Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 1.2

    LOW
    CVE-2001-0117

    sdiff 2.7 in the diffutils package allows local users to overwrite files via a symlink attack.... Read more

    • Published: Mar. 12, 2001
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2024-49751

    Press, a Frappe custom app that runs Frappe Cloud, manages infrastructure, subscription, marketplace, and software-as-a-service (SaaS). Prior to commit 5d118a902872d7941f099ad1fb918e2421e79ccd, a user could inject HTML through SaaS signup inputs. The user... Read more

    Affected Products :
    • Published: Oct. 23, 2024
    • Modified: Oct. 25, 2024

  • 1.2

    LOW
    CVE-2000-1045

    nss_ldap earlier than 121, when run with nscd (name service caching daemon), allows remote attackers to cause a denial of service via a flood of LDAP requests.... Read more

    Affected Products : nss_ldap
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2000-0154

    The ARCserve agent in UnixWare allows local attackers to modify arbitrary files via a symlink attack.... Read more

    Affected Products : unixware
    • Published: Feb. 16, 2000
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2005-1396

    Race condition in Ce/Ceterm (aka ARPUS/Ce) 2.5.4 and earlier allows local users to write to arbitrary files via a symlink attack on the ce_edit_log temporary file.... Read more

    Affected Products : ce_ceterm
    • Published: May. 03, 2005
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2012-3500

    scripts/annotate-output.sh in devscripts before 2.12.2, as used in rpmdevtools before 8.3, allows local users to modify arbitrary files via a symlink attack on the temporary (1) standard output or (2) standard error output file.... Read more

    Affected Products : devscripts rpmdevtools
    • Published: Oct. 01, 2012
    • Modified: Apr. 11, 2025

  • 1.2

    LOW
    CVE-2012-3487

    Race condition in Tunnelblick 3.3beta20 and earlier allows local users to kill unintended processes by waiting for a specific PID value to be assigned to a target process.... Read more

    Affected Products : tunnelblick
    • Published: Aug. 26, 2012
    • Modified: Apr. 11, 2025

  • 1.2

    LOW
    CVE-2004-0404

    logcheck before 1.1.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary directory in /var/tmp.... Read more

    Affected Products : logcheck
    • Published: Jul. 07, 2004
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2012-2103

    The qmailscan plugin for Munin 1.4.5 allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names.... Read more

    Affected Products : munin
    • Published: Aug. 26, 2012
    • Modified: Apr. 11, 2025

  • 1.2

    LOW
    CVE-2005-0448

    Race condition in the rmtree function in File::Path.pm in Perl before 5.8.4 allows local users to create arbitrary setuid binaries in the tree being deleted, a different vulnerability than CVE-2004-0452.... Read more

    Affected Products : perl
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2006-1824

    Multiple cross-site scripting (XSS) vulnerabilities in PhpGuestbook.php in PhpGuestbook 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) Name, (2) Website, and (3) Comment parameter.... Read more

    Affected Products : phpguestbook
    • Published: Apr. 18, 2006
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2001-0141

    mgetty 1.1.22 allows local users to overwrite arbitrary files via a symlink attack in some configurations.... Read more

    Affected Products : mgetty
    • Published: Mar. 12, 2001
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2008-3259

    OpenSSH before 5.1 sets the SO_REUSEADDR socket option when the X11UseLocalhost configuration setting is disabled, which allows local users on some platforms to hijack the X11 forwarding port via a bind to a single IP address, as demonstrated on the HP-UX... Read more

    Affected Products : openssh
    • Published: Jul. 22, 2008
    • Modified: Apr. 09, 2025

  • 1.2

    LOW
    CVE-2005-1878

    GIPTables Firewall 1.1 and earlier allows local users to overwrite arbitrary files via a symlink attack on the temp.ip.addresses temporary file.... Read more

    Affected Products : giptables_firewall
    • Published: Jun. 09, 2005
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2006-1059

    The winbindd daemon in Samba 3.0.21 to 3.0.21c writes the machine trust account password in cleartext in log files, which allows local users to obtain the password and spoof the server in the domain.... Read more

    Affected Products : samba
    • Published: Mar. 30, 2006
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2004-1191

    Race condition in SuSE Linux 8.1 through 9.2, when run on SMP systems that have more than 4GB of memory, could allow local users to read unauthorized memory from "foreign memory pages."... Read more

    Affected Products : suse_linux
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2006-1167

    SGI ProPack 3 SP6 kernel displays the frame buffer contents of the last session after a reboot, which might allow local users to obtain sensitive information.... Read more

    Affected Products : propack
    • Published: Feb. 06, 2007
    • Modified: Apr. 09, 2025

  • 1.2

    LOW
    CVE-2006-4676

    TIBCO RendezVous 7.4.11 and earlier logs base64-encoded usernames and passwords in rvrd.db, which allows local users to obtain sensitive information by decoding the log file.... Read more

    Affected Products : rendezvous
    • Published: Sep. 11, 2006
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2014-5177

    libvirt 1.0.0 through 1.2.x before 1.2.5, when fine grained access control is enabled, allows local users to read arbitrary files via a crafted XML document containing an XML external entity declaration in conjunction with an entity reference to the (1) v... Read more

    • Published: Aug. 03, 2014
    • Modified: Apr. 12, 2025

  • 1.2

    LOW
    CVE-2001-0138

    privatepw program in wu-ftpd before 2.6.1-6 allows local users to overwrite arbitrary files via a symlink attack.... Read more

    • Published: Mar. 12, 2001
    • Modified: Apr. 03, 2025
Showing 20 of 293639 Results