Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2006-6145

    CRYPTOCard CRYPTO-Server before 6.4.56 stores LDAP credentials in plaintext in UninstallerData\installvariables.properties, which has insecure permissions and allows local users to obtain the credentials. NOTE: The provenance of this information is unknow... Read more

    Affected Products : crypto-server
    • Published: Nov. 28, 2006
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2007-3654

    The display driver allocattr functions in NetBSD 3.0 through 4.0_BETA2, and NetBSD-current before 20070728, allow local users to cause a denial of service (panic) via a (1) negative or (2) large value in an ioctl call, as demonstrated by the vga_allocattr... Read more

    Affected Products : netbsd
    • Published: Sep. 17, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2007-3337

    wakeup in Ingres database server 2006 9.0.4, r3, 2.6, and 2.5, as used in multiple CA (Computer Associates) products, allows local users to truncate arbitrary files via a symlink attack on the alarmwkp.def file.... Read more

    Affected Products : database_server
    • Published: Jun. 22, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2007-3107

    The signal handling in the Linux kernel before 2.6.22, including 2.6.2, when running on PowerPC systems using HTX, allows local users to cause a denial of service via unspecified vectors involving floating point corruption and concurrency, related to clea... Read more

    Affected Products : linux_kernel
    • Published: Jul. 10, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2007-3722

    The 4BSD process scheduler in the FreeBSD kernel performs scheduling based on CPU billing gathered from periodic process sampling ticks, which allows local users to cause a denial of service (CPU consumption) by performing voluntary nanosecond sleeps that... Read more

    Affected Products : freebsd
    • Published: Jul. 12, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2006-3725

    Norton Personal Firewall 2006 9.1.0.33 allows local users to cause a denial of service (crash) via certain RegSaveKey, RegRestoreKey and RegDeleteKey operations on the (1) HKLM\SYSTEM\CurrentControlSet\Services\SNDSrvc and (2) HKLM\SYSTEM\CurrentControlSe... Read more

    Affected Products : norton_personal_firewall
    • Published: Jul. 21, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2014-6551

    Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidentiality via vectors related to CLIENT:MYSQLADMIN.... Read more

    • Published: Oct. 15, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2006-5394

    The default configuration of Cisco Secure Desktop (CSD) has an unchecked "Disable printing" box in Secure Desktop Settings, which might allow local users to read data that was sent to a printer during another user's SSL VPN session.... Read more

    Affected Products : secure_desktop
    • Published: Oct. 18, 2006
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2006-3787

    kpf4ss.exe in Sunbelt Kerio Personal Firewall 4.3.x before 4.3.268 does not properly hook the CreateRemoteThread API function, which allows local users to cause a denial of service (crash) and bypass protection mechanisms by calling CreateRemoteThread.... Read more

    Affected Products : personal_firewall
    • Published: Jul. 24, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-3878

    Opsware Network Automation System (NAS) 6.0 installs /etc/init.d/mysql with insecure permissions, which allows local users to read the root password for the MySQL MAX database or gain privileges by modifying /etc/init.d/mysql.... Read more

    Affected Products : network_automation_system
    • Published: Jul. 27, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-5724

    Heap-based buffer overflow the "Answering Service" function in ICQ 2003b Build 3916 allows local users to cause a denial of service (application crash) via a long string in the "AwayMsg Presets" value in the ICQ\ICQPro\DefaultPrefs\Presets registry key.... Read more

    Affected Products : icq
    • Published: Nov. 04, 2006
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2006-5806

    SSL VPN Client in Cisco Secure Desktop before 3.1.1.45, when configured to spawn a web browser after a successful connection, stores sensitive browser session information in a directory outside of the CSD vault and does not restrict the user from saving f... Read more

    Affected Products : secure_desktop
    • Published: Nov. 08, 2006
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2006-3912

    Stack-based buffer overflow in the SFX module in WinRAR before 3.60 beta 8 has unspecified vectors and impact.... Read more

    Affected Products : winrar
    • Published: Jul. 28, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2015-3284

    pioctls in OpenAFS 1.6.x before 1.6.13 allows local users to read kernel memory via crafted commands.... Read more

    Affected Products : openafs
    • Published: Aug. 12, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2006-5303

    Secure Computing SafeWord RemoteAccess 2.1 allows local users to obtain the UserCenter webportal password, database encryption keys, and signing keys by reading (1) base-64 encoded data in SERVERS\Web\Tomcat\usercenter\WEB-INF\login.conf and (2) plaintext... Read more

    Affected Products : safeword_remoteaccess
    • Published: Oct. 17, 2006
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2006-6127

    Apple Mac OS X kernel allows local users to cause a denial of service via a process that uses kevent to register a queue and an event, then fork a child process that uses kevent to register an event for the same queue as the parent.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • Published: Nov. 27, 2006
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2000-0293

    aaa_base in SuSE Linux 6.3, and cron.daily in earlier versions, allow local users to delete arbitrary files by creating files whose names include spaces, which are then incorrectly interpreted by aaa_base when it deletes expired files from the /tmp direct... Read more

    Affected Products : suse_linux
    • Published: May. 02, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-1010

    An SSH 1.2.27 server allows a client to use the "none" cipher, even if it is not allowed by the server policy.... Read more

    Affected Products : openssh
    • Published: Dec. 14, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0281

    Buffer overflow in the Napster client beta 5 allows remote attackers to cause a denial of service via a long message.... Read more

    Affected Products : napster_client
    • Published: Mar. 26, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-1070

    Sage Software MAS 200 allows remote attackers to cause a denial of service by connecting to port 10000 and entering a series of control characters.... Read more

    Affected Products : mas_200
    • Published: Aug. 31, 2001
    • Modified: Apr. 03, 2025
Showing 20 of 292823 Results