Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 1.2

    LOW
    CVE-2005-1759

    Race condition in shtool 2.0.1 and earlier allows local users to modify or create arbitrary files via a symlink attack on temporary files after they have been created, a different vulnerability than CVE-2005-1751.... Read more

    Affected Products : shtool
    • Published: Jun. 28, 2005
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2003-0086

    The code for writing reg files in Samba before 2.2.8 allows local users to overwrite arbitrary files via a race condition involving chown.... Read more

    Affected Products : samba
    • Published: Mar. 31, 2003
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2008-5450

    Unspecified vulnerability in the Oracle Applications Platform Engineering component in Oracle E-Business Suite 11.5.10 CU2 and 12.0.6 allows local users to affect confidentiality via unknown vectors.... Read more

    • Published: Jan. 14, 2009
    • Modified: Apr. 09, 2025

  • 1.2

    LOW
    CVE-2006-3118

    spread uses a temporary file with a static filename based on the port number, which allows local users to cause a denial of service by creating the file during a race condition between unlink and bind function calls. NOTE: spread deletes this temporary f... Read more

    Affected Products : spread
    • Published: Jun. 30, 2006
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2012-3500

    scripts/annotate-output.sh in devscripts before 2.12.2, as used in rpmdevtools before 8.3, allows local users to modify arbitrary files via a symlink attack on the temporary (1) standard output or (2) standard error output file.... Read more

    Affected Products : devscripts rpmdevtools
    • Published: Oct. 01, 2012
    • Modified: Apr. 11, 2025

  • 1.2

    LOW
    CVE-2012-2103

    The qmailscan plugin for Munin 1.4.5 allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names.... Read more

    Affected Products : munin
    • Published: Aug. 26, 2012
    • Modified: Apr. 11, 2025

  • 1.2

    LOW
    CVE-2012-3487

    Race condition in Tunnelblick 3.3beta20 and earlier allows local users to kill unintended processes by waiting for a specific PID value to be assigned to a target process.... Read more

    Affected Products : tunnelblick
    • Published: Aug. 26, 2012
    • Modified: Apr. 11, 2025

  • 1.2

    LOW
    CVE-2006-0591

    The crypt_gensalt functions for BSDI-style extended DES-based and FreeBSD-sytle MD5-based password hashes in crypt_blowfish 0.4.7 and earlier do not evenly and randomly distribute salts, which makes it easier for attackers to guess passwords from a stolen... Read more

    Affected Products : crypt_blowfish
    • Published: Feb. 08, 2006
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2002-1674

    procfs on FreeBSD before 4.5 allows local users to cause a denial of service (kernel panic) by removing a file that the fstatfs function refers to.... Read more

    Affected Products : freebsd
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-1999-0371

    Lynx allows a local user to overwrite sensitive files through /tmp symlinks.... Read more

    Affected Products : lynx
    • Published: Feb. 11, 1999
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2002-1563

    stunnel 4.0.3 and earlier allows attackers to cause a denial of service (crash) via SIGCHLD signal handler race conditions that cause an inconsistency in the child counter.... Read more

    Affected Products : stunnel
    • Published: May. 12, 2003
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2004-2473

    wmFrog weather monitor 0.1.6 and other versions before 0.2.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files.... Read more

    Affected Products : wmfrog
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-1999-0475

    A race condition in how procmail handles .procmailrc files allows a local user to read arbitrary files available to the user who is running procmail.... Read more

    Affected Products : procmail
    • Published: Apr. 05, 1999
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2003-0438

    eldav WebDAV client for Emacs, version 0.7.2 and earlier, allows local users to create or overwrite arbitrary files via a symlink attack on temporary files.... Read more

    Affected Products : eldav
    • Published: Jul. 24, 2003
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2011-2724

    The check_mtab function in client/mount.cifs.c in mount.cifs in smbfs in Samba 3.5.10 and earlier does not properly verify that the (1) device name and (2) mountpoint strings are composed of valid characters, which allows local users to cause a denial of ... Read more

    Affected Products : samba
    • Published: Sep. 06, 2011
    • Modified: Apr. 11, 2025

  • 1.2

    LOW
    CVE-2012-2678

    389 Directory Server before 1.2.11.6 (aka Red Hat Directory Server before 8.2.10-3), after the password for a LDAP user has been changed and before the server has been reset, allows remote attackers to read the plaintext password via the unhashed#user#pas... Read more

    • Published: Jul. 03, 2012
    • Modified: Apr. 11, 2025

  • 1.2

    LOW
    CVE-2001-0119

    getty_ps 2.0.7j allows local users to overwrite arbitrary files via a symlink attack.... Read more

    Affected Products : linux mandrake_linux immunix
    • Published: Mar. 12, 2001
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2000-0210

    The lit program in Sun Flex License Manager (FlexLM) follows symlinks, which allows local users to modify arbitrary files.... Read more

    Affected Products : workshop
    • Published: Feb. 21, 2000
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2005-0937

    Some futex functions in futex.c for Linux kernel 2.6.x perform get_user calls while holding the mmap_sem semaphore, which could allow local users to cause a deadlock condition in do_page_fault by triggering get_user faults while another thread is executin... Read more

    Affected Products : linux_kernel enterprise_linux
    • Published: Feb. 22, 2005
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2005-0448

    Race condition in the rmtree function in File::Path.pm in Perl before 5.8.4 allows local users to create arbitrary setuid binaries in the tree being deleted, a different vulnerability than CVE-2004-0452.... Read more

    Affected Products : perl
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025
Showing 20 of 293614 Results