Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2006-3912

    Stack-based buffer overflow in the SFX module in WinRAR before 3.60 beta 8 has unspecified vectors and impact.... Read more

    Affected Products : winrar
    • EPSS Score: %1.00
    • Published: Jul. 28, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-5851

    openexec in OpenBase SQL before 10.0.1 allows local users to create arbitrary files via a symlink attack on the /tmp/output file, a different vulnerability than CVE-2006-5328.... Read more

    Affected Products : openbase
    • EPSS Score: %0.16
    • Published: Nov. 10, 2006
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2007-5827

    iSCSI Enterprise Target (iscsitarget) 0.4.15 uses weak permissions for /etc/ietd.conf, which allows local users to obtain passwords.... Read more

    Affected Products : debian_linux iscsitarget
    • EPSS Score: %0.05
    • Published: Nov. 05, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2007-6267

    Citrix EdgeSight 4.2 and 4.5 for Presentation Server, EdgeSight 4.2 and 4.5 for Endpoints, and EdgeSight for NetScaler 1.0 and 1.1 do not properly store database credentials in configuration files, which allows local users to obtain sensitive information.... Read more

    • EPSS Score: %0.08
    • Published: Dec. 07, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2007-6680

    Trusted Execution in IBM AIX 6.1 uses an incorrect pathname argument in a call to the trustchk_block_write function, which might allow local users to modify trusted files, related to an error in the support for links in the TSD_FILES_LOCK policy.... Read more

    Affected Products : aix
    • EPSS Score: %0.07
    • Published: Jan. 10, 2008
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2006-6182

    The Gabriele Teotino GNotebook 0.7.0.1 gadget for Google Desktop stores Gmail passwords in plaintext in the %SYSTEMDRIVE%\temp\Gnotebook.txt log file, which allows local users to obtain passwords by reading the file.... Read more

    Affected Products : gnotebook
    • EPSS Score: %0.07
    • Published: Dec. 01, 2006
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2006-6013

    Integer signedness error in the fw_ioctl (FW_IOCTL) function in the FireWire (IEEE-1394) drivers (dev/firewire/fwdev.c) in various BSD kernels, including DragonFlyBSD, FreeBSD 5.5, MidnightBSD 0.1-CURRENT before 20061115, NetBSD-current before 20061116, N... Read more

    • EPSS Score: %0.08
    • Published: Nov. 21, 2006
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2007-1589

    TrueCrypt before 4.3, when set-euid mode is used on Linux, allows local users to cause a denial of service (filesystem unavailability) by dismounting a volume mounted by a different user.... Read more

    Affected Products : linux_kernel truecrypt
    • EPSS Score: %0.06
    • Published: Mar. 21, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2007-3722

    The 4BSD process scheduler in the FreeBSD kernel performs scheduling based on CPU billing gathered from periodic process sampling ticks, which allows local users to cause a denial of service (CPU consumption) by performing voluntary nanosecond sleeps that... Read more

    Affected Products : freebsd
    • EPSS Score: %0.06
    • Published: Jul. 12, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2006-7129

    ISS BlackICE PC Protection 3.6 cpj and cpu, and possibly earlier versions, allows local users to bypass the protection scheme by using the ZwDeleteFile API function to delete the critical filelock.txt file, which stores information about protected files.... Read more

    Affected Products : blackice_pc_protection
    • EPSS Score: %0.21
    • Published: Mar. 06, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2007-1191

    The Social Bookmarks (del.icio.us) plug-in 8F in Quicksilver writes usernames and passwords in plaintext to the /Library/Logs/Console/UID/Console.log file, which allows local users to obtain sensitive information by reading this file.... Read more

    Affected Products : del.icio.us_module
    • EPSS Score: %0.07
    • Published: Mar. 02, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2007-0805

    The ps (/usr/ucb/ps) command on HP Tru64 UNIX 5.1 1885 allows local users to obtain sensitive information, including environment variables of arbitrary processes, via the "auxewww" argument, a similar issue to CVE-1999-1587.... Read more

    Affected Products : tru64
    • EPSS Score: %0.93
    • Published: Feb. 07, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2009-2899

    The monitor perl script in the Sybase database plug-in in SpringSource Hyperic HQ before 4.3 allows local users to obtain the database password by listing the process and its arguments.... Read more

    Affected Products : hyperic_hq
    • EPSS Score: %0.04
    • Published: Dec. 05, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2012-3276

    HP OpenVMS 8.3, 8.3-1H1, and 8.4 on the Itanium platform and 7.3-2, 8.2, 8.3, and 8.4 on the Alpha platform does not properly implement the LOGIN and ACME_SERVER ACMELOGIN programs, which allows local users to cause a denial of service via unspecified vec... Read more

    Affected Products : openvms openvms
    • EPSS Score: %0.08
    • Published: Dec. 13, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2006-5842

    The keystore file in Unicore Client before 5.6 build 5, when running on Unix systems, has insecure default permissions, which allows local users to obtain sensitive information.... Read more

    Affected Products : unicore_client
    • EPSS Score: %0.06
    • Published: Nov. 10, 2006
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2006-3675

    Password Safe 2.11, 2.16 and 3.0BETA1 does not respect the configuration settings for locking the password database when certain dialogue windows are open, which might allow attackers with physical access to obtain the database contents.... Read more

    Affected Products : passwordsafe
    • EPSS Score: %0.12
    • Published: Jul. 28, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-4493

    xbiff2 1.9 creates $HOME/.xbiff2rc in a user's home directory with insecure file permissions, which allows local users to obtain sensitive information such as login credentials. NOTE: the provenance of this information is unknown; the details are obtaine... Read more

    Affected Products : xbiff2
    • EPSS Score: %0.06
    • Published: Aug. 31, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2014-1279

    Apple TV before 6.1 does not properly restrict logging, which allows local users to obtain sensitive information by reading log data.... Read more

    Affected Products : tvos apple_tv
    • EPSS Score: %0.06
    • Published: Mar. 14, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2005-0124

    The coda_pioctl function in the coda functionality (pioctl.c) for Linux kernel 2.6.9 and 2.4.x before 2.4.29 may allow local users to cause a denial of service (crash) or execute arbitrary code via negative vi.in_size or vi.out_size values, which may trig... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.17
    • Published: Apr. 14, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2015-7972

    The (1) libxl_set_memory_target function in tools/libxl/libxl.c and (2) libxl__build_post function in tools/libxl/libxl_dom.c in Xen 3.4.x through 4.6.x do not properly calculate the balloon size when using the populate-on-demand (PoD) system, which allow... Read more

    Affected Products : xen
    • EPSS Score: %0.09
    • Published: Oct. 30, 2015
    • Modified: Apr. 12, 2025
Showing 20 of 292016 Results