Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 1.2

    LOW
    CVE-2003-1061

    Race condition in Solaris 2.6 through 9 allows local users to cause a denial of service (kernel panic), as demonstrated via the namefs function, pipe, and certain STREAMS routines.... Read more

    Affected Products : solaris sunos
    • Published: Oct. 14, 2003
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2002-1563

    stunnel 4.0.3 and earlier allows attackers to cause a denial of service (crash) via SIGCHLD signal handler race conditions that cause an inconsistency in the child counter.... Read more

    Affected Products : stunnel
    • Published: May. 12, 2003
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2002-1674

    procfs on FreeBSD before 4.5 allows local users to cause a denial of service (kernel panic) by removing a file that the fstatfs function refers to.... Read more

    Affected Products : freebsd
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2005-1368

    The key_user_lookup function in security/keys/key.c in Linux kernel 2.6.10 to 2.6.11.8 may allow attackers to cause a denial of service (oops) via SMP.... Read more

    Affected Products : linux_kernel
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2012-2103

    The qmailscan plugin for Munin 1.4.5 allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names.... Read more

    Affected Products : munin
    • Published: Aug. 26, 2012
    • Modified: Apr. 11, 2025

  • 1.2

    LOW
    CVE-2012-3500

    scripts/annotate-output.sh in devscripts before 2.12.2, as used in rpmdevtools before 8.3, allows local users to modify arbitrary files via a symlink attack on the temporary (1) standard output or (2) standard error output file.... Read more

    Affected Products : devscripts rpmdevtools
    • Published: Oct. 01, 2012
    • Modified: Apr. 11, 2025

  • 1.2

    LOW
    CVE-2012-3487

    Race condition in Tunnelblick 3.3beta20 and earlier allows local users to kill unintended processes by waiting for a specific PID value to be assigned to a target process.... Read more

    Affected Products : tunnelblick
    • Published: Aug. 26, 2012
    • Modified: Apr. 11, 2025

  • 1.2

    LOW
    CVE-2001-0138

    privatepw program in wu-ftpd before 2.6.1-6 allows local users to overwrite arbitrary files via a symlink attack.... Read more

    • Published: Mar. 12, 2001
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2014-5177

    libvirt 1.0.0 through 1.2.x before 1.2.5, when fine grained access control is enabled, allows local users to read arbitrary files via a crafted XML document containing an XML external entity declaration in conjunction with an entity reference to the (1) v... Read more

    • Published: Aug. 03, 2014
    • Modified: Apr. 12, 2025

  • 1.2

    LOW
    CVE-2008-7256

    mm/shmem.c in the Linux kernel before 2.6.28-rc8, when strict overcommit is enabled and CONFIG_SECURITY is disabled, does not properly handle the export of shmemfs objects by knfsd, which allows attackers to cause a denial of service (NULL pointer derefer... Read more

    Affected Products : linux_kernel
    • Published: Jun. 03, 2010
    • Modified: Apr. 11, 2025

  • 1.2

    LOW
    CVE-2013-2217

    cache.py in Suds 0.4, when tempdir is set to None, allows local users to redirect SOAP queries and possibly have other unspecified impact via a symlink attack on a cache file with a predictable name in /tmp/suds/.... Read more

    Affected Products : enterprise_linux opensuse suds
    • Published: Sep. 23, 2013
    • Modified: Apr. 11, 2025

  • 1.2

    LOW
    CVE-2001-0118

    rdist 6.1.5 allows local users to overwrite arbitrary files via a symlink attack.... Read more

    Affected Products : linux mandrake_linux immunix
    • Published: Mar. 12, 2001
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2001-1276

    ispell before 3.1.20 allows local users to overwrite files of other users via a symlink attack on a temporary file.... Read more

    Affected Products : ispell
    • Published: Jun. 21, 2001
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2001-0142

    squid 2.3 and earlier allows local users to overwrite arbitrary files via a symlink attack in some configurations.... Read more

    • Published: Mar. 12, 2001
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2001-0095

    catman in Solaris 2.7 and 2.8 allows local users to overwrite arbitrary files via a symlink attack on the sman_PID temporary file.... Read more

    Affected Products : sunos
    • Published: Feb. 12, 2001
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2011-4028

    The LockServer function in os/utils.c in X.Org xserver before 1.11.2 allows local users to determine the existence of arbitrary files via a symlink attack on a temporary lock file, which is handled differently if the file exists.... Read more

    Affected Products : x_server
    • Published: Jul. 03, 2012
    • Modified: Apr. 11, 2025

  • 1.2

    LOW
    CVE-2012-2313

    The rio_ioctl function in drivers/net/ethernet/dlink/dl2k.c in the Linux kernel before 3.3.7 does not restrict access to the SIOCSMIIREG command, which allows local users to write data to an Ethernet adapter via an ioctl call.... Read more

    • Published: Jun. 13, 2012
    • Modified: Apr. 11, 2025

  • 1.2

    LOW
    CVE-2011-2724

    The check_mtab function in client/mount.cifs.c in mount.cifs in smbfs in Samba 3.5.10 and earlier does not properly verify that the (1) device name and (2) mountpoint strings are composed of valid characters, which allows local users to cause a denial of ... Read more

    Affected Products : samba
    • Published: Sep. 06, 2011
    • Modified: Apr. 11, 2025

  • 1.2

    LOW
    CVE-1999-1042

    Cisco Resource Manager (CRM) 1.0 and 1.1 creates world-readable log files and temporary files, which may expose sensitive information, to local users such as user IDs, passwords and SNMP community strings.... Read more

    Affected Products : resource_manager
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2000-0723

    Helix GNOME Updater helix-update 0.5 and earlier does not properly create /tmp directories, which allows local users to create empty system configuration files such as /etc/config.d/bashrc, /etc/config.d/csh.cshrc, and /etc/rc.config.... Read more

    Affected Products : gnome_installer
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025
Showing 20 of 293618 Results