Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 1.2

    LOW
    CVE-2005-1368

    The key_user_lookup function in security/keys/key.c in Linux kernel 2.6.10 to 2.6.11.8 may allow attackers to cause a denial of service (oops) via SMP.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.07
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2004-2473

    wmFrog weather monitor 0.1.6 and other versions before 0.2.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files.... Read more

    Affected Products : wmfrog
    • EPSS Score: %0.03
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2006-3551

    NCP Secure Enterprise Client (aka VPN/PKI client) 8.30 Build 59, and possibly earlier versions, when the Link Firewall and Personal Firewall are both configured to block all inbound and outbound network traffic, allows context-dependent attackers to send ... Read more

    Affected Products : secure_client
    • EPSS Score: %0.07
    • Published: Jul. 13, 2006
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2025-48382

    Fess is a deployable Enterprise Search Server. Prior to version 14.19.2, the createTempFile() method in org.codelibs.fess.helper.SystemHelper creates temporary files without explicitly setting restrictive permissions. This could lead to potential informat... Read more

    Affected Products : fess
    • Published: May. 27, 2025
    • Modified: May. 28, 2025

  • 1.2

    LOW
    CVE-2024-49751

    Press, a Frappe custom app that runs Frappe Cloud, manages infrastructure, subscription, marketplace, and software-as-a-service (SaaS). Prior to commit 5d118a902872d7941f099ad1fb918e2421e79ccd, a user could inject HTML through SaaS signup inputs. The user... Read more

    Affected Products :
    • Published: Oct. 23, 2024
    • Modified: Oct. 25, 2024

  • 1.2

    LOW
    CVE-2002-0141

    Maelstrom GPL 3.0.1 allows local users to overwrite arbitrary files of other Maelstrom users via a symlink attack on the /tmp/f file.... Read more

    Affected Products : maelstrom_gpl
    • EPSS Score: %0.19
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2000-0154

    The ARCserve agent in UnixWare allows local attackers to modify arbitrary files via a symlink attack.... Read more

    Affected Products : unixware
    • EPSS Score: %0.29
    • Published: Feb. 16, 2000
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2000-1045

    nss_ldap earlier than 121, when run with nscd (name service caching daemon), allows remote attackers to cause a denial of service via a flood of LDAP requests.... Read more

    Affected Products : nss_ldap
    • EPSS Score: %0.28
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2005-1396

    Race condition in Ce/Ceterm (aka ARPUS/Ce) 2.5.4 and earlier allows local users to write to arbitrary files via a symlink attack on the ce_edit_log temporary file.... Read more

    Affected Products : ce_ceterm
    • EPSS Score: %0.17
    • Published: May. 03, 2005
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2000-0371

    The libmediatool library used for the KDE mediatool allows local users to create arbitrary files via a symlink attack.... Read more

    Affected Products : kde
    • EPSS Score: %0.07
    • Published: Mar. 01, 1999
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2011-4415

    The ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, does not restrict the size of values of environment variables, which allows local users to cause a d... Read more

    Affected Products : http_server
    • EPSS Score: %0.77
    • Published: Nov. 08, 2011
    • Modified: Apr. 11, 2025

  • 1.2

    LOW
    CVE-2011-1781

    SystemTap 1.4, when unprivileged (aka stapusr) mode is enabled, allows local users to cause a denial of service (divide-by-zero error and OOPS) via a crafted ELF program with DWARF expressions that are not properly handled by a stap script that performs s... Read more

    Affected Products : systemtap
    • EPSS Score: %0.06
    • Published: Aug. 29, 2011
    • Modified: Apr. 11, 2025

  • 1.2

    LOW
    CVE-2001-0120

    useradd program in shadow-utils program may allow local users to overwrite arbitrary files via a symlink attack.... Read more

    Affected Products : linux mandrake_linux immunix
    • EPSS Score: %0.07
    • Published: Mar. 12, 2001
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2006-4232

    Race condition in the grid-proxy-init tool in Globus Toolkit 3.2.x, 4.0.x, and 4.1.0 before 20060815 allows local users to steal credential data by replacing the proxy credentials file in between file creation and the check for exclusive file access.... Read more

    Affected Products : globus_toolkit
    • EPSS Score: %0.07
    • Published: Aug. 18, 2006
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2001-0119

    getty_ps 2.0.7j allows local users to overwrite arbitrary files via a symlink attack.... Read more

    Affected Products : linux mandrake_linux immunix
    • EPSS Score: %0.07
    • Published: Mar. 12, 2001
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2002-0760

    Race condition in bzip2 before 1.0.2 in FreeBSD 4.5 and earlier, OpenLinux 3.1 and 3.1.1, and possibly other operating systems, decompresses files with world-readable permissions before setting the permissions to what is specified in the bzip2 archive, wh... Read more

    Affected Products : bzip2
    • EPSS Score: %0.12
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2002-1674

    procfs on FreeBSD before 4.5 allows local users to cause a denial of service (kernel panic) by removing a file that the fstatfs function refers to.... Read more

    Affected Products : freebsd
    • EPSS Score: %0.06
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2007-0833

    VMware Workstation 5.5.3 34685, when the "Enable copy and paste to and from this virtual machine" option is enabled, preserves clipboard data on the guest operating system after it was deleted on the host operating system, which might allow local users to... Read more

    Affected Products : workstation
    • EPSS Score: %0.05
    • Published: Feb. 07, 2007
    • Modified: Apr. 09, 2025

  • 1.2

    LOW
    CVE-2004-2231

    Zero G Software InstallAnywhere 5.0.6, 5.0.7, and earlier allows local users to overwrite arbitrary files via a symlink attack on the (1) persistent_state or (2) env.properties.X temporary files.... Read more

    Affected Products : installanywhere
    • EPSS Score: %0.10
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2003-1073

    A race condition in the at command for Solaris 2.6 through 9 allows local users to delete arbitrary files via the -r argument with .. (dot dot) sequences in the job name, then modifying the directory structure after at checks permissions to delete the fil... Read more

    Affected Products : solaris sunos
    • EPSS Score: %0.16
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025
Showing 20 of 291160 Results