Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2004-1074

    The binfmt functionality in the Linux kernel, when "memory overcommit" is enabled, allows local users to cause a denial of service (kernel oops) via a malformed a.out binary.... Read more

    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2011-1832

    utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not properly check mountpoint permissions, which allows local users to remove directories via a umount system call.... Read more

    Affected Products : ecryptfs_utils ecryptfs-utils
    • Published: Feb. 15, 2014
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2011-2977

    Bugzilla 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3 on Windows does not delete the temporary files associated with uploaded attachments, which allows local users to obtain sensitive information by reading these files. NOTE: thi... Read more

    Affected Products : windows bugzilla
    • Published: Aug. 09, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2011-1886

    win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP3 does not properly validate the arguments to functions, which allows local users to read arbitrary data from kernel memory via a crafted application that triggers a NULL pointer dereference,... Read more

    Affected Products : windows_xp
    • Published: Jul. 13, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2011-1327

    The Keystroke Encryption feature in Trend Micro Internet Security 2009 (aka Virus Buster 2009 and PC-cillin 2009) does not completely encrypt passwords, which allows local users to obtain sensitive information by leveraging a keylogger.... Read more

    Affected Products : trend_micro_internet_security
    • Published: May. 20, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2011-1840

    The MartiniCreations PassmanLite Password Manager application before 1.48 for Android stores the master password and unspecified other account information in cleartext, which allows local users to obtain sensitive information by leveraging shell access.... Read more

    • Published: May. 13, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2011-1828

    usb-creator-helper in usb-creator before 0.2.28.3 does not enforce intended PolicyKit restrictions, which allows local users to perform arbitrary unmount operations via the UnmountFile method in a dbus-send command.... Read more

    Affected Products : usb-creator
    • Published: May. 16, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2011-0797

    Unspecified vulnerability in the Applications Install component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows remote authenticated users to affect confidentiality via unknown vectors.... Read more

    Affected Products : e-business_suite
    • Published: Apr. 20, 2011
    • Modified: Apr. 11, 2025

  • 2.1

    LOW
    CVE-2004-0563

    The tspc.conf configuration file in freenet6 before 0.9.6 and before 1.0 on Debian Linux has world readable permissions, which could allow local users to gain sensitive information, such as a username and password.... Read more

    Affected Products : freenet6
    • Published: Dec. 23, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2011-3198

    Domain Technologie Control (DTC) before 0.34.1 includes a password in the -b command line argument to htpasswd, which might allow local users to read the password by listing the process and its arguments.... Read more

    Affected Products : domain_technologie_control
    • Published: Mar. 21, 2014
    • Modified: Apr. 12, 2025

  • 2.1

    LOW
    CVE-2005-3112

    The "reset password" feature in Macromedia Breeze 5.0 stores passwords in plaintext in the database instead of the hash, which allows attackers with access to the database to obtain the passwords.... Read more

    Affected Products : breeze
    • Published: Sep. 30, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-3147

    StoreBackup before 1.19 creates the backup root with world-readable permissions, which allows local users to obtain sensitive information.... Read more

    Affected Products : suse_linux storebackup
    • Published: Oct. 05, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-0652

    Unknown vulnerability in HP OpenVMS VAX 7.x and 6.x and OpenVMS Alpha 7.x or 6.x allows local users to access privileged files.... Read more

    Affected Products : openvms
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-3268

    yiff server (yiff-server) 2.14.2 on Debian GNU/Linux runs as root and does not properly verify ownership of files that it opens, which allows local users to read arbitrary files.... Read more

    Affected Products : yiff_server
    • Published: Oct. 20, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-3055

    Linux kernel 2.6.8 to 2.6.14-rc2 allows local users to cause a denial of service (kernel OOPS) via a userspace process that issues a USB Request Block (URB) to a USB device and terminates before the URB is finished, which leads to a stale pointer referenc... Read more

    • Published: Sep. 26, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-0757

    The xattr file system code, as backported in Red Hat Enterprise Linux 3 on 64-bit systems, does not properly handle certain offsets, which allows local users to cause a denial of service (system crash) via certain actions on an ext3 file system with exten... Read more

    • Published: May. 18, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-2036

    iOpus Secure Email Attachments (SEA), probably 1.0, does not properly handle passwords that consist of repetitions of a substring, which allows attackers to decrypt files by entering only the substring.... Read more

    Affected Products : secure_email_attachments
    • Published: Apr. 26, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-3286

    The FWDRV driver in Kerio Personal Firewall 4.2 and Server Firewall 1.1.1 allows local users to cause a denial of service (crash) by setting the PAGE_NOACCESS or PAGE_GUARD protection on the Page Environment Block (PEB), which triggers an exception, aka t... Read more

    Affected Products : personal_firewall serverfirewall
    • Published: Oct. 23, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-3427

    The Cisco Management Center (MC) for IPS Sensors (IPS MC) 2.1 can omit port field values while generating the Cisco IOS IPS configuration file, wich can cause some signatures to be disabled and makes it easier for attackers to escape detection.... Read more

    • Published: Nov. 02, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-1814

    NetBSD 1.6, 2.0, 2.1 and 3.0 allows local users to cause a denial of service (memory exhaustion) by using the sysctl system call to lock a large buffer into physical memory.... Read more

    Affected Products : netbsd
    • Published: Apr. 18, 2006
    • Modified: Apr. 03, 2025
Showing 20 of 294863 Results