Linux 5 allows local users to append text to arbitrary files via a symlink attack on the dhcplog file.... Read more

    Affected Products : linux
    • EPSS Score: %0.14
    • Published: Mar. 09, 1998
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-0828

    The ctstrtcasd program in RSCT 2.3.0.0 and earlier on IBM AIX 5.2 and 5.3 does not properly drop privileges before executing the -f option, which allows local users to modify or create arbitrary files.... Read more

    Affected Products : aix
    • EPSS Score: %0.08
    • Published: Nov. 03, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-1540

    shell-lock in Cactus Software Shell Lock uses weak encryption (trivial encoding) which allows attackers to easily decrypt and obtain the source code.... Read more

    Affected Products : shell-lock
    • EPSS Score: %0.07
    • Published: Oct. 04, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2009-2207

    The MobileMail component in Apple iPhone OS 3.0 and 3.0.1, and iPhone OS 3.0 for iPod touch, lists deleted e-mail messages in Spotlight search results, which might allow local users to obtain sensitive information by reading these messages.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.06
    • Published: Sep. 10, 2009
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-1999-1173

    Corel Word Perfect 8 for Linux creates a temporary working directory with world-writable permissions, which allows local users to (1) modify Word Perfect behavior by modifying files in the working directory, or (2) modify files of other users via a symlin... Read more

    Affected Products : wordperfect
    • EPSS Score: %0.14
    • Published: Dec. 18, 1998
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-4352

    The securelevels implementation in NetBSD 2.1 and earlier, and Linux 2.6.15 and earlier, allows local users to bypass time setting restrictions and set the clock backwards by setting the clock ahead to the maximum unixtime value (19 Jan 2038), which then ... Read more

    Affected Products : linux_kernel netbsd
    • EPSS Score: %0.11
    • Published: Dec. 31, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-0907

    sccw allows local users to read arbitrary files.... Read more

    Affected Products : soundcard_cw
    • EPSS Score: %0.12
    • Published: Sep. 16, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2008-3067

    sudo in SUSE openSUSE 10.3 does not clear the stdin buffer when password entry times out, which might allow local users to obtain a password by reading stdin from the parent process after a sudo child process exits.... Read more

    Affected Products : opensuse opensuse
    • EPSS Score: %0.06
    • Published: Jul. 07, 2008
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2004-2135

    cryptoloop on Linux kernel 2.6.x, when used on certain file systems with a block size 1024 or greater, has certain "IV computation" weaknesses that allow watermarked files to be detected without decryption.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.46
    • Published: May. 26, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2011-2327

    Unspecified vulnerability in the Oracle Communications Unified component in Oracle Sun Products Suite 7.0 allows local users to affect confidentiality via unknown vectors related to Delegated Administrator.... Read more

    Affected Products : sun_products_suite
    • EPSS Score: %0.18
    • Published: Oct. 18, 2011
    • Modified: Apr. 11, 2025
Showing 20 of 292228 Results