Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 1.2

    LOW
    CVE-2002-1563

    stunnel 4.0.3 and earlier allows attackers to cause a denial of service (crash) via SIGCHLD signal handler race conditions that cause an inconsistency in the child counter.... Read more

    Affected Products : stunnel
    • Published: May. 12, 2003
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2009-1707

    Race condition in the Reset Safari implementation in Apple Safari before 4.0 on Windows might allow local users to read stored web-site passwords via unspecified vectors.... Read more

    Affected Products : safari
    • Published: Jun. 10, 2009
    • Modified: Apr. 09, 2025

  • 1.2

    LOW
    CVE-2007-0832

    VMware Workstation 5.5.3 34685 does not immediately change the availability of a shared clipboard when the "Enable copy and paste to and from this virtual machine" checkbox is changed, which allows local users to obtain sensitive information or conduct ce... Read more

    Affected Products : workstation
    • Published: Feb. 07, 2007
    • Modified: Apr. 09, 2025

  • 1.2

    LOW
    CVE-2007-0833

    VMware Workstation 5.5.3 34685, when the "Enable copy and paste to and from this virtual machine" option is enabled, preserves clipboard data on the guest operating system after it was deleted on the host operating system, which might allow local users to... Read more

    Affected Products : workstation
    • Published: Feb. 07, 2007
    • Modified: Apr. 09, 2025

  • 1.2

    LOW
    CVE-2013-1442

    Xen 4.0 through 4.3.x, when using AVX or LWP capable CPUs, does not properly clear previous data from registers when using an XSAVE or XRSTOR to extend the state components of a saved or restored vCPU after touching other restored extended registers, whic... Read more

    Affected Products : xen
    • Published: Sep. 30, 2013
    • Modified: Apr. 11, 2025

  • 1.2

    LOW
    CVE-2011-1769

    SystemTap 1.4 and earlier, when unprivileged (aka stapusr) mode is enabled, allows local users to cause a denial of service (divide-by-zero error and OOPS) via a crafted ELF program with DWARF expressions that are not properly handled by a stap script tha... Read more

    Affected Products : systemtap
    • Published: Aug. 29, 2011
    • Modified: Apr. 11, 2025

  • 1.2

    LOW
    CVE-2004-1191

    Race condition in SuSE Linux 8.1 through 9.2, when run on SMP systems that have more than 4GB of memory, could allow local users to read unauthorized memory from "foreign memory pages."... Read more

    Affected Products : suse_linux
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2006-3118

    spread uses a temporary file with a static filename based on the port number, which allows local users to cause a denial of service by creating the file during a race condition between unlink and bind function calls. NOTE: spread deletes this temporary f... Read more

    Affected Products : spread
    • Published: Jun. 30, 2006
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2011-3163

    HP MFP Digital Sending Software 4.9x through 4.91.21 allows local users to obtain sensitive workflow-metadata information via unspecified vectors.... Read more

    • Published: Oct. 23, 2011
    • Modified: Apr. 11, 2025

  • 1.2

    LOW
    CVE-2011-4028

    The LockServer function in os/utils.c in X.Org xserver before 1.11.2 allows local users to determine the existence of arbitrary files via a symlink attack on a temporary lock file, which is handled differently if the file exists.... Read more

    Affected Products : x_server
    • Published: Jul. 03, 2012
    • Modified: Apr. 11, 2025

  • 1.2

    LOW
    CVE-2011-4617

    virtualenv.py in virtualenv before 1.5 allows local users to overwrite arbitrary files via a symlink attack on a certain file in /tmp/.... Read more

    Affected Products : virtualenv virtualenv
    • Published: Dec. 31, 2011
    • Modified: Apr. 11, 2025

  • 1.2

    LOW
    CVE-2012-3500

    scripts/annotate-output.sh in devscripts before 2.12.2, as used in rpmdevtools before 8.3, allows local users to modify arbitrary files via a symlink attack on the temporary (1) standard output or (2) standard error output file.... Read more

    Affected Products : devscripts rpmdevtools
    • Published: Oct. 01, 2012
    • Modified: Apr. 11, 2025

  • 1.2

    LOW
    CVE-2012-3487

    Race condition in Tunnelblick 3.3beta20 and earlier allows local users to kill unintended processes by waiting for a specific PID value to be assigned to a target process.... Read more

    Affected Products : tunnelblick
    • Published: Aug. 26, 2012
    • Modified: Apr. 11, 2025

  • 1.2

    LOW
    CVE-2012-2103

    The qmailscan plugin for Munin 1.4.5 allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names.... Read more

    Affected Products : munin
    • Published: Aug. 26, 2012
    • Modified: Apr. 11, 2025

  • 1.2

    LOW
    CVE-2011-2724

    The check_mtab function in client/mount.cifs.c in mount.cifs in smbfs in Samba 3.5.10 and earlier does not properly verify that the (1) device name and (2) mountpoint strings are composed of valid characters, which allows local users to cause a denial of ... Read more

    Affected Products : samba
    • Published: Sep. 06, 2011
    • Modified: Apr. 11, 2025

  • 1.2

    LOW
    CVE-2006-5757

    Race condition in the __find_get_block_slow function in the ISO9660 filesystem in Linux 2.6.18 and possibly other versions allows local users to cause a denial of service (infinite loop) by mounting a crafted ISO9660 filesystem containing malformed data s... Read more

    Affected Products : linux_kernel
    • Published: Nov. 06, 2006
    • Modified: Apr. 09, 2025

  • 1.2

    LOW
    CVE-2001-0143

    vpop3d program in linuxconf 1.23r and earlier allows local users to overwrite arbitrary files via a symlink attack.... Read more

    Affected Products : linux immunix
    • Published: Mar. 12, 2001
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2003-0120

    adb2mhc in the mhc-utils package before 0.25+20010625-7.1 allows local users to overwrite arbitrary files via a symlink attack on a default temporary directory with a predictable name.... Read more

    Affected Products : mhc-utils
    • Published: Mar. 07, 2003
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2010-3014

    The Coda filesystem kernel module, as used in NetBSD and FreeBSD, when Coda is loaded and Venus is running with /coda mounted, allows local users to read sensitive heap memory via a large out_size value in a ViceIoctl struct to a Coda ioctl, which trigger... Read more

    Affected Products : freebsd netbsd
    • Published: Aug. 20, 2010
    • Modified: Apr. 11, 2025

  • 1.2

    LOW
    CVE-2014-3537

    The web interface in CUPS before 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/.... Read more

    Affected Products : cups ubuntu_linux fedora
    • Published: Jul. 23, 2014
    • Modified: Apr. 12, 2025
Showing 20 of 293624 Results