Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2000-0345

    The on-line help system options in Cisco routers allows non-privileged users without "enabled" access to obtain sensitive information via the show command.... Read more

    • Published: May. 03, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0263

    The X font server xfs in Red Hat Linux 6.x allows an attacker to cause a denial of service via a malformed request.... Read more

    Affected Products : linux
    • Published: Apr. 16, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-0294

    Alcatel 4400 installs the /chetc/shutdown command with setgid privileges, which allows many different local users to shut down the system.... Read more

    Affected Products : omnipcx
    • Published: May. 31, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0438

    Preview version of Timbuktu for Mac OS X allows local users to modify System Preferences without logging in via the About Timbuktu menu.... Read more

    Affected Products : timbuktu_mac
    • Published: Jul. 02, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2008-3899

    TrueCrypt 5.0 stores pre-boot authentication passwords in the BIOS Keyboard buffer and does not clear this buffer before and after use, which allows local users to obtain sensitive information by reading the physical memory locations associated with this ... Read more

    Affected Products : truecrypt
    • Published: Sep. 03, 2008
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2000-0461

    The undocumented semconfig system call in BSD freezes the state of semaphores, which allows local users to cause a denial of service of the semaphore system by using the semconfig call.... Read more

    Affected Products : freebsd netbsd
    • Published: May. 29, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-2275

    Fortres 101 4.1 allows local users to bypass Fortres by pressing the Windows and "F" key together for 30 seconds, which opens multiple windows and eventually causes explorer.exe to crash, which then opens an unrestricted explorer.exe.... Read more

    Affected Products : fortres
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-1754

    Buffer overflow in Novell NetWare Client 4.80 through 4.83 allows local users to cause a denial of service (crash) by using ping, traceroute, or a similar utility to force the client to resolve a large hostname.... Read more

    Affected Products : netware_client
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-2412

    Winamp 2.80 stores authentication credentials in plaintext in the (1) [HTTP-AUTH] and (2) [winamp] sections in winamp.ini, which allows local users to gain access to other accounts.... Read more

    Affected Products : winamp
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-2050

    Directory traversal vulnerability in processor_web plugin for ModLogAn 0.5.0 through 0.7.11, when used with the splitby option, allows local users to overwrite arbitrary files via a .. (dot dot) in the hostname of a log entry.... Read more

    Affected Products : modlogan
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-1550

    CentraOne 5.2 and Centra ASP with basic authentication enabled creates world-writable base64 encoded log files, which allows local users to obtain cleartext passwords from decoded log files and impersonate users.... Read more

    Affected Products : asp centraone smart_connect
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0076

    nviboot boot script in the Debian nvi package allows local users to delete files via malformed entries in vi.recover.... Read more

    Affected Products : debian_linux nvi
    • Published: Dec. 30, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-1399

    Certain operations in Linux kernel before 2.2.19 on the x86 architecture copy the wrong number of bytes, which might allow attackers to modify memory, aka "User access asm bug on x86."... Read more

    Affected Products : linux_kernel linux
    • Published: Apr. 17, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0373

    The default configuration of the Dr. Watson program in Windows NT and Windows 2000 generates user.dmp crash dump files with world-readable permissions, which could allow a local user to gain access to sensitive information.... Read more

    Affected Products : windows_2000 windows_nt
    • Published: Jun. 18, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-0795

    The rc system startup script for FreeBSD 4 through 4.5 allows local users to delete arbitrary files via a symlink attack on X Windows lock files.... Read more

    Affected Products : freebsd
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0624

    QNX 2.4 allows a local user to read arbitrary files by directly accessing the mount point for the FAT disk partition, e.g. /fs-dos.... Read more

    Affected Products : qnx
    • Published: Aug. 02, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-2028

    The screensaver on Windows NT 4.0, 2000, XP, and 2002 does not verify if a domain account has already been locked when a valid password is provided, which makes it easier for users with physical access to conduct brute force password guessing.... Read more

    Affected Products : windows_2000 windows_xp windows_nt
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2003-0679

    Unknown vulnerability in the libcpr library for the Checkpoint/Restart (cpr) system on SGI IRIX 6.5.21f and earlier allows local users to truncate or overwrite certain files.... Read more

    Affected Products : irix
    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0073

    Buffer overflow in the find_default_type function in libsecure in NSA Security-enhanced Linux, which may allow attackers to modify critical data in memory.... Read more

    Affected Products : security-enhanced_linux
    • Published: Feb. 12, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2003-1174

    Buffer overflow in NullSoft Shoutcast Server 1.9.2 allows local users to cause a denial of service via (1) icy-name followed by a long server name or (2) icy-url followed by a long URL.... Read more

    Affected Products : shoutcast_server
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025
Showing 20 of 293645 Results