Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2012-3430

    The rds_recvmsg function in net/rds/recv.c in the Linux kernel before 3.0.44 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a (1) recvfrom or (2) recvmsg sy... Read more

    Affected Products : linux_kernel
    • Published: Oct. 03, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2001-1412

    nidump on MacOS X before 10.3 allows local users to read the encrypted passwords from the password file by specifying passwd as a command line argument.... Read more

    Affected Products : mac_os_x
    • Published: Nov. 17, 2003
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2010-1998

    Cross-site scripting (XSS) vulnerability in the CCK TableField module 6.x before 6.x-1.2 for Drupal allows remote authenticated users, with certain node creation or editing privileges, to inject arbitrary web script or HTML via table headers.... Read more

    Affected Products : drupal tablefield
    • Published: May. 20, 2010
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2009-3402

    Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.1 allows remote authenticated users to affect confidentiality via unknown vectors.... Read more

    Affected Products : e-business_suite
    • Published: Oct. 22, 2009
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2006-5174

    The copy_from_user function in the uaccess code in Linux kernel 2.6 before 2.6.19-rc1, when running on s390, does not properly clear a kernel buffer, which allows local user space programs to read portions of kernel memory by "appending to a file from a b... Read more

    Affected Products : linux_kernel
    • Published: Oct. 10, 2006
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2009-2918

    The tgbvpn.sys driver in TheGreenBow IPSec VPN Client 4.61.003 allows local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted request to the 0x80000034 IOCTL, probably involving an input or output buffer size of ... Read more

    Affected Products : thegreenbow_vpn_client
    • Published: Aug. 21, 2009
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2006-1785

    Adobe Document Server for Reader Extensions 6.0 allows remote authenticated users to inject arbitrary web script via a leading (1) ftp or (2) http URI in the ReaderURL variable in the "Update Download Site" section of ads-readerext. NOTE: it is not clear... Read more

    Affected Products : document_server
    • Published: Apr. 13, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2010-2603

    RIM BlackBerry Desktop Software 4.7 through 6.0 for PC, and 1.0 for Mac, uses a weak password to encrypt a database backup file, which makes it easier for local users to decrypt the file via a brute force attack.... Read more

    • Published: Dec. 17, 2010
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2006-1475

    Windows Firewall in Microsoft Windows XP SP2 does not produce application alerts when an application is executed using the NTFS Alternate Data Streams (ADS) filename:stream syntax, which might allow local users to launch a Trojan horse attack in which the... Read more

    Affected Products : windows_xp
    • Published: Mar. 29, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2009-2796

    The UIKit component in Apple iPhone OS 3.0, and iPhone OS 3.0.1 for iPod touch, allows physically proximate attackers to discover a password by watching a user undo deletions of characters in the password.... Read more

    Affected Products : iphone_os
    • Published: Sep. 10, 2009
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2014-4222

    Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 11.1.1.7.0 and 12.1.2.0 allows remote authenticated users to affect confidentiality via vectors related to plugin 1.1.... Read more

    Affected Products : http_server fusion_middleware
    • Published: Jul. 17, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2009-1292

    UCM-CQ in IBM Rational ClearCase 7.0.0.x before 7.0.0.5, 7.0.1.x before 7.0.1.4, and 7.1.x before 7.1.0.1 on Linux and AIX places a username and password on the command line, which allows local users to obtain credentials by listing the process.... Read more

    Affected Products : aix rational_clearcase unix
    • Published: Apr. 14, 2009
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2006-1342

    net/ipv4/af_inet.c in Linux kernel 2.4 does not clear sockaddr_in.sin_zero before returning IPv4 socket names from the (1) getsockname, (2) getpeername, and (3) accept functions, which allows local users to obtain portions of potentially sensitive memory.... Read more

    Affected Products : linux_kernel enterprise_linux
    • Published: Mar. 21, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-3341

    DHIS tools DNS package (dhis-tools-dns) before 5.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files created by (1) register-q.sh and (2) register-p.sh.... Read more

    Affected Products : dns_package
    • Published: Dec. 27, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2010-1958

    Cross-site scripting (XSS) vulnerability in the FileField module 5.x before 5.x-2.5 and 6.x before 6.x-3.4 for Drupal allows remote authenticated users, with create or edit permissions and 'Path to File' or 'URL to File' display enabled, to inject arbitra... Read more

    Affected Products : drupal filefield
    • Published: Jun. 21, 2010
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2013-1030

    mdmclient in Mobile Device Management in Apple Mac OS X before 10.8.5 places a password on the command line, which allows local users to obtain sensitive information by listing the process.... Read more

    Affected Products : mac_os_x
    • Published: Sep. 16, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2009-1435

    NTRtScan.exe in Trend Micro OfficeScan Client 8.0 SP1 and 8.0 SP1 Patch 1 allows local users to cause a denial of service (application crash) via directories with long pathnames. NOTE: some of these details are obtained from third party information.... Read more

    Affected Products : officescan
    • Published: Apr. 27, 2009
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2010-1995

    Multiple cross-site scripting (XSS) vulnerabilities in index.php in TomatoCMS before 2.0.5 allow remote authenticated users, with "Add new article" privileges, to inject arbitrary web script or HTML via the (1) title, (2) subTitle, and (3) author paramete... Read more

    Affected Products : tomatocms
    • Published: May. 20, 2010
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2006-1526

    Buffer overflow in the X render (Xrender) extension in X.org X server 6.8.0 up to allows attackers to cause a denial of service (crash), as demonstrated by the (1) XRenderCompositeTriStrip and (2) XRenderCompositeTriFan requests in the rendertest from XCB... Read more

    Affected Products : x11r6
    • Published: May. 02, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2014-8133

    arch/x86/kernel/tls.c in the Thread Local Storage (TLS) implementation in the Linux kernel through 3.18.1 allows local users to bypass the espfix protection mechanism, and consequently makes it easier for local users to bypass the ASLR protection mechanis... Read more

    Affected Products : linux_kernel
    • Published: Dec. 17, 2014
    • Modified: Apr. 12, 2025
Showing 20 of 293352 Results