Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 1.2

    LOW
    CVE-2006-4232

    Race condition in the grid-proxy-init tool in Globus Toolkit 3.2.x, 4.0.x, and 4.1.0 before 20060815 allows local users to steal credential data by replacing the proxy credentials file in between file creation and the check for exclusive file access.... Read more

    Affected Products : globus_toolkit
    • Published: Aug. 18, 2006
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2008-5450

    Unspecified vulnerability in the Oracle Applications Platform Engineering component in Oracle E-Business Suite 11.5.10 CU2 and 12.0.6 allows local users to affect confidentiality via unknown vectors.... Read more

    • Published: Jan. 14, 2009
    • Modified: Apr. 09, 2025

  • 1.2

    LOW
    CVE-2006-3118

    spread uses a temporary file with a static filename based on the port number, which allows local users to cause a denial of service by creating the file during a race condition between unlink and bind function calls. NOTE: spread deletes this temporary f... Read more

    Affected Products : spread
    • Published: Jun. 30, 2006
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2010-3014

    The Coda filesystem kernel module, as used in NetBSD and FreeBSD, when Coda is loaded and Venus is running with /coda mounted, allows local users to read sensitive heap memory via a large out_size value in a ViceIoctl struct to a Coda ioctl, which trigger... Read more

    Affected Products : freebsd netbsd
    • Published: Aug. 20, 2010
    • Modified: Apr. 11, 2025

  • 1.2

    LOW
    CVE-2006-1695

    The fbgs script in the fbi package 2.01-1.4, when the TMPDIR environment variable is not defined, allows local users to overwrite arbitrary files via a symlink attack on temporary files in /var/tmp/fbps-[PID].... Read more

    Affected Products : fbida
    • Published: Apr. 11, 2006
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2002-1508

    slapd in OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allows local users to overwrite arbitrary files via a race condition during the creation of a log file for rejected replication requests.... Read more

    Affected Products : openldap
    • Published: Feb. 19, 2003
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2007-2453

    The random number feature in Linux kernel 2.6 before 2.6.20.13, and 2.6.21.x before 2.6.21.4, (1) does not properly seed pools when there is no entropy, or (2) uses an incorrect cast when extracting entropy, which might cause the random number generator t... Read more

    Affected Products : linux_kernel
    • Published: Jun. 11, 2007
    • Modified: Apr. 09, 2025

  • 1.2

    LOW
    CVE-2006-1824

    Multiple cross-site scripting (XSS) vulnerabilities in PhpGuestbook.php in PhpGuestbook 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) Name, (2) Website, and (3) Comment parameter.... Read more

    Affected Products : phpguestbook
    • Published: Apr. 18, 2006
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2001-0141

    mgetty 1.1.22 allows local users to overwrite arbitrary files via a symlink attack in some configurations.... Read more

    Affected Products : mgetty
    • Published: Mar. 12, 2001
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2008-3259

    OpenSSH before 5.1 sets the SO_REUSEADDR socket option when the X11UseLocalhost configuration setting is disabled, which allows local users on some platforms to hijack the X11 forwarding port via a bind to a single IP address, as demonstrated on the HP-UX... Read more

    Affected Products : openssh
    • Published: Jul. 22, 2008
    • Modified: Apr. 09, 2025

  • 1.2

    LOW
    CVE-2013-1442

    Xen 4.0 through 4.3.x, when using AVX or LWP capable CPUs, does not properly clear previous data from registers when using an XSAVE or XRSTOR to extend the state components of a saved or restored vCPU after touching other restored extended registers, whic... Read more

    Affected Products : xen
    • Published: Sep. 30, 2013
    • Modified: Apr. 11, 2025

  • 1.2

    LOW
    CVE-2005-0448

    Race condition in the rmtree function in File::Path.pm in Perl before 5.8.4 allows local users to create arbitrary setuid binaries in the tree being deleted, a different vulnerability than CVE-2004-0452.... Read more

    Affected Products : perl
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-1999-0475

    A race condition in how procmail handles .procmailrc files allows a local user to read arbitrary files available to the user who is running procmail.... Read more

    Affected Products : procmail
    • Published: Apr. 05, 1999
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-1999-1480

    (1) acledit and (2) aclput in AIX 4.3 allow local users to create or modify files via a symlink attack.... Read more

    Affected Products : aix
    • Published: Jun. 11, 1998
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2005-4761

    BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, 7.0 SP5 and earlier, and 6.1 SP7 and earlier log the Java command line at server startup, which might include sensitive information (passwords or keyphrases) in the server log file when the -D ... Read more

    Affected Products : weblogic_server
    • Published: Dec. 31, 2005
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-1999-0371

    Lynx allows a local user to overwrite sensitive files through /tmp symlinks.... Read more

    Affected Products : lynx
    • Published: Feb. 11, 1999
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2003-0438

    eldav WebDAV client for Emacs, version 0.7.2 and earlier, allows local users to create or overwrite arbitrary files via a symlink attack on temporary files.... Read more

    Affected Products : eldav
    • Published: Jul. 24, 2003
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2003-1061

    Race condition in Solaris 2.6 through 9 allows local users to cause a denial of service (kernel panic), as demonstrated via the namefs function, pipe, and certain STREAMS routines.... Read more

    Affected Products : solaris sunos
    • Published: Oct. 14, 2003
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2003-1073

    A race condition in the at command for Solaris 2.6 through 9 allows local users to delete arbitrary files via the -r argument with .. (dot dot) sequences in the job name, then modifying the directory structure after at checks permissions to delete the fil... Read more

    Affected Products : solaris sunos
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2001-0118

    rdist 6.1.5 allows local users to overwrite arbitrary files via a symlink attack.... Read more

    Affected Products : linux mandrake_linux immunix
    • Published: Mar. 12, 2001
    • Modified: Apr. 03, 2025
Showing 20 of 293562 Results