Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2004-1179

    The debstd script in debmake 3.6.x before 3.6.10 and 3.7.x before 3.7.7 allows local users to overwrite arbitrary files via a symlink attack on temporary directories.... Read more

    Affected Products : debmake
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-3311

    BMC Software Control-M 6.1.03 for Solaris, and possibly other platforms, allows local users to overwrite arbitrary files via a symlink attack on temporary files.... Read more

    Affected Products : software_control-m_agent
    • Published: Oct. 26, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-0482

    Linux kernel 2.6.15.1 and earlier, when running on SPARC architectures, allows local users to cause a denial of service (hang) via a "date -s" command, which causes invalid sign extended arguments to be provided to the get_compat_timespec function call.... Read more

    Affected Products : linux_kernel
    • Published: Jan. 31, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-0966

    NCP Network Communication Secure Client 8.11 Build 146, and possibly other versions, allows local users to cause a denial of service (CPU consumption) via a large number of arguments to ncprwsnt.exe, possibly due to a buffer overflow.... Read more

    Affected Products : secure_client
    • Published: Mar. 02, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-0072

    zhcon before 0.2 does not drop privileges before reading a user configuration file, which allows local users to read arbitrary files.... Read more

    Affected Products : zhcon
    • Published: Jan. 24, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-2554

    The web server for Network Associates ePolicy Orchestrator Agent 3.5.0 (patch 3) uses insecure permissions for the "Common Framework\Db" folder, which allows local users to read arbitrary files by creating a subfolder in the EPO agent web root directory.... Read more

    Affected Products : epolicy_orchestrator_agent
    • Published: Aug. 12, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-2948

    KillProcess 2.20 and earlier allows local users to bypass kill list restrictions by launching multiple processes at the same time, which are not all killed by KillProcess.... Read more

    Affected Products : killprocess
    • Published: Sep. 16, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-2509

    Unknown vulnerability in loginwindow in Mac OS X 10.4.2 and earlier, when Fast User Switching is enabled, allows attackers to log into other accounts if they know the passwords to at least two accounts.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • Published: Aug. 19, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-4589

    Spb Kiosk Engine 1.0.0.1 stores the administrator's passcode in the registry in plaintext, which allows local users to obtain the passcode.... Read more

    Affected Products : kiosk_engine
    • Published: Dec. 30, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-1166

    The DNTUS26 process in Dameware NT Utilities and the DWRCS process in MiniRemote Control 4.9 and earlier stores the username and password in cleartext in memory, which could allow attackers to obtain sensitive information.... Read more

    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-1286

    Buffer overflow in the login dialog in dbisqlc.exe in SQLAnywhere for Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost Solutions Suite (SGSS) 1.0, might allow local users to read certain sensitive information from the database.... Read more

    Affected Products : ghost_solutions_suite norton_ghost
    • Published: Mar. 19, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-4691

    imake in NetBSD before 2.0.3, NetBSD-current before 12 September 2005, certain versions of X.Org, and certain versions of XFree86 allows local users to overwrite arbitrary files via a symlink attack on the temporary file for the file.0 target, which is us... Read more

    Affected Products : netbsd
    • Published: Dec. 31, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-1050

    Kwik-Pay Payroll 4.2.20, and possibly other versions, stores the KwikPay.mdb database file with insecure permissions, which allows local users to obtain sensitive information such as employment and payment data. NOTE: the provenance of this information i... Read more

    Affected Products : kwik-pay_payroll
    • Published: Mar. 07, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-3179

    drm.c in Linux kernel 2.6.10 to 2.6.13 creates a debug file in sysfs with world-readable and world-writable permissions, which allows local users to enable DRM debugging and obtain sensitive information.... Read more

    Affected Products : linux_kernel
    • Published: Oct. 12, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-0531

    The atm_get_addr function in addr.c for Linux kernel 2.6.10 and 2.6.11 before 2.6.11-rc4 may allow local users to trigger a buffer overflow via negative arguments.... Read more

    Affected Products : linux_kernel
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-0432

    Unspecified vulnerability in BEA WebLogic Server and WebLogic Express 9.0, when an Administrator uses the WebLogic Administration Console to add custom security policies, causes incorrect policies to be created, which prevents the server from properly pro... Read more

    Affected Products : weblogic_server
    • Published: Jan. 25, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0416

    sgml-tools (aka sgmltools) before 1.0.9-15 creates temporary files with insecure permissions, which allows other users to read files that are being processed by sgml-tools.... Read more

    Affected Products : linux mandrake_linux immunix sgml-tools
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-0380

    A logic error in FreeBSD kernel 5.4-STABLE and 6.0 causes the kernel to calculate an incorrect buffer length, which causes more data to be copied to userland than intended, which could allow local users to read portions of kernel memory.... Read more

    Affected Products : freebsd
    • Published: Jan. 25, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-3146

    StoreBackup before 1.19 allows local users to perform unauthorized operations on arbitrary files via a symlink attack on temporary files.... Read more

    Affected Products : suse_linux storebackup
    • Published: Oct. 05, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-0201

    D-BUS (dbus) before 0.22 does not properly restrict access to a socket, if the socket address is known, which allows local users to listen or send arbitrary messages on another user's per-user session bus via that socket.... Read more

    Affected Products : enterprise_linux d-bus
    • Published: Jun. 29, 2005
    • Modified: Apr. 03, 2025
Showing 20 of 293544 Results