Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2000-0368

    Classic Cisco IOS 9.1 and later allows attackers with access to the login prompt to obtain portions of the command history of previous users, which may allow the attacker to access sensitive data.... Read more

    Affected Products : ios
    • Published: Mar. 12, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2008-5914

    An unspecified function in the JavaScript implementation in Apple Safari creates and exposes a "temporary footprint" when there is a current login to a web site, which makes it easier for remote attackers to trick a user into acting upon a spoofed pop-up ... Read more

    Affected Products : safari
    • Published: Jan. 20, 2009
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2001-1066

    ns6install installation script for Netscape 6.01 on Solaris, and other versions including 6.2.1 beta, allows local users to overwrite arbitrary files via a symlink attack.... Read more

    Affected Products : solaris
    • Published: Aug. 31, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-1709

    Datakey Rainbow iKey2032 USB token, when using the CIP client package, does not encrypt communications between the token and the driver, which could allow local users to obtain the PINs of other users.... Read more

    Affected Products : rainbow_ikey2032_usb_token
    • Published: Aug. 04, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2013-5837

    Unspecified vulnerability in the Oracle Health Sciences InForm component in Oracle Industry Applications 4.6 SP0, 4.6 SP0a-c, 4.6 SP1, 4.6 SP1a-c, 4.6 SP2, 4.6 SP2a-c, 5.0 SP0, 5.0 SP0a, 5.0 SP1, 5.0 SP1a-b, 5.0.3, and 5.0.4 allows remote authenticated us... Read more

    Affected Products : industry_applications
    • Published: Oct. 16, 2013
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2001-0914

    Linux kernel before 2.4.11pre3 in multiple Linux distributions allows local users to cause a denial of service (crash) by starting the core vmlinux kernel, possibly related to poor error checking during ELF loading.... Read more

    Affected Products : linux_kernel suse_linux
    • Published: Nov. 21, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0666

    Outlook Web Access (OWA) in Microsoft Exchange 2000 allows an authenticated user to cause a denial of service (CPU consumption) via a malformed OWA request for a deeply nested folder within the user's mailbox.... Read more

    Affected Products : exchange_server
    • Published: Oct. 30, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-1142

    Recourse ManTrap 1.6 generates an error when an attacker cd's to /proc/self/cwd and executes the pwd command, which allows attackers to determine that they are in a honeypot system.... Read more

    Affected Products : mantrap
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-1140

    Recourse ManTrap 1.6 does not properly hide processes from attackers, which could allow attackers to determine that they are in a honeypot system by comparing the results from kill commands with the process listing in the /proc filesystem.... Read more

    Affected Products : mantrap
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2010-3264

    The engine installer in Novell Identity Manager (aka IDM) 3.6.1 stores admin tree credentials in /tmp/idmInstall.log, which allows local users to obtain sensitive information by reading this file.... Read more

    Affected Products : identity_manager
    • Published: Sep. 08, 2010
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2000-0879

    LPPlus programs dccsched, dcclpdser, dccbkst, dccshut, dcclpdshut, and dccbkstshut are installed setuid root and world executable, which allows arbitrary local users to start and stop various LPD services.... Read more

    Affected Products : lpplus
    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2015-3999

    Piriform CCleaner 3.26.0.1988 through 5.02.5101 writes the filenames to disk when overwriting files, which allows local users to obtain sensitive information by searching unallocated disk space.... Read more

    Affected Products : ccleaner
    • Published: May. 20, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2024-50401

    A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to obtain secret data or modif... Read more

    Affected Products : quts_hero qts
    • Published: Nov. 22, 2024
    • Modified: Nov. 22, 2024

  • 2.1

    LOW
    CVE-2024-50399

    A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to obtain secret data or modif... Read more

    Affected Products : quts_hero qts
    • Published: Nov. 22, 2024
    • Modified: Nov. 22, 2024

  • 2.1

    LOW
    CVE-2024-50349

    Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When Git asks for credentials via a terminal prompt (i.e. without using any credential h... Read more

    Affected Products : git
    • Published: Jan. 14, 2025
    • Modified: Jan. 21, 2025
    • Vuln Type: Information Disclosure

  • 2.1

    LOW
    CVE-2024-50400

    A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to obtain secret data or modif... Read more

    Affected Products : quts_hero qts
    • Published: Nov. 22, 2024
    • Modified: Nov. 22, 2024

  • 2.1

    LOW
    CVE-2024-50403

    A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to obtain secret data or modif... Read more

    Affected Products : quts_hero qts
    • Published: Dec. 06, 2024
    • Modified: Dec. 06, 2024

  • 2.1

    LOW
    CVE-2024-51753

    The AuthKit library for Remix provides convenient helpers for authentication and session management using WorkOS & AuthKit with Remix. In affected versions refresh tokens are logged to the console when the disabled by default `debug` flag, is enabled. Thi... Read more

    Affected Products :
    • Published: Nov. 05, 2024
    • Modified: Nov. 06, 2024

  • 2.1

    LOW
    CVE-2024-50398

    A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to obtain secret data or modif... Read more

    Affected Products : quts_hero qts
    • Published: Nov. 22, 2024
    • Modified: Nov. 22, 2024

  • 2.1

    LOW
    CVE-2005-1841

    The control for Adobe Reader 5.0.9 and 5.0.10 on Linux, Solaris, HP-UX, and AIX creates temporary files with the permissions as specified in a user's umask, which could allow local users to read PDF documents of that user if the umask allows it.... Read more

    Affected Products : acrobat_reader
    • Published: Jul. 07, 2005
    • Modified: Apr. 03, 2025
Showing 20 of 293515 Results