Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2001-0417

    Kerberos 4 (aka krb4) allows local users to overwrite arbitrary files via a symlink attack on new ticket files.... Read more

    Affected Products : kerberos_5 kerberos
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-1332

    gzexe in the gzip package on Red Hat Linux 5.0 and earlier allows local users to overwrite files of other users via a symlink attack on a temporary file.... Read more

    Affected Products : linux
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0351

    Microsoft Windows 2000 telnet service allows a local user to make a certain system call that allows the user to terminate a Telnet session and cause a denial of service.... Read more

    Affected Products : windows_2000
    • Published: Jul. 21, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-0662

    scrollkeeper-get-cl in ScrollKeeper 0.3 to 0.3.11 allows local users to create and overwrite files via a symlink attack on the scrollkeeper-tempfile.x temporary files.... Read more

    Affected Products : linux scrollkeeper
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-0144

    Denial of service in Qmail by specifying a large number of recipients with the RCPT command.... Read more

    Affected Products : qmail
    • Published: Jun. 01, 1997
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0378

    readline prior to 4.1, in OpenBSD 2.8 and earlier, creates history files with insecure permissions, which allows a local attacker to recover potentially sensitive information via readline history files.... Read more

    Affected Products : openbsd
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0544

    IIS 5.0 allows local users to cause a denial of service (hang) via by installing content that produces a certain invalid MIME Content-Type header, which corrupts the File Type table.... Read more

    Affected Products : internet_information_services
    • Published: Oct. 30, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0300

    oidldapd 2.1.1.1 in Oracle 8.1.7 records log files in a directory (ldaplog) that has world-writable permissions, which may allow local users to delete logs and/or overwrite other files via a symlink attack.... Read more

    Affected Products : internet_directory
    • Published: Jun. 02, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2014-4974

    The ESET Personal Firewall NDIS filter (EpFwNdis.sys) kernel mode driver, aka Personal Firewall module before Build 1212 (20140609), as used in multiple ESET products 5.0 through 7.0, allows local users to obtain sensitive information from kernel memory v... Read more

    Affected Products : personal_firewall_ndis_filter
    • Published: Nov. 04, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2002-0214

    Compaq Intel PRO/Wireless 2011B LAN USB Device Driver 1.5.16.0 through 1.5.18.0 stores the 128-bit WEP (Wired Equivalent Privacy) key in plaintext in a registry key with weak permissions, which allows local users to decrypt network traffic by reading the ... Read more

    • Published: May. 16, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2010-2975

    Cisco Unified Wireless Network (UWN) Solution 7.x through 7.0.98.0 does not properly handle multiple SSH sessions, which allows physically proximate attackers to read a password, related to an "arrow key failure," aka Bug ID CSCtg51544.... Read more

    • Published: Aug. 10, 2010
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2004-2502

    im-switch before 11.4-46.1 in Fedora Core 2 allows local users to overwrite arbitrary files via a symlink attack on the imswitcher[PID] temporary file.... Read more

    Affected Products : im-switch
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2010-1294

    Unspecified vulnerability in Adobe ColdFusion 8.0, 8.0.1, and 9.0 allows local users to obtain sensitive information via unknown vectors.... Read more

    Affected Products : coldfusion
    • Published: May. 13, 2010
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2004-1689

    sudoedit (aka sudo -e) in sudo 1.6.8 opens a temporary file with root privileges, which allows local users to read arbitrary files via a symlink attack on the temporary file before quitting sudoedit.... Read more

    Affected Products : sudo
    • Published: Sep. 16, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-0957

    MajorCool mj_key_cache program allows local users to modify files via a symlink attack.... Read more

    Affected Products : majorcool
    • Published: Jun. 18, 1997
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0832

    Vulnerability in Oracle 8.0.x through 9.0.1 on Unix allows local users to overwrite arbitrary files, possibly via a symlink attack or incorrect file permissions in (1) the ORACLE_HOME/rdbms/log directory or (2) an alternate directory as specified in the O... Read more

    Affected Products : database_server
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-0327

    SGI syserr program allows local users to corrupt files.... Read more

    Affected Products : irix
    • Published: Nov. 01, 1997
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2009-3488

    Cross-site scripting (XSS) vulnerability in the Bibliography (aka Biblio) module 6.x-1.6 for Drupal allows remote authenticated users, with certain content-creation privileges, to inject arbitrary web script or HTML via the Title field, probably a differe... Read more

    Affected Products : drupal bibliography
    • Published: Sep. 30, 2009
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2004-2276

    F-Secure Anti-Virus 5.41 and 5.42 on Windows, Client Security 5.50 and 5.52, 4.60 for Samba Servers, and 4.52 and earlier for Linux does not properly detect certain viruses in a PKZip archive, which allows viruses such as Sober.D and Sober.G to bypass ini... Read more

    Affected Products : f-secure_anti-virus
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2008-4646

    The Websense Reporter Module in Websense Enterprise 6.3.2 stores the SQL database system administrator password in plaintext in CreateDbInstall.log, which allows local users to gain privileges to the database.... Read more

    Affected Products : enterpise
    • Published: Oct. 22, 2008
    • Modified: Apr. 09, 2025
Showing 20 of 293186 Results