Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2005-1270

    The (1) check_update.sh and (2) rkhunter script in Rootkit Hunter before 1.2.3-r1 create temporary files with predictable file names, which allows local users to overwrite arbitrary files via a symlink attack.... Read more

    Affected Products : rootkit_hunter
    • Published: Apr. 26, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2003-0656

    eroaster before 2.2.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary file that is used as a lockfile.... Read more

    Affected Products : eroaster
    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-2563

    The cURL library (libcurl) in PHP 4.4.2 and 5.1.4 allows attackers to bypass safe mode and read files via a file:// request containing null characters.... Read more

    Affected Products : php
    • Published: May. 29, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2008-3619

    Time Machine in Apple Mac OS X 10.5 through 10.5.4 uses weak permissions for Time Machine Backup log files, which allows local users to obtain sensitive information by reading these files.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • Published: Sep. 16, 2008
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2007-1420

    MySQL 5.x before 5.0.36 allows local users to cause a denial of service (database crash) by performing information_schema table subselects and using ORDER BY to sort a single-row result, which prevents certain structure elements from being initialized and... Read more

    Affected Products : mysql mysql
    • Published: Mar. 12, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2006-0966

    NCP Network Communication Secure Client 8.11 Build 146, and possibly other versions, allows local users to cause a denial of service (CPU consumption) via a large number of arguments to ncprwsnt.exe, possibly due to a buffer overflow.... Read more

    Affected Products : secure_client
    • Published: Mar. 02, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-0977

    The shmem_nopage function in shmem.c for the tmpfs driver in Linux kernel 2.6 does not properly verify the address argument, which allows local users to cause a denial of service (kernel crash) via an invalid address.... Read more

    Affected Products : linux_kernel
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-3069

    xferfaxstats in HylaFax 4.2.1 and earlier allows local users to overwrite arbitrary files via a symlink attack on the xferfax$$ temporary file.... Read more

    Affected Products : hylafax
    • Published: Sep. 27, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-0531

    The atm_get_addr function in addr.c for Linux kernel 2.6.10 and 2.6.11 before 2.6.11-rc4 may allow local users to trigger a buffer overflow via negative arguments.... Read more

    Affected Products : linux_kernel
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-3123

    Multiple integer overflows in the (1) dodecrypt and (2) doencrypt functions in cfs_fh.c in cfsd in Matt Blaze Cryptographic File System (CFS) 1.4.1 before Debian GNU/Linux package 1.4.1-17 allow local users to cause a denial of service (daemon crash) by a... Read more

    Affected Products : cryptographic_file_system
    • Published: Aug. 07, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-3146

    StoreBackup before 1.19 allows local users to perform unauthorized operations on arbitrary files via a symlink attack on temporary files.... Read more

    Affected Products : suse_linux storebackup
    • Published: Oct. 05, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-1859

    Memory leak in __setlease in fs/locks.c in Linux kernel before 2.6.16.16 allows attackers to cause a denial of service (memory consumption) via unspecified actions related to an "uninitialised return value," aka "slab leak."... Read more

    Affected Products : linux_kernel
    • Published: May. 12, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-1855

    choose_new_parent in Linux kernel before 2.6.11.12 includes certain debugging code, which allows local users to cause a denial of service (panic) by causing certain circumstances involving termination of a parent process.... Read more

    Affected Products : linux_kernel
    • Published: May. 18, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-3311

    BMC Software Control-M 6.1.03 for Solaris, and possibly other platforms, allows local users to overwrite arbitrary files via a symlink attack on temporary files.... Read more

    Affected Products : software_control-m_agent
    • Published: Oct. 26, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-2221

    A third-party installer generation tool, possibly BitRock InstallBuilder, as used in products including Process-one ejabberd 1.1.1_1 and earlier, generates an installer that allows local users to cause a denial of service via a symlink attack on the bitro... Read more

    Affected Products : ejabberd install_builder
    • Published: May. 05, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-3295

    Unspecified vulnerability in HP-UX B.11.23 on Itanium platforms allows local users to cause a denial of service due to a "specific stack size."... Read more

    Affected Products : hp-ux
    • Published: Oct. 23, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-1166

    The DNTUS26 process in Dameware NT Utilities and the DWRCS process in MiniRemote Control 4.9 and earlier stores the username and password in cleartext in memory, which could allow attackers to obtain sensitive information.... Read more

    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-4820

    Unspecified vulnerability in X.25 on HP-UX B.11.00, B.11.11, and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors.... Read more

    Affected Products : hp-ux
    • Published: Sep. 15, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2011-0016

    Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha does not properly manage key data in memory, which might allow local users to obtain sensitive information by leveraging the ability to read memory that was previously used by a different process.... Read more

    Affected Products : tor tor
    • Published: Jan. 19, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2006-3495

    AFP Server in Apple Mac OS X 10.3.9 and 10.4.7 stores reconnect keys in a world-readable file, which allows local users to obtain the keys and access files and folders of other users.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • Published: Aug. 02, 2006
    • Modified: Apr. 03, 2025
Showing 20 of 293328 Results