Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2004-2477

    DiamondCS Process Guard Free 2.000 allows local users to disable the process guard protection system by overwriting the current Service Descriptor Table (SDT) in \device\physicalmemory with the original SDT found in ntoskrnl.exe.... Read more

    Affected Products : process_guard_free
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-2751

    memberd in Mac OS X 10.4 up to 10.4.2, in certain situations, does not quickly synchronize access control checks with changes in group membership, which could allow users to access files and other resources after they have been removed from a group.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • Published: Nov. 01, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-2454

    aMSN 0.90 for Microsoft Windows allows local users to obtain sensitive information such as hashed passwords from (1) hotlog.htm and (2) config.xml.... Read more

    Affected Products : amsn
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-0596

    PHP 4 (PHP4) allows attackers to cause a denial of service (daemon crash) by using the readfile function on a file whose size is a multiple of the page size.... Read more

    Affected Products : php
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-2664

    Whisper 32 1.16, and possibly earlier versions, stores passwords in plaintext in memory, which allows local users to obtain the password using a debugger or another mechanism to read process memory.... Read more

    Affected Products : whisper32
    • Published: Aug. 23, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-0580

    cmd5checkpw, when running setuid, does not properly drop privileges before calling the execvp function, which allows local users to read the poppasswd file.... Read more

    Affected Products : cmd5checkpw
    • Published: Feb. 25, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-3575

    Unknown vulnerability in the Buffer Overflow Protection in McAfee VirusScan Enterprise 8.0.0 allows local users to cause a denial of service (unstable operation) via a long string in the (1) "Process name", (2) "Module name", or (3) "API name" fields.... Read more

    Affected Products : virusscan
    • Published: Jul. 13, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-0625

    reportbug 3.2 includes settings from .reportbugrc in bug reports, which exposes sensitive information such as smtpuser and smtppasswd.... Read more

    Affected Products : reportbug
    • Published: Feb. 28, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-1126

    The SIOCGIFCONF ioctl (ifconf function) in FreeBSD 4.x through 4.11 and 5.x through 5.4 does not properly clear a buffer before using it, which allows local users to obtain portions of sensitive kernel memory.... Read more

    Affected Products : freebsd
    • Published: Apr. 15, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-0530

    Signedness error in the copy_from_read_buf function in n_tty.c for Linux kernel 2.6.10 and 2.6.11rc1 allows local users to read kernel memory via a negative argument.... Read more

    Affected Products : linux_kernel
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-1526

    Buffer overflow in the X render (Xrender) extension in X.org X server 6.8.0 up to allows attackers to cause a denial of service (crash), as demonstrated by the (1) XRenderCompositeTriStrip and (2) XRenderCompositeTriFan requests in the rendertest from XCB... Read more

    Affected Products : x11r6
    • Published: May. 02, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-1475

    Windows Firewall in Microsoft Windows XP SP2 does not produce application alerts when an application is executed using the NTFS Alternate Data Streams (ADS) filename:stream syntax, which might allow local users to launch a Trojan horse attack in which the... Read more

    Affected Products : windows_xp
    • Published: Mar. 29, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-1976

    ifconfig, when used on the Linux kernel 2.2 and later, does not report when the network interface is in promiscuous mode if it was put in promiscuous mode using PACKET_MR_PROMISC, which could allow attackers to sniff the network without detection, as demo... Read more

    Affected Products : linux_kernel
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-1549

    PHP 4.4.2 and 5.1.2 allows local users to cause a crash (segmentation fault) by defining and executing a recursive function. NOTE: it has been reported by a reliable third party that some later versions are also affected.... Read more

    Affected Products : php
    • Published: Apr. 10, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-2400

    WinFTP Server 1.6 stores username and password credentials in plaintext in the data\user.wfd file, which allows local users to gain access to the credentials.... Read more

    Affected Products : winftp_server
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-0991

    RC.BOOT in IBM AIX 5.1, 5.2, and 5.3 does not "use a secure location for temporary files," which allows local users to have an unknown impact, probably by overwriting files.... Read more

    Affected Products : aix
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-2864

    URBAN 1.5.3_1 allows local users to overwrite arbitrary files via a symlink attack on the (1) high score or (2) save game files.... Read more

    Affected Products : urban
    • Published: Sep. 08, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-4787

    AlphaMail before 1.0.16 allows local users to obtain sensitive information via the logging functionality, which displays unencrypted passwords in an error message. NOTE: some details are obtained from third party information.... Read more

    Affected Products : alphamail
    • Published: Sep. 14, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2008-1431

    RaidSonic NAS-4220-B with 2.6.0-n(2007-10-11) firmware stores a partition encryption key in an unencrypted /system/.crypt file with base64 encoding, which allows local users to obtain the key.... Read more

    Affected Products : firmware nas-4220-b
    • Published: Mar. 20, 2008
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2007-5470

    Microsoft Expression Media stores the catalog password in cleartext in the catalog IVC file, which allows local users to obtain sensitive information and gain access to the catalog by reading the IVC file.... Read more

    Affected Products : expression_media
    • Published: Oct. 16, 2007
    • Modified: Apr. 09, 2025
Showing 20 of 293592 Results