Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2002-0080

    rsync, when running in daemon mode, does not properly call setgroups before dropping privileges, which could provide supplemental group privileges to local users, who could then read certain files that would otherwise be disallowed.... Read more

    Affected Products : rsync linux
    • Published: Mar. 15, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2011-4110

    The user_update function in security/keys/user_defined.c in the Linux kernel 2.6 allows local users to cause a denial of service (NULL pointer dereference and kernel oops) via vectors related to a user-defined key and "updating a negative key into a fully... Read more

    Affected Products : linux_kernel
    • Published: Jan. 27, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2001-1397

    The System V (SYS5) shared memory implementation for Linux kernel before 2.2.19 could allow attackers to modify recently freed memory.... Read more

    Affected Products : linux_kernel linux
    • Published: Apr. 17, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2012-5560

    The default configuration in mate-settings-daemon 1.5.3 allows local users to change the timezone for the system via a crafted D-Bus call.... Read more

    Affected Products : mate-settings-daemon
    • Published: May. 30, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2001-1394

    Signedness error in (1) getsockopt and (2) setsockopt for Linux kernel before 2.2.19 allows local users to cause a denial of service.... Read more

    Affected Products : linux_kernel linux
    • Published: Apr. 17, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2013-2237

    The key_notify_policy_flush function in net/key/af_key.c in the Linux kernel before 3.9 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory by reading a broadcast message from th... Read more

    Affected Products : linux_kernel
    • Published: Jul. 04, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2001-0235

    Vulnerability in crontab allows local users to read crontab files of other users by replacing the temporary file that is being edited while crontab is running.... Read more

    Affected Products : debian_linux
    • Published: Mar. 26, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0809

    Vulnerability in CIFS/9000 Server (SAMBA) A.01.06 and earlier in HP-UX 11.0 and 11.11, when configured as a print server, allows local users to overwrite arbitrary files by modifying certain resources.... Read more

    Affected Products : hp-ux
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2011-2146

    mount.vmhgfs in the VMware Host Guest File System (HGFS) in VMware Workstation 7.1.x before 7.1.4, VMware Player 3.1.x before 3.1.4, VMware Fusion 3.1.x before 3.1.3, VMware ESXi 3.5 through 4.1, and VMware ESX 3.0.3 through 4.1 allows guest OS users to d... Read more

    Affected Products : esx esxi player workstation fusion
    • Published: Jun. 06, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2011-3435

    Open Directory in Apple Mac OS X 10.7 before 10.7.2 allows local users to read the password data of arbitrary users via unspecified vectors.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • Published: Oct. 14, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-1999-0524

    ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts.... Read more

    Affected Products : linux_kernel aix ios macos hp-ux mac_os_x solaris netware windows tru64 +4 more products
    • Published: Aug. 01, 1997
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2011-0524

    Multiple buffer overflows in the NMEA parser (nmea-gen.c) in gypsy 0.8 allow local users to cause a denial of service (crash) via unspecified vectors related to the sprintf function.... Read more

    Affected Products : gypsy
    • Published: Aug. 13, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2011-0412

    Oracle Solaris 8, 9, and 10 stores back-out patch files (undo.Z) unencrypted with world-readable permissions under /var/sadm/pkg/, which allows local users to obtain password hashes and conduct brute force password guessing attacks.... Read more

    Affected Products : sunos solaris
    • Published: Apr. 19, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2002-0389

    Pipermail in Mailman stores private mail messages with predictable filenames in a world-executable directory, which allows local users to read private mailing list archives.... Read more

    Affected Products : mailman
    • Published: Jun. 18, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-1056

    The Linux kernel before 2.6.16.9 and the FreeBSD kernel, when running on AMD64 and other 7th and 8th generation AuthenticAMD processors, only save/restore the FOP, FIP, and FDP x87 registers in FXSAVE/FXRSTOR when an exception is pending, which allows one... Read more

    Affected Products : linux_kernel enterprise_linux freebsd
    • Published: Apr. 20, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2013-4393

    journald in systemd, when the origin of native messages is set to file, allows local users to cause a denial of service (logging service blocking) via a crafted file descriptor.... Read more

    Affected Products : systemd systemd
    • Published: Oct. 28, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2012-3214

    Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.7.0 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters.... Read more

    Affected Products : fusion_middleware
    • Published: Oct. 17, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2011-1500

    PreferencesPithosDialog.py in Pithos 0.3.7 does not properly restrict permissions for the .config/pithos.ini file in a user's home directory, which allows local users to obtain Pandora credentials by reading this file.... Read more

    Affected Products : pithos
    • Published: Apr. 13, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2015-1127

    The private-browsing implementation in WebKit in Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5 places browsing history into an index, which might allow local users to obtain sensitive information by reading index entries.... Read more

    Affected Products : safari
    • Published: Apr. 10, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2012-3178

    Unspecified vulnerability in the kernel in Oracle Sun Solaris 11 allows local users to affect availability via unknown vectors.... Read more

    Affected Products : sunos solaris
    • Published: Jan. 17, 2013
    • Modified: Apr. 11, 2025
Showing 20 of 293621 Results