Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 1.2

    LOW
    CVE-2008-3259

    OpenSSH before 5.1 sets the SO_REUSEADDR socket option when the X11UseLocalhost configuration setting is disabled, which allows local users on some platforms to hijack the X11 forwarding port via a bind to a single IP address, as demonstrated on the HP-UX... Read more

    Affected Products : openssh
    • EPSS Score: %0.03
    • Published: Jul. 22, 2008
    • Modified: Apr. 09, 2025

  • 1.2

    LOW
    CVE-2012-3500

    scripts/annotate-output.sh in devscripts before 2.12.2, as used in rpmdevtools before 8.3, allows local users to modify arbitrary files via a symlink attack on the temporary (1) standard output or (2) standard error output file.... Read more

    Affected Products : devscripts rpmdevtools
    • EPSS Score: %0.06
    • Published: Oct. 01, 2012
    • Modified: Apr. 11, 2025

  • 1.2

    LOW
    CVE-2011-1769

    SystemTap 1.4 and earlier, when unprivileged (aka stapusr) mode is enabled, allows local users to cause a denial of service (divide-by-zero error and OOPS) via a crafted ELF program with DWARF expressions that are not properly handled by a stap script tha... Read more

    Affected Products : systemtap
    • EPSS Score: %0.07
    • Published: Aug. 29, 2011
    • Modified: Apr. 11, 2025

  • 1.2

    LOW
    CVE-2007-0833

    VMware Workstation 5.5.3 34685, when the "Enable copy and paste to and from this virtual machine" option is enabled, preserves clipboard data on the guest operating system after it was deleted on the host operating system, which might allow local users to... Read more

    Affected Products : workstation
    • EPSS Score: %0.05
    • Published: Feb. 07, 2007
    • Modified: Apr. 09, 2025

  • 1.2

    LOW
    CVE-2002-1563

    stunnel 4.0.3 and earlier allows attackers to cause a denial of service (crash) via SIGCHLD signal handler race conditions that cause an inconsistency in the child counter.... Read more

    Affected Products : stunnel
    • EPSS Score: %0.08
    • Published: May. 12, 2003
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2002-0435

    Race condition in the recursive (1) directory deletion and (2) directory move in GNU File Utilities (fileutils) 4.1 and earlier allows local users to delete directories as the user running fileutils by moving a low-level directory to a higher level as it ... Read more

    Affected Products : linux fileutils
    • EPSS Score: %0.07
    • Published: Jul. 26, 2002
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2006-1231

    CAPI4HylaFAX 1.3, when compiled with GENERATE_DEBUGSFFDATAFILE set, allows local users to modify arbitrary files via a symlink attack on the c2faxrecv_dbgdatafile.sff temporary file.... Read more

    Affected Products : capi4hylafax
    • EPSS Score: %0.07
    • Published: Mar. 14, 2006
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2000-1045

    nss_ldap earlier than 121, when run with nscd (name service caching daemon), allows remote attackers to cause a denial of service via a flood of LDAP requests.... Read more

    Affected Products : nss_ldap
    • EPSS Score: %0.28
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2000-0154

    The ARCserve agent in UnixWare allows local attackers to modify arbitrary files via a symlink attack.... Read more

    Affected Products : unixware
    • EPSS Score: %0.29
    • Published: Feb. 16, 2000
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2000-0371

    The libmediatool library used for the KDE mediatool allows local users to create arbitrary files via a symlink attack.... Read more

    Affected Products : kde
    • EPSS Score: %0.07
    • Published: Mar. 01, 1999
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2002-0296

    The installation of Tarantella Enterprise 3 allows local users to overwrite arbitrary files via a symlink attack on the "spinning" temporary file.... Read more

    Affected Products : tarantella_enterprise
    • EPSS Score: %0.15
    • Published: May. 31, 2002
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2001-0036

    KTH Kerberos IV allows local users to overwrite arbitrary files via a symlink attack on a ticket file.... Read more

    Affected Products : kth_kerberos
    • EPSS Score: %0.06
    • Published: Feb. 16, 2001
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2001-1346

    Computer Associates ARCserveIT 6.61 and 6.63 (also called ARCservIT) allows local users to overwrite arbitrary files via a symlink attack on the temporary files (1) asagent.tmp or (2) inetd.tmp.... Read more

    Affected Products : arcserve_backup arcserve_backup
    • EPSS Score: %0.23
    • Published: May. 18, 2001
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2001-1047

    Race condition in OpenBSD VFS allows local users to cause a denial of service (kernel panic) by (1) creating a pipe in one thread and causing another thread to set one of the file descriptors to NULL via a close, or (2) calling dup2 on a file descriptor i... Read more

    Affected Products : openbsd
    • EPSS Score: %0.07
    • Published: Jun. 02, 2001
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-1999-0475

    A race condition in how procmail handles .procmailrc files allows a local user to read arbitrary files available to the user who is running procmail.... Read more

    Affected Products : procmail
    • EPSS Score: %0.18
    • Published: Apr. 05, 1999
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2005-1066

    Race condition in rpdump in Pine 4.62 and earlier allows local users to overwrite arbitrary files via a symlink attack.... Read more

    Affected Products : enterprise_linux pine
    • EPSS Score: %0.08
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2012-4676

    The errorExitIfAttackViaString function in Tunnelblick 3.3beta20 and earlier allows local users to delete arbitrary files by constructing a (1) symlink or (2) hard link, a different vulnerability than CVE-2012-3485.... Read more

    Affected Products : tunnelblick
    • EPSS Score: %0.04
    • Published: Aug. 26, 2012
    • Modified: Apr. 11, 2025

  • 1.2

    LOW
    CVE-2008-4593

    Apple iPhone 2.1 with firmware 5F136, when Require Passcode is enabled and Show SMS Preview is disabled, allows physically proximate attackers to obtain sensitive information by performing an Emergency Call tap and then reading SMS messages on the device ... Read more

    Affected Products : iphone
    • EPSS Score: %0.06
    • Published: Oct. 17, 2008
    • Modified: Apr. 09, 2025

  • 1.2

    LOW
    CVE-2012-3487

    Race condition in Tunnelblick 3.3beta20 and earlier allows local users to kill unintended processes by waiting for a specific PID value to be assigned to a target process.... Read more

    Affected Products : tunnelblick
    • EPSS Score: %0.02
    • Published: Aug. 26, 2012
    • Modified: Apr. 11, 2025

  • 1.2

    LOW
    CVE-2005-1286

    Unquoted Windows search path vulnerability in BitDefender 8 allows local users to prevent BitDefender from starting by creating a malicious C:\program.exe, possibly due to the lack of quoting of the full pathname when executing a process.... Read more

    Affected Products : bitdefender_antivirus
    • EPSS Score: %0.08
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025
Showing 20 of 291384 Results