Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2005-0985

    Unspecified vulnerability in the Mac OS X kernel before 10.3.8 allows local users to cause a denial of service (temporary hang) via unspecified attack vectors related to the fan control unit (FCU) driver.... Read more

    Affected Products : mac_os_x
    • Published: Dec. 31, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-0991

    RC.BOOT in IBM AIX 5.1, 5.2, and 5.3 does not "use a secure location for temporary files," which allows local users to have an unknown impact, probably by overwriting files.... Read more

    Affected Products : aix
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-3181

    The audit system in Linux kernel 2.6.6, and other versions before 2.6.13.4, when CONFIG_AUDITSYSCALL is enabled, uses an incorrect function to free names_cache memory, which prevents the memory from being tracked by AUDITSYSCALL code and leads to a memory... Read more

    • Published: Oct. 12, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-3238

    Multiple unspecified vulnerabilities in Solaris 10 SCTP Socket Option Processing allows local users to cause a denial of service (panic) via unspecified attack vectors.... Read more

    Affected Products : solaris
    • Published: Oct. 14, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-3012

    The MasterDataCD::createImage function in masterdatacd.cpp for SimpleCDR-X 1.3.3 creates the .temp temporary directory with insecure permissions, which allows local users to read sensitive ISO images.... Read more

    Affected Products : simplecdr-x
    • Published: Sep. 21, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-1814

    NetBSD 1.6, 2.0, 2.1 and 3.0 allows local users to cause a denial of service (memory exhaustion) by using the sysctl system call to lock a large buffer into physical memory.... Read more

    Affected Products : netbsd
    • Published: Apr. 18, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-3268

    yiff server (yiff-server) 2.14.2 on Debian GNU/Linux runs as root and does not properly verify ownership of files that it opens, which allows local users to read arbitrary files.... Read more

    Affected Products : yiff_server
    • Published: Oct. 20, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-1342

    net/ipv4/af_inet.c in Linux kernel 2.4 does not clear sockaddr_in.sin_zero before returning IPv4 socket names from the (1) getsockname, (2) getpeername, and (3) accept functions, which allows local users to obtain portions of potentially sensitive memory.... Read more

    Affected Products : linux_kernel enterprise_linux
    • Published: Mar. 21, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-2093

    The Video Control Panel on SGI O2/IRIX 6.5, when the Default Input is set to "Output Video", allows attackers to access a console session by running videoout then videoin.... Read more

    Affected Products : irix
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-1890

    rhmask 1.0-9 in Red Hat Linux 7.1 allows local users to overwrite arbitrary files via a symlink attack on the mask file.... Read more

    Affected Products : rhmask
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-4175

    Insyde BIOS V190 does not clear the keyboard buffer after reading the BIOS password during system startup, which allows local administrators or users to read the password directly from physical memory.... Read more

    Affected Products : insyde_bios
    • Published: Dec. 11, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-0652

    Unknown vulnerability in HP OpenVMS VAX 7.x and 6.x and OpenVMS Alpha 7.x or 6.x allows local users to access privileged files.... Read more

    Affected Products : openvms
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-1126

    The SIOCGIFCONF ioctl (ifconf function) in FreeBSD 4.x through 4.11 and 5.x through 5.4 does not properly clear a buffer before using it, which allows local users to obtain portions of sensitive kernel memory.... Read more

    Affected Products : freebsd
    • Published: Apr. 15, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-3112

    The "reset password" feature in Macromedia Breeze 5.0 stores passwords in plaintext in the database instead of the hash, which allows attackers with access to the database to obtain the passwords.... Read more

    Affected Products : breeze
    • Published: Sep. 30, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-2230

    Electronic Mail Operator (elmo) 1.3.2-r1 and earlier creates the elmostats temporary file insecurely, which allows local users to overwrite arbitrary files.... Read more

    Affected Products : elmo
    • Published: Jul. 12, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-0757

    The xattr file system code, as backported in Red Hat Enterprise Linux 3 on 64-bit systems, does not properly handle certain offsets, which allows local users to cause a denial of service (system crash) via certain actions on an ext3 file system with exten... Read more

    • Published: May. 18, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-2051

    The processor_web plugin for ModLogAn 0.5.0 through 0.7.11, when used with the splitby option, allows local users to overwrite arbitrary files via a symlink attack on files specified as hostnames in a log file.... Read more

    Affected Products : modlogan
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-2078

    BisonFTP Server V4R1 allows remote authenticated users to cause a denial of service via an invalid command with a long argument.... Read more

    Affected Products : bisonftp
    • Published: Jun. 29, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-2991

    ncompress 4.2.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files using (1) zdiff or (2) zcmp, a different vulnerability than CVE-2004-0970.... Read more

    Affected Products : ncompress
    • Published: Sep. 20, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-2050

    Directory traversal vulnerability in processor_web plugin for ModLogAn 0.5.0 through 0.7.11, when used with the splitby option, allows local users to overwrite arbitrary files via a .. (dot dot) in the hostname of a log entry.... Read more

    Affected Products : modlogan
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025
Showing 20 of 293633 Results