Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 1.5

    LOW
    CVE-2013-4355

    Xen 4.3.x and earlier does not properly handle certain errors, which allows local HVM guests to obtain hypervisor stack memory via a (1) port or (2) memory mapped I/O write or (3) other unspecified operations related to addresses without associated memory... Read more

    Affected Products : xen
    • EPSS Score: %0.09
    • Published: Oct. 01, 2013
    • Modified: Apr. 11, 2025

  • 1.5

    LOW
    CVE-2007-3381

    The GDM daemon in GNOME Display Manager (GDM) before 2.14.13, 2.16.x before 2.16.7, 2.18.x before 2.18.4, and 2.19.x before 2.19.5 does not properly handle NULL return values from the g_strsplit function, which allows local users to cause a denial of serv... Read more

    Affected Products : gdm
    • EPSS Score: %0.08
    • Published: Aug. 07, 2007
    • Modified: Apr. 09, 2025

  • 1.4

    LOW
    CVE-2016-0618

    Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality via unknown vectors related to Zones.... Read more

    Affected Products : solaris
    • EPSS Score: %0.08
    • Published: Jan. 21, 2016
    • Modified: Apr. 12, 2025

  • 1.4

    LOW
    CVE-2014-2485

    Unspecified vulnerability in the Siebel Core - EAI component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows local users to affect confidentiality via unknown vectors related to Integration Business Services.... Read more

    Affected Products : siebel_crm
    • EPSS Score: %0.18
    • Published: Jul. 17, 2014
    • Modified: Apr. 12, 2025

  • 1.3

    LOW
    CVE-2015-5464

    The Gemalto SafeNet Luna HSM allows remote authenticated users to bypass intended key-export restrictions by leveraging (1) crypto-user or (2) crypto-officer access to an HSM partition.... Read more

    • EPSS Score: %0.06
    • Published: Jul. 22, 2015
    • Modified: Apr. 12, 2025

  • 1.3

    LOW
    CVE-2025-53904

    The Scratch Channel is a news website that is under development as of time of this writing. The file `/api/admin.js` contains code that could make the website vulnerable to cross-site scripting. No known patches exist as of time of publication.... Read more

    Affected Products :
    • Published: Jul. 16, 2025
    • Modified: Jul. 17, 2025
    • Vuln Type: Cross-Site Scripting

  • 1.3

    LOW
    CVE-2025-53903

    The Scratch Channel is a news website that is under development as of time of this writing. The file `/api/users.js` doesn't properly sanitize text box inputs, leading to a potential vulnerability to cross-site scripting attacks. Commit 90b39eb56b27b2bac2... Read more

    Affected Products :
    • Published: Jul. 15, 2025
    • Modified: Jul. 15, 2025
    • Vuln Type: Cross-Site Scripting

  • 1.3

    LOW
    CVE-2011-2242

    Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.2.0.1 and 11.2.0.2 allows local users to affect confidentiality, related to XML DB FTP.... Read more

    Affected Products : database_server
    • EPSS Score: %0.30
    • Published: Jul. 20, 2011
    • Modified: Apr. 11, 2025

  • 1.3

    LOW
    CVE-2025-46826

    insa-auth is an authentication server for INSA Rouen. A minor issue allowed third-party websites to access the server's secondary authentication bridge, potentially revealing basic student information (name and number). However, the issue posed minimal ri... Read more

    Affected Products :
    • Published: May. 07, 2025
    • Modified: May. 08, 2025
    • Vuln Type: Information Disclosure

  • 1.3

    LOW
    CVE-2025-53374

    Dokploy is a self-hostable Platform as a Service (PaaS) that simplifies the deployment and management of applications and databases. An authenticated low-privileged account can retrieve detailed profile information about another users in the same organiza... Read more

    Affected Products :
    • Published: Jul. 07, 2025
    • Modified: Jul. 08, 2025
    • Vuln Type: Information Disclosure

  • 1.2

    LOW
    CVE-2003-0120

    adb2mhc in the mhc-utils package before 0.25+20010625-7.1 allows local users to overwrite arbitrary files via a symlink attack on a default temporary directory with a predictable name.... Read more

    Affected Products : mhc-utils
    • EPSS Score: %0.18
    • Published: Mar. 07, 2003
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2005-0448

    Race condition in the rmtree function in File::Path.pm in Perl before 5.8.4 allows local users to create arbitrary setuid binaries in the tree being deleted, a different vulnerability than CVE-2004-0452.... Read more

    Affected Products : perl
    • EPSS Score: %0.08
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2005-3011

    The sort_offline function for texindex in texinfo 4.8 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files.... Read more

    Affected Products : texinfo
    • EPSS Score: %0.04
    • Published: Sep. 21, 2005
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2006-1066

    Linux kernel 2.6.16-rc2 and earlier, when running on x86_64 systems with preemption enabled, allows local users to cause a denial of service (oops) via multiple ptrace tasks that perform single steps, which can cause corruption of the DEBUG_STACK stack du... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.06
    • Published: Mar. 27, 2006
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2001-0119

    getty_ps 2.0.7j allows local users to overwrite arbitrary files via a symlink attack.... Read more

    Affected Products : linux mandrake_linux immunix
    • EPSS Score: %0.07
    • Published: Mar. 12, 2001
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2005-2666

    SSH, as implemented in OpenSSH before 4.0 and possibly other implementations, stores hostnames, IP addresses, and keys in plaintext in the known_hosts file, which makes it easier for an attacker that has compromised an SSH user's account to generate a lis... Read more

    Affected Products : openssh
    • EPSS Score: %0.15
    • Published: Aug. 23, 2005
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2001-0120

    useradd program in shadow-utils program may allow local users to overwrite arbitrary files via a symlink attack.... Read more

    Affected Products : linux mandrake_linux immunix
    • EPSS Score: %0.07
    • Published: Mar. 12, 2001
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2014-3537

    The web interface in CUPS before 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/.... Read more

    Affected Products : cups ubuntu_linux fedora
    • EPSS Score: %0.05
    • Published: Jul. 23, 2014
    • Modified: Apr. 12, 2025

  • 1.2

    LOW
    CVE-2005-1368

    The key_user_lookup function in security/keys/key.c in Linux kernel 2.6.10 to 2.6.11.8 may allow attackers to cause a denial of service (oops) via SMP.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.07
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2013-2217

    cache.py in Suds 0.4, when tempdir is set to None, allows local users to redirect SOAP queries and possibly have other unspecified impact via a symlink attack on a cache file with a predictable name in /tmp/suds/.... Read more

    Affected Products : enterprise_linux opensuse suds
    • EPSS Score: %0.07
    • Published: Sep. 23, 2013
    • Modified: Apr. 11, 2025
Showing 20 of 291216 Results