Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 1.2

    LOW
    CVE-2011-2722

    The send_data_to_stdout function in prnt/hpijs/hpcupsfax.cpp in HP Linux Imaging and Printing (HPLIP) 3.x before 3.11.10 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/hpcupsfax.out temporary file.... Read more

    • EPSS Score: %0.03
    • Published: May. 25, 2012
    • Modified: Apr. 11, 2025

  • 1.2

    LOW
    CVE-2011-4028

    The LockServer function in os/utils.c in X.Org xserver before 1.11.2 allows local users to determine the existence of arbitrary files via a symlink attack on a temporary lock file, which is handled differently if the file exists.... Read more

    Affected Products : x_server
    • EPSS Score: %0.11
    • Published: Jul. 03, 2012
    • Modified: Apr. 11, 2025

  • 1.2

    LOW
    CVE-2014-3537

    The web interface in CUPS before 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/.... Read more

    Affected Products : cups ubuntu_linux fedora
    • EPSS Score: %0.05
    • Published: Jul. 23, 2014
    • Modified: Apr. 12, 2025

  • 1.2

    LOW
    CVE-2013-4476

    Samba 4.0.x before 4.0.11 and 4.1.x before 4.1.1, when LDAP or HTTP is provided over SSL, uses world-readable permissions for a private key, which allows local users to obtain sensitive information by reading the key file, as demonstrated by access to the... Read more

    Affected Products : samba
    • EPSS Score: %0.23
    • Published: Nov. 13, 2013
    • Modified: Apr. 11, 2025

  • 1.2

    LOW
    CVE-2006-0050

    snmptrapfmt in Debian 3.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary log file.... Read more

    Affected Products : debian_linux
    • EPSS Score: %0.06
    • Published: Mar. 23, 2006
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2006-5297

    Race condition in the safe_open function in the Mutt mail client 1.5.12 and earlier, when creating temporary files in an NFS filesystem, allows local users to overwrite arbitrary files due to limitations of the use of the O_EXCL flag on NFS filesystems.... Read more

    Affected Products : mutt
    • EPSS Score: %0.08
    • Published: Oct. 16, 2006
    • Modified: Apr. 09, 2025

  • 1.2

    LOW
    CVE-2006-0591

    The crypt_gensalt functions for BSDI-style extended DES-based and FreeBSD-sytle MD5-based password hashes in crypt_blowfish 0.4.7 and earlier do not evenly and randomly distribute salts, which makes it easier for attackers to guess passwords from a stolen... Read more

    Affected Products : crypt_blowfish
    • EPSS Score: %0.09
    • Published: Feb. 08, 2006
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2006-1695

    The fbgs script in the fbi package 2.01-1.4, when the TMPDIR environment variable is not defined, allows local users to overwrite arbitrary files via a symlink attack on temporary files in /var/tmp/fbps-[PID].... Read more

    Affected Products : fbida
    • EPSS Score: %0.07
    • Published: Apr. 11, 2006
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2006-5298

    The mutt_adv_mktemp function in the Mutt mail client 1.5.12 and earlier does not properly verify that temporary files have been created with restricted permissions, which might allow local users to create files with weak permissions via a race condition b... Read more

    Affected Products : mutt
    • EPSS Score: %0.06
    • Published: Oct. 16, 2006
    • Modified: Apr. 09, 2025

  • 1.2

    LOW
    CVE-2001-0138

    privatepw program in wu-ftpd before 2.6.1-6 allows local users to overwrite arbitrary files via a symlink attack.... Read more

    • EPSS Score: %0.08
    • Published: Mar. 12, 2001
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2006-1066

    Linux kernel 2.6.16-rc2 and earlier, when running on x86_64 systems with preemption enabled, allows local users to cause a denial of service (oops) via multiple ptrace tasks that perform single steps, which can cause corruption of the DEBUG_STACK stack du... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.06
    • Published: Mar. 27, 2006
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2006-4232

    Race condition in the grid-proxy-init tool in Globus Toolkit 3.2.x, 4.0.x, and 4.1.0 before 20060815 allows local users to steal credential data by replacing the proxy credentials file in between file creation and the check for exclusive file access.... Read more

    Affected Products : globus_toolkit
    • EPSS Score: %0.07
    • Published: Aug. 18, 2006
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2013-2217

    cache.py in Suds 0.4, when tempdir is set to None, allows local users to redirect SOAP queries and possibly have other unspecified impact via a symlink attack on a cache file with a predictable name in /tmp/suds/.... Read more

    Affected Products : enterprise_linux opensuse suds
    • EPSS Score: %0.07
    • Published: Sep. 23, 2013
    • Modified: Apr. 11, 2025

  • 1.2

    LOW
    CVE-2007-2453

    The random number feature in Linux kernel 2.6 before 2.6.20.13, and 2.6.21.x before 2.6.21.4, (1) does not properly seed pools when there is no entropy, or (2) uses an incorrect cast when extracting entropy, which might cause the random number generator t... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.11
    • Published: Jun. 11, 2007
    • Modified: Apr. 09, 2025

  • 1.2

    LOW
    CVE-2003-0120

    adb2mhc in the mhc-utils package before 0.25+20010625-7.1 allows local users to overwrite arbitrary files via a symlink attack on a default temporary directory with a predictable name.... Read more

    Affected Products : mhc-utils
    • EPSS Score: %0.18
    • Published: Mar. 07, 2003
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2011-3440

    The Passcode Lock feature in Apple iOS before 5.0.1 on the iPad 2 does not properly implement the locked state, which allows physically proximate attackers to access data by opening a Smart Cover during power-off confirmation.... Read more

    Affected Products : iphone_os ipad2
    • EPSS Score: %0.06
    • Published: Nov. 11, 2011
    • Modified: Apr. 11, 2025

  • 1.2

    LOW
    CVE-2009-1707

    Race condition in the Reset Safari implementation in Apple Safari before 4.0 on Windows might allow local users to read stored web-site passwords via unspecified vectors.... Read more

    Affected Products : safari
    • EPSS Score: %0.07
    • Published: Jun. 10, 2009
    • Modified: Apr. 09, 2025

  • 1.2

    LOW
    CVE-2007-0833

    VMware Workstation 5.5.3 34685, when the "Enable copy and paste to and from this virtual machine" option is enabled, preserves clipboard data on the guest operating system after it was deleted on the host operating system, which might allow local users to... Read more

    Affected Products : workstation
    • EPSS Score: %0.05
    • Published: Feb. 07, 2007
    • Modified: Apr. 09, 2025

  • 1.2

    LOW
    CVE-2002-1674

    procfs on FreeBSD before 4.5 allows local users to cause a denial of service (kernel panic) by removing a file that the fstatfs function refers to.... Read more

    Affected Products : freebsd
    • EPSS Score: %0.06
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2002-0760

    Race condition in bzip2 before 1.0.2 in FreeBSD 4.5 and earlier, OpenLinux 3.1 and 3.1.1, and possibly other operating systems, decompresses files with world-readable permissions before setting the permissions to what is specified in the bzip2 archive, wh... Read more

    Affected Products : bzip2
    • EPSS Score: %0.12
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025
Showing 20 of 291222 Results