Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 1.2

    LOW
    CVE-2011-4415

    The ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, does not restrict the size of values of environment variables, which allows local users to cause a d... Read more

    Affected Products : http_server
    • EPSS Score: %0.77
    • Published: Nov. 08, 2011
    • Modified: Apr. 11, 2025

  • 1.2

    LOW
    CVE-2004-0814

    Multiple race conditions in the terminal layer in Linux 2.4.x, and 2.6.x before 2.6.9, allow (1) local users to obtain portions of kernel data via a TIOCSETD ioctl call to a terminal interface that is being accessed by another thread, or (2) remote attack... Read more

    Affected Products : linux_kernel ubuntu_linux
    • EPSS Score: %0.24
    • Published: Dec. 23, 2004
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2004-1058

    Race condition in Linux kernel 2.6 allows local users to read the environment variables of another process that is still spawning via /proc/.../cmdline.... Read more

    Affected Products : linux_kernel ubuntu_linux
    • EPSS Score: %0.06
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2010-3718

    Apache Tomcat 7.0.0 through 7.0.3, 6.0.x, and 5.5.x, when running within a SecurityManager, does not make the ServletContext attribute read-only, which allows local web applications to read or write files outside of the intended working directory, as demo... Read more

    Affected Products : tomcat
    • EPSS Score: %0.25
    • Published: Feb. 10, 2011
    • Modified: Apr. 11, 2025

  • 1.2

    LOW
    CVE-2006-1066

    Linux kernel 2.6.16-rc2 and earlier, when running on x86_64 systems with preemption enabled, allows local users to cause a denial of service (oops) via multiple ptrace tasks that perform single steps, which can cause corruption of the DEBUG_STACK stack du... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.06
    • Published: Mar. 27, 2006
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2006-4232

    Race condition in the grid-proxy-init tool in Globus Toolkit 3.2.x, 4.0.x, and 4.1.0 before 20060815 allows local users to steal credential data by replacing the proxy credentials file in between file creation and the check for exclusive file access.... Read more

    Affected Products : globus_toolkit
    • EPSS Score: %0.07
    • Published: Aug. 18, 2006
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2005-3011

    The sort_offline function for texindex in texinfo 4.8 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files.... Read more

    Affected Products : texinfo
    • EPSS Score: %0.04
    • Published: Sep. 21, 2005
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2015-4822

    Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect availability via unknown vectors related to Solaris Kernel Zones, a different vulnerability than CVE-2015-4831.... Read more

    Affected Products : solaris
    • EPSS Score: %0.13
    • Published: Oct. 21, 2015
    • Modified: Apr. 12, 2025

  • 1.2

    LOW
    CVE-2012-0645

    Siri in Apple iOS before 5.1 does not properly restrict the ability of Mail.app to handle voice commands, which allows physically proximate attackers to bypass the locked state via a command that forwards an active e-mail message to an arbitrary recipient... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.09
    • Published: Mar. 08, 2012
    • Modified: Apr. 11, 2025

  • 1.2

    LOW
    CVE-2016-0431

    Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via unknown vectors related to Solaris Kernel Zones, a different vulnerability than CVE-2016-0419.... Read more

    Affected Products : solaris
    • EPSS Score: %0.12
    • Published: Jan. 21, 2016
    • Modified: Apr. 12, 2025

  • 1.2

    LOW
    CVE-2008-3259

    OpenSSH before 5.1 sets the SO_REUSEADDR socket option when the X11UseLocalhost configuration setting is disabled, which allows local users on some platforms to hijack the X11 forwarding port via a bind to a single IP address, as demonstrated on the HP-UX... Read more

    Affected Products : openssh
    • EPSS Score: %0.03
    • Published: Jul. 22, 2008
    • Modified: Apr. 09, 2025

  • 1.2

    LOW
    CVE-2004-1191

    Race condition in SuSE Linux 8.1 through 9.2, when run on SMP systems that have more than 4GB of memory, could allow local users to read unauthorized memory from "foreign memory pages."... Read more

    Affected Products : suse_linux
    • EPSS Score: %0.06
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2000-0723

    Helix GNOME Updater helix-update 0.5 and earlier does not properly create /tmp directories, which allows local users to create empty system configuration files such as /etc/config.d/bashrc, /etc/config.d/csh.cshrc, and /etc/rc.config.... Read more

    Affected Products : gnome_installer
    • EPSS Score: %0.06
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2003-0438

    eldav WebDAV client for Emacs, version 0.7.2 and earlier, allows local users to create or overwrite arbitrary files via a symlink attack on temporary files.... Read more

    Affected Products : eldav
    • EPSS Score: %0.08
    • Published: Jul. 24, 2003
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2006-3118

    spread uses a temporary file with a static filename based on the port number, which allows local users to cause a denial of service by creating the file during a race condition between unlink and bind function calls. NOTE: spread deletes this temporary f... Read more

    Affected Products : spread
    • EPSS Score: %0.06
    • Published: Jun. 30, 2006
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2001-0887

    xSANE 0.81 and earlier allows local users to modify files of other xSANE users via a symlink attack on temporary files.... Read more

    Affected Products : linux xsane
    • EPSS Score: %0.08
    • Published: Jan. 15, 2002
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2002-0271

    Runtime library in GNU Ada compiler (GNAT) 3.12p through 3.14p allows local users to modify files of other users via a symlink attack on temporary files.... Read more

    Affected Products : gnat_pro_native
    • EPSS Score: %0.08
    • Published: May. 29, 2002
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2000-0718

    A race condition in MandrakeUpdate allows local users to modify RPM files while they are in the /tmp directory before they are installed.... Read more

    Affected Products : mandrake_linux
    • EPSS Score: %0.06
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2001-1333

    Linux CUPS before 1.1.6 does not securely handle temporary files, possibly due to a symlink vulnerability that could allow local users to overwrite files.... Read more

    Affected Products : cups
    • EPSS Score: %0.07
    • Published: May. 10, 2001
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2001-1276

    ispell before 3.1.20 allows local users to overwrite files of other users via a symlink attack on a temporary file.... Read more

    Affected Products : ispell
    • EPSS Score: %0.09
    • Published: Jun. 21, 2001
    • Modified: Apr. 03, 2025
Showing 20 of 291400 Results