Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 1.9

    LOW
    CVE-2014-1446

    The yam_ioctl function in drivers/net/hamradio/yam.c in the Linux kernel before 3.12.8 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability f... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.20
    • Published: Jan. 18, 2014
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2010-3876

    net/packet/af_packet.c in the Linux kernel before 2.6.37-rc2 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory by leveraging the CAP_NET_RAW capability to ... Read more

    • EPSS Score: %0.06
    • Published: Jan. 03, 2011
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2014-4419

    The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive memory-content and memory-layout information via a crafted application, a different ... Read more

    Affected Products : mac_os_x iphone_os tvos
    • EPSS Score: %0.08
    • Published: Sep. 18, 2014
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2012-4535

    Xen 3.4 through 4.2, and possibly earlier versions, allows local guest OS administrators to cause a denial of service (Xen infinite loop and physical CPU consumption) by setting a VCPU with an "inappropriate deadline."... Read more

    Affected Products : xen
    • EPSS Score: %0.11
    • Published: Nov. 21, 2012
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2011-1155

    The writeState function in logrotate.c in logrotate 3.7.9 and earlier might allow context-dependent attackers to cause a denial of service (rotation outage) via a (1) \n (newline) or (2) \ (backslash) character in a log filename, as demonstrated by a file... Read more

    Affected Products : logrotate
    • EPSS Score: %0.09
    • Published: Mar. 30, 2011
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2010-4077

    The ntty_ioctl_tiocgicount function in drivers/char/nozomi.c in the Linux kernel 2.6.36.1 and earlier does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory vi... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.48
    • Published: Nov. 29, 2010
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2010-4074

    The USB subsystem in the Linux kernel before 2.6.36-rc5 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to TIOCGICOUNT ioctl calls, a... Read more

    Affected Products : linux_kernel debian_linux
    • EPSS Score: %0.08
    • Published: Nov. 29, 2010
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2010-4075

    The uart_get_count function in drivers/serial/serial_core.c in the Linux kernel before 2.6.37-rc1 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a ... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.09
    • Published: Nov. 29, 2010
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2013-4259

    runner/connection_plugins/ssh.py in Ansible before 1.2.3, when using ControlPersist, allows local users to redirect a ssh session via a symlink attack on a socket file with a predictable name in /tmp/.... Read more

    Affected Products : ansible
    • EPSS Score: %0.05
    • Published: Sep. 16, 2013
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2013-2162

    Race condition in the post-installation script (mysql-server-5.5.postinst) for MySQL Server 5.5 for Debian GNU/Linux and Ubuntu Linux creates a configuration file with world-readable permissions before restricting the permissions, which allows local users... Read more

    Affected Products : ubuntu_linux
    • EPSS Score: %0.03
    • Published: Aug. 19, 2013
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2013-4242

    GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x and possibly other products, allows local users to obtain private RSA keys via a cache side-channel attack involving the L3 cache, aka Flush+Reload.... Read more

    • EPSS Score: %0.16
    • Published: Aug. 19, 2013
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2010-4078

    The sisfb_ioctl function in drivers/video/sis/sis_main.c in the Linux kernel before 2.6.36-rc6 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an FB... Read more

    • EPSS Score: %0.07
    • Published: Nov. 29, 2010
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2013-2634

    net/dcb/dcbnl.c in the Linux kernel before 3.8.4 does not initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.03
    • Published: Mar. 22, 2013
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2015-1145

    The Code Signing implementation in Apple OS X before 10.10.3 does not properly validate signatures, which allows local users to bypass intended access restrictions via a crafted bundle, a different vulnerability than CVE-2015-1146.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.07
    • Published: Apr. 10, 2015
    • Modified: Apr. 12, 2025

  • 1.9

    LOW
    CVE-2010-1160

    GNU nano before 2.2.4 does not verify whether a file has been changed before it is overwritten in a file-save operation, which allows local user-assisted attackers to overwrite arbitrary files via a symlink attack on an attacker-owned file that is being e... Read more

    Affected Products : nano
    • EPSS Score: %0.08
    • Published: Apr. 16, 2010
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2012-2934

    Xen 4.0, and 4.1, when running a 64-bit PV guest on "older" AMD CPUs, does not properly protect against a certain AMD processor bug, which allows local guest OS users to cause a denial of service (host hang) via sequential execution of instructions across... Read more

    Affected Products : xen
    • EPSS Score: %0.16
    • Published: Dec. 03, 2012
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2011-1098

    Race condition in the createOutputFile function in logrotate.c in logrotate 3.7.9 and earlier allows local users to read log data by opening a file before the intended permissions are in place.... Read more

    Affected Products : logrotate
    • EPSS Score: %0.04
    • Published: Mar. 30, 2011
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2009-3746

    XScreenSaver in Sun Solaris 10, when the accessibility feature is enabled, allows physically proximate attackers to obtain sensitive information by reading popup windows, which are displayed even when the screen is locked, a different vulnerability than C... Read more

    Affected Products : solaris
    • EPSS Score: %0.06
    • Published: Oct. 22, 2009
    • Modified: Apr. 09, 2025

  • 1.9

    LOW
    CVE-2011-0523

    gypsy 0.8 does not properly restrict the files that can be read while running with root privileges, which allows local users to read otherwise restricted files via unspecified vectors.... Read more

    Affected Products : gypsy
    • EPSS Score: %0.06
    • Published: Aug. 13, 2012
    • Modified: Apr. 11, 2025

  • 1.9

    LOW
    CVE-2012-1568

    The ExecShield feature in a certain Red Hat patch for the Linux kernel in Red Hat Enterprise Linux (RHEL) 5 and 6 and Fedora 15 and 16 does not properly handle use of many shared libraries by a 32-bit executable file, which makes it easier for context-dep... Read more

    Affected Products : enterprise_linux fedora
    • EPSS Score: %0.05
    • Published: Mar. 01, 2013
    • Modified: Apr. 11, 2025
Showing 20 of 291891 Results