Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2011-1832

    utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not properly check mountpoint permissions, which allows local users to remove directories via a umount system call.... Read more

    Affected Products : ecryptfs_utils ecryptfs-utils
    • Published: Feb. 15, 2014
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2011-1500

    PreferencesPithosDialog.py in Pithos 0.3.7 does not properly restrict permissions for the .config/pithos.ini file in a user's home directory, which allows local users to obtain Pandora credentials by reading this file.... Read more

    Affected Products : pithos
    • Published: Apr. 13, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2011-1834

    utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not properly maintain the mtab file during error conditions, which allows local users to cause a denial of service (table corruption) or bypass intended unmounting restrictions via a umount s... Read more

    Affected Products : ecryptfs_utils ecryptfs-utils
    • Published: Feb. 15, 2014
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2005-0124

    The coda_pioctl function in the coda functionality (pioctl.c) for Linux kernel 2.6.9 and 2.4.x before 2.4.29 may allow local users to cause a denial of service (crash) or execute arbitrary code via negative vi.in_size or vi.out_size values, which may trig... Read more

    Affected Products : linux_kernel
    • Published: Apr. 14, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2008-3789

    Samba 3.2.0 uses weak permissions (0666) for the (1) group_mapping.tdb and (2) group_mapping.ldb files, which allows local users to modify the membership of Unix groups.... Read more

    Affected Products : samba
    • Published: Aug. 27, 2008
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2009-3612

    The tcf_fill_node function in net/sched/cls_api.c in the netlink subsystem in the Linux kernel 2.6.x before 2.6.32-rc5, and 2.4.37.6 and earlier, does not initialize a certain tcm__pad2 structure member, which might allow local users to obtain sensitive i... Read more

    • Published: Oct. 19, 2009
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2006-1860

    lease_init in fs/locks.c in Linux kernel before 2.6.16.16 allows attackers to cause a denial of service (fcntl_setlease lockup) via actions that cause lease_init to free a lock that might not have been allocated on the stack.... Read more

    Affected Products : linux_kernel
    • Published: May. 12, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2009-0518

    VI Client in VMware VirtualCenter before 2.5 Update 4, VMware ESXi 3.5 before Update 4, and VMware ESX 3.5 before Update 4 retains the VirtualCenter Server password in process memory, which might allow local users to obtain this password.... Read more

    • Published: Apr. 06, 2009
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2008-0740

    IBM WebSphere Application Server (WAS) before 6.0.2 Fix Pack 25 (6.0.2.25) and 6.1 before Fix Pack 15 (6.1.0.15) writes unspecified cleartext information to http_plugin.log, which might allow local users to obtain sensitive information by reading this fil... Read more

    Affected Products : websphere_application_server
    • Published: Feb. 13, 2008
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2006-0456

    The strnlen_user function in Linux kernel before 2.6.16 on IBM S/390 can return an incorrect value, which allows local users to cause a denial of service via unknown vectors.... Read more

    Affected Products : linux_kernel enterprise_linux
    • Published: Jun. 27, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2007-2797

    xterm, including 192-7.el4 in Red Hat Enterprise Linux and 208-3.1 in Debian GNU/Linux, sets the wrong group ownership of tty devices, which allows local users to write data to other users' terminals.... Read more

    Affected Products : enterprise_linux debian_linux xterm
    • Published: Aug. 27, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2008-0010

    The copy_from_user_mmap_sem function in fs/splice.c in the Linux kernel 2.6.22 through 2.6.24 does not validate a certain userspace pointer before dereference, which allow local users to read from arbitrary kernel memory locations.... Read more

    Affected Products : linux_kernel
    • Published: Feb. 12, 2008
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2006-5004

    Unspecified vulnerability in the rdist command in IBM AIX 5.2.0 and 5.3.0 allows local users to overwrite arbitrary files via unspecified vectors.... Read more

    Affected Products : aix
    • Published: Sep. 27, 2006
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2006-0582

    Unspecified vulnerability in rshd in Heimdal 0.6.x before 0.6.6 and 0.7.x before 0.7.2, when storing forwarded credentials, allows attackers to overwrite arbitrary files and change file ownership via unknown vectors.... Read more

    Affected Products : heimdal
    • Published: Feb. 08, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-1608

    The copy function in file.c in PHP 4.4.2 and 5.1.2 allows local users to bypass safe mode and read arbitrary files via a source argument containing a compress.zlib:// URI.... Read more

    Affected Products : php
    • Published: Apr. 10, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-4049

    Unspecified vulnerability in the utxconfig utility in Sun Ray Server Software 3.x allows local users to create or overwrite arbitrary files via unknown attack vectors.... Read more

    Affected Products : ray_server_software
    • Published: Aug. 09, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-4187

    Unspecified vulnerability in HP-UX B.11.00, B.11.11 and B.11.23, when running in trusted mode, allows local users to cause a denial of service via unspecified vectors.... Read more

    Affected Products : hp-ux
    • Published: Aug. 17, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-3815

    heartbeat.c in heartbeat before 2.0.6 sets insecure permissions in a shmget call for shared memory, which allows local users to cause an unspecified denial of service via unknown vectors, possibly during a short time window on startup.... Read more

    Affected Products : heartbeat
    • Published: Jul. 25, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2007-5549

    Unspecified vulnerability in Command EXEC in Cisco IOS allows local users to bypass command restrictions and obtain sensitive information via an unspecified "variation of an IOS command" involving "two different methods", aka CSCsk16129. NOTE: as of 2007... Read more

    Affected Products : ios
    • Published: Oct. 18, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2007-5373

    ldapscripts 1.4 and 1.7 sends a password as a command line argument when calling some LDAP programs, which might allow local users to read the password by listing the process and its arguments, as demonstrated by a call to ldappasswd in the _changepasswor... Read more

    Affected Products : ldapscripts
    • Published: Oct. 11, 2007
    • Modified: Apr. 09, 2025
Showing 20 of 293262 Results