Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2004-1179

    The debstd script in debmake 3.6.x before 3.6.10 and 3.7.x before 3.7.7 allows local users to overwrite arbitrary files via a symlink attack on temporary directories.... Read more

    Affected Products : debmake
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-0916

    AIO in the Linux kernel 2.6.11 on the PPC64 or IA64 architectures with CONFIG_HUGETLB_PAGE enabled allows local users to cause a denial of service (system panic) via a process that executes the io_queue_init function but exits without running io_queue_rel... Read more

    Affected Products : linux_kernel enterprise_linux
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-2451

    Cisco IOS 12.0 through 12.4 and IOS XR before 3.2, with IPv6 enabled, allows remote attackers on a local network segment to cause a denial of service (device reload) and possibly execute arbitrary code via a crafted IPv6 packet.... Read more

    Affected Products : ios ios_xr
    • Published: Aug. 03, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-1424

    StumbleInside GoText 1.01 stores sensitive username, mail address,and phone number information in plaintext in the GoText.bin file, which allows local users to obtain that information.... Read more

    Affected Products : gotext
    • Published: May. 03, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-2300

    Skype 1.1.0.20 and earlier allows local users to overwrite arbitrary files via a symlink attack on the skype_profile.jpg temporary file.... Read more

    Affected Products : skype
    • Published: Jul. 19, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-3531

    fusermount in FUSE before 2.4.1, if installed setuid root, allows local users to corrupt /etc/mtab and possibly modify mount options by performing a mount over a directory whose name contains certain special characters.... Read more

    Affected Products : fuse
    • Published: Nov. 23, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-2663

    masqmail before 0.2.18 allows local users to overwrite arbitrary files via a symlink attack on a log file.... Read more

    Affected Products : masqmail masqmail
    • Published: Sep. 21, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-3319

    The apache2handler SAPI (sapi_apache2.c) in the Apache module (mod_php) for PHP 5.x before 5.1.0 final and 4.4 before 4.4.1 final allows attackers to cause a denial of service (segmentation fault) via the session.save_path option in a .htaccess file or Vi... Read more

    Affected Products : php
    • Published: Oct. 27, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-1270

    The (1) check_update.sh and (2) rkhunter script in Rootkit Hunter before 1.2.3-r1 create temporary files with predictable file names, which allows local users to overwrite arbitrary files via a symlink attack.... Read more

    Affected Products : rootkit_hunter
    • Published: Apr. 26, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-1981

    Unspecified vulnerability in Java InputMethods on Mac OS X 10.4.5 may cause InputMethods to send input events for secure fields to the wrong text field, which might reveal the password to others who can view the screen.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • Published: Apr. 21, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2010-2522

    The mipv6 daemon in UMIP 0.4 does not verify that netlink messages originated in the kernel, which allows local users to spoof netlink socket communication via a crafted unicast message.... Read more

    Affected Products : umip
    • Published: Jul. 13, 2010
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2005-0072

    zhcon before 0.2 does not drop privileges before reading a user configuration file, which allows local users to read arbitrary files.... Read more

    Affected Products : zhcon
    • Published: Jan. 24, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2007-5751

    Liferea before 1.4.6 uses weak permissions (0644) for the feedlist.opml backup file, which allows local users to obtain credentials.... Read more

    Affected Products : liferea
    • Published: Oct. 31, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2006-3878

    Opsware Network Automation System (NAS) 6.0 installs /etc/init.d/mysql with insecure permissions, which allows local users to read the root password for the MySQL MAX database or gain privileges by modifying /etc/init.d/mysql.... Read more

    Affected Products : network_automation_system
    • Published: Jul. 27, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-1767

    traps.c in the Linux kernel 2.6.x and 2.4.x executes stack segment faults on an exception stack, which allows local users to cause a denial of service (oops and stack fault exception).... Read more

    • Published: Aug. 05, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-2612

    Novell Client for Windows 4.8 and 4.9 does not restrict access to the clipboard contents while a machine is locked, which allows users with physical access to read the current clipboard contents by pasting them into the "User Name" field on the login prom... Read more

    Affected Products : client
    • Published: May. 26, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-0135

    The unw_unwind_to_user function in unwind.c on Itanium (ia64) architectures in Linux kernel 2.6 allows local users to cause a denial of service (system crash).... Read more

    Affected Products : linux_kernel
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-1997

    Unspecified vulnerability in Sybase Pylon Anywhere groupware synchronization server before 7.0 allows local users to obtain sensitive information such as email and PIM data of another user via unknown attack vectors.... Read more

    Affected Products : pylon_anywhere
    • Published: Apr. 25, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-3725

    Norton Personal Firewall 2006 9.1.0.33 allows local users to cause a denial of service (crash) via certain RegSaveKey, RegRestoreKey and RegDeleteKey operations on the (1) HKLM\SYSTEM\CurrentControlSet\Services\SNDSrvc and (2) HKLM\SYSTEM\CurrentControlSe... Read more

    Affected Products : norton_personal_firewall
    • Published: Jul. 21, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-1166

    The DNTUS26 process in Dameware NT Utilities and the DWRCS process in MiniRemote Control 4.9 and earlier stores the username and password in cleartext in memory, which could allow attackers to obtain sensitive information.... Read more

    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025
Showing 20 of 293562 Results