Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2014-100039

    mbae.sys in Malwarebytes Anti-Exploit before 1.05.1.2014 allows local users to cause a denial of service (crash) via a crafted size in an unspecified IOCTL call, which triggers an out-of-bounds read. NOTE: some of these details are obtained from third pa... Read more

    Affected Products : malwarebytes_anti-exploit
    • Published: Jan. 13, 2015
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2014-1378

    IOGraphicsFamily in Apple OS X before 10.9.4 allows local users to bypass the ASLR protection mechanism by leveraging read access to a kernel pointer in an IOKit object.... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: Jul. 01, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2014-1375

    Intel Graphics Driver in Apple OS X before 10.9.4 allows local users to bypass the ASLR protection mechanism by leveraging read access to a kernel pointer in an IOKit object.... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: Jul. 01, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2014-1445

    The wanxl_ioctl function in drivers/net/wan/wanxl.c in the Linux kernel before 3.11.7 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory via an ioctl call.... Read more

    Affected Products : linux_kernel
    • Published: Jan. 18, 2014
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2008-1943

    Buffer overflow in the backend of XenSource Xen Para Virtualized Frame Buffer (PVFB) 3.0 through 3.1.2 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted description of a shared framebuffer.... Read more

    • Published: May. 14, 2008
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2005-0736

    Integer overflow in sys_epoll_wait in eventpoll.c for Linux kernel 2.6 to 2.6.11 allows local users to overwrite kernel memory via a large number of events.... Read more

    • Published: Mar. 09, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2009-2712

    Sun Java System Access Manager 6.3 2005Q1, 7.0 2005Q4, and 7.1; and OpenSSO Enterprise 8.0; when AMConfig.properties enables the debug flag, allows local users to discover cleartext passwords by reading debug files.... Read more

    • Published: Aug. 07, 2009
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2011-1742

    EMC Data Protection Advisor before 5.8.1 places cleartext account credentials in the DPA configuration file in unspecified circumstances, which might allow local users to obtain sensitive information by reading this file.... Read more

    Affected Products : data_protection_advisor
    • Published: Aug. 01, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2011-0197

    App Store in Apple Mac OS X before 10.6.8 creates a log entry containing a user's AppleID password, which might allow local users to obtain sensitive information by reading a log file, as demonstrated by a log file that has non-default permissions.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • Published: Jun. 24, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2011-2700

    Multiple buffer overflows in the si4713_write_econtrol_string function in drivers/media/radio/si4713-i2c.c in the Linux kernel before 2.6.39.4 on the N900 platform might allow local users to cause a denial of service or have unspecified other impact via a... Read more

    Affected Products : linux_kernel
    • Published: Sep. 06, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2010-1488

    The proc_oom_score function in fs/proc/base.c in the Linux kernel before 2.6.34-rc4 uses inappropriate data structures during selection of a candidate for the OOM killer, which might allow local users to cause a denial of service via unspecified patterns ... Read more

    Affected Products : linux_kernel
    • Published: Apr. 20, 2010
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2011-1080

    The do_replace function in net/bridge/netfilter/ebtables.c in the Linux kernel before 2.6.39 does not ensure that a certain name field ends with a '\0' character, which allows local users to obtain potentially sensitive information from kernel stack memor... Read more

    Affected Products : linux_kernel
    • Published: Jun. 21, 2012
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2005-1152

    popauth.c in qpopper 4.0.5 and earlier does not properly set the umask, which may cause qpopper to create files with group or world-writable permissions.... Read more

    Affected Products : qpopper qpopper
    • Published: May. 25, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2011-0178

    The FSFindFolder API in CarbonCore in Apple Mac OS X before 10.6.7 provides a world-readable directory in response to a call with the kTemporaryFolderType flag, which allows local users to obtain potentially sensitive information by accessing this directo... Read more

    Affected Products : mac_os_x carboncore mac_os_x_server
    • Published: Mar. 23, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2005-3054

    fopen_wrappers.c in PHP 4.4.0, and possibly other versions, does not properly restrict access to other directories when the open_basedir directive includes a trailing slash, which allows PHP scripts in one directory to access files in other directories wh... Read more

    Affected Products : php
    • Published: Sep. 26, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2011-0652

    lnsfw1.sys 6.0.2900.5512 in Look 'n' Stop Firewall 2.06p4 and 2.07 allows local users to cause a denial of service (crash) via a crafted 0x80000064 IOCTL request that triggers an assertion failure. NOTE: some of these details are obtained from third part... Read more

    Affected Products : look_\'n\'_stop_firewall
    • Published: Jan. 28, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2011-1788

    vCenter Server in VMware vCenter 4.0 before Update 3 and 4.1 before Update 1 allows local users to discover the SOAP session ID via unspecified vectors.... Read more

    Affected Products : vcenter
    • Published: May. 09, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2007-6249

    etc-update in Portage before 2.1.3.11 on Gentoo Linux relies on the umask to set permissions for the merge file, often resulting in permissions weaker than those of the original files, which might allow local users to obtain sensitive information by readi... Read more

    Affected Products : portage linux
    • Published: Dec. 15, 2007
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2010-3245

    The automated-backup functionality in Blackboard Transact Suite (formerly Blackboard Commerce Suite) stores the (1) database username and (2) database password in cleartext in (a) script and (b) batch (.bat) files, which allows local users to obtain sensi... Read more

    Affected Products : transact_suite
    • Published: Sep. 07, 2010
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2011-2210

    The osf_getsysinfo function in arch/alpha/kernel/osf_sys.c in the Linux kernel before 2.6.39.4 on the Alpha platform does not properly restrict the data size for GSI_GET_HWRPB operations, which allows local users to obtain sensitive information from kerne... Read more

    Affected Products : linux_kernel
    • Published: Jun. 13, 2012
    • Modified: Apr. 11, 2025
Showing 20 of 294863 Results