Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2005-3112

    The "reset password" feature in Macromedia Breeze 5.0 stores passwords in plaintext in the database instead of the hash, which allows attackers with access to the database to obtain the passwords.... Read more

    Affected Products : breeze
    • Published: Sep. 30, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-2750

    Software Update in Mac OS X 10.4.2, when the user marks all updates to be ignored, exits without asking the user to reset the status of the updates, which could prevent important, security-relevant updates from being installed.... Read more

    Affected Products : mac_os_x_server
    • Published: Nov. 01, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-1842

    VCNative for Adobe Version Cue 1.0 and 1.0.1, as used in Creative Suite 1.0 and 1.3, and when running on Mac OS X with Version Cue Workspace, creates temporary log files with predictable names, which allows local users to modify arbitrary files via a syml... Read more

    Affected Products : version_cue
    • Published: Aug. 24, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-1785

    Adobe Document Server for Reader Extensions 6.0 allows remote authenticated users to inject arbitrary web script via a leading (1) ftp or (2) http URI in the ReaderURL variable in the "Update Download Site" section of ads-readerext. NOTE: it is not clear... Read more

    Affected Products : document_server
    • Published: Apr. 13, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-0267

    The (1) inoregupdate, (2) uniftest, or (3) unimove scripts in eTrust InoculateIT for Linux 6.0 allow local users to overwrite arbitrary files via a symlink attack on files in /tmp.... Read more

    Affected Products : inoculateit
    • Published: Nov. 23, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-4380

    MySQL before 4.1.13 allows local users to cause a denial of service (persistent replication slave crash) via a query with multiupdate and subselects.... Read more

    Affected Products : mysql
    • Published: Aug. 28, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-0350

    SpiderSales shopping cart does not enforce a minimum length for the private key, which can make it easier for local users to obtain the private key by factoring.... Read more

    Affected Products : spidersales
    • Published: Nov. 23, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-3119

    Memory leak in the request_key_auth_destroy function in request_key_auth in Linux kernel 2.6.10 up to 2.6.13 allows local users to cause a denial of service (memory consumption) via a large number of authorization token keys.... Read more

    Affected Products : linux_kernel enterprise_linux
    • Published: Oct. 12, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2024-53698

    A double free vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to modify memory. We have already fixed the vulnerability in... Read more

    Affected Products : quts_hero qts
    • Published: Mar. 07, 2025
    • Modified: Mar. 07, 2025
    • Vuln Type: Memory Corruption

  • 2.1

    LOW
    CVE-2008-0889

    Red Hat Directory Server 8.0, when running on Red Hat Enterprise Linux, uses insecure permissions for the redhat-idm-console script, which allows local users to execute arbitrary code by modifying the script.... Read more

    Affected Products : enterprise_linux directory_server
    • Published: Mar. 20, 2008
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2008-1033

    The scheduler in CUPS in Apple Mac OS X 10.5 before 10.5.3, when debug logging is enabled and a printer requires a password, allows attackers to obtain sensitive information (credentials) by reading the log data, related to "authentication environment var... Read more

    Affected Products : cups mac_os_x mac_os_x_server
    • Published: Jun. 02, 2008
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2024-53699

    An out-of-bounds write vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to modify or corrupt memory. We have already fixed ... Read more

    Affected Products : quts_hero qts
    • Published: Mar. 07, 2025
    • Modified: Mar. 07, 2025
    • Vuln Type: Memory Corruption

  • 2.1

    LOW
    CVE-2025-27726

    Improper limitation of a pathname to a restricted directory ('Path Traversal') issue exists in the file download process of the USB storage file-sharing function of HGW-BL1500HM Ver 002.002.003 and earlier. If this vulnerability is exploited, the product'... Read more

    Affected Products :
    • Published: Mar. 28, 2025
    • Modified: Mar. 28, 2025
    • Vuln Type: Path Traversal

  • 2.1

    LOW
    CVE-2025-30371

    Metabase is a business intelligence and embedded analytics tool. Versions prior to v0.52.16.4, v1.52.16.4, v0.53.8, and v1.53.8 are vulnerable to circumvention of local link access protection in GeoJson endpoint. Self hosted Metabase instances that are us... Read more

    Affected Products : metabase
    • Published: Mar. 28, 2025
    • Modified: Mar. 28, 2025
    • Vuln Type: Misconfiguration

  • 2.1

    LOW
    CVE-2024-53697

    An out-of-bounds write vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to modify or corrupt memory. We have already fixed ... Read more

    Affected Products : quts_hero qts
    • Published: Mar. 07, 2025
    • Modified: Mar. 07, 2025
    • Vuln Type: Memory Corruption

  • 2.1

    LOW
    CVE-2001-0156

    VShell SSH gateway 1.0.1 and earlier has a default port forwarding rule of 0.0.0.0/0.0.0.0, which could allow local users to conduct arbitrary port forwarding to other systems.... Read more

    Affected Products : vshell
    • Published: Jun. 02, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-1892

    NETGEAR FVS318 running firmware 1.1 stores the username and password in a readable format when a backup of the configuration file is made, which allows local users to obtain sensitive information.... Read more

    Affected Products : fvs318
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2003-1224

    Weblogic.admin for BEA WebLogic Server and Express 7.0 and 7.0.0.1 displays the JDBCConnectionPoolRuntimeMBean password to the screen in cleartext, which allows attackers to read a user's password by physically observing ("shoulder surfing") the screen.... Read more

    Affected Products : weblogic_server
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2008-3901

    Software suspend 2 2-2.2.1, when used with the Linux kernel 2.6.16, stores pre-boot authentication passwords in the BIOS Keyboard buffer and does not clear this buffer after use, which allows local users to obtain sensitive information by reading the phys... Read more

    Affected Products : linux_kernel software_suspend_2
    • Published: Sep. 03, 2008
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2002-1970

    SnortCenter 0.9.5, when configured to push Snort rules, stores the rules in a temporary file with world-readable and world-writable permissions, which allows local users to obtain usernames and passwords for the alert database servers.... Read more

    Affected Products : snortcenter
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025
Showing 20 of 293544 Results