Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 1.2

    LOW
    CVE-2005-1878

    GIPTables Firewall 1.1 and earlier allows local users to overwrite arbitrary files via a symlink attack on the temp.ip.addresses temporary file.... Read more

    Affected Products : giptables_firewall
    • Published: Jun. 09, 2005
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2001-0143

    vpop3d program in linuxconf 1.23r and earlier allows local users to overwrite arbitrary files via a symlink attack.... Read more

    Affected Products : linux immunix
    • Published: Mar. 12, 2001
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2015-4822

    Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect availability via unknown vectors related to Solaris Kernel Zones, a different vulnerability than CVE-2015-4831.... Read more

    Affected Products : solaris
    • Published: Oct. 21, 2015
    • Modified: Apr. 12, 2025

  • 1.2

    LOW
    CVE-2011-2724

    The check_mtab function in client/mount.cifs.c in mount.cifs in smbfs in Samba 3.5.10 and earlier does not properly verify that the (1) device name and (2) mountpoint strings are composed of valid characters, which allows local users to cause a denial of ... Read more

    Affected Products : samba
    • Published: Sep. 06, 2011
    • Modified: Apr. 11, 2025

  • 1.2

    LOW
    CVE-2006-0741

    Linux kernel before 2.6.15.5, when running on Intel processors, allows local users to cause a denial of service ("endless recursive fault") via unknown attack vectors related to a "bad elf entry address."... Read more

    Affected Products : linux_kernel
    • Published: Mar. 07, 2006
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2004-0404

    logcheck before 1.1.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary directory in /var/tmp.... Read more

    Affected Products : logcheck
    • Published: Jul. 07, 2004
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2012-4676

    The errorExitIfAttackViaString function in Tunnelblick 3.3beta20 and earlier allows local users to delete arbitrary files by constructing a (1) symlink or (2) hard link, a different vulnerability than CVE-2012-3485.... Read more

    Affected Products : tunnelblick
    • Published: Aug. 26, 2012
    • Modified: Apr. 11, 2025

  • 1.2

    LOW
    CVE-2007-3108

    The BN_from_montgomery function in crypto/bn/bn_mont.c in OpenSSL 0.9.8e and earlier does not properly perform Montgomery multiplication, which might allow local users to conduct a side-channel attack and retrieve RSA private keys.... Read more

    Affected Products : openssl
    • Published: Aug. 08, 2007
    • Modified: Apr. 09, 2025

  • 1.2

    LOW
    CVE-2011-4028

    The LockServer function in os/utils.c in X.Org xserver before 1.11.2 allows local users to determine the existence of arbitrary files via a symlink attack on a temporary lock file, which is handled differently if the file exists.... Read more

    Affected Products : x_server
    • Published: Jul. 03, 2012
    • Modified: Apr. 11, 2025

  • 1.2

    LOW
    CVE-2003-0462

    A race condition in the way env_start and env_end pointers are initialized in the execve system call and used in fs/proc/base.c on Linux 2.4 allows local users to cause a denial of service (crash).... Read more

    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2004-1058

    Race condition in Linux kernel 2.6 allows local users to read the environment variables of another process that is still spawning via /proc/.../cmdline.... Read more

    Affected Products : linux_kernel ubuntu_linux
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2004-0814

    Multiple race conditions in the terminal layer in Linux 2.4.x, and 2.6.x before 2.6.9, allow (1) local users to obtain portions of kernel data via a TIOCSETD ioctl call to a terminal interface that is being accessed by another thread, or (2) remote attack... Read more

    Affected Products : linux_kernel ubuntu_linux
    • Published: Dec. 23, 2004
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2012-2678

    389 Directory Server before 1.2.11.6 (aka Red Hat Directory Server before 8.2.10-3), after the password for a LDAP user has been changed and before the server has been reset, allows remote attackers to read the plaintext password via the unhashed#user#pas... Read more

    • Published: Jul. 03, 2012
    • Modified: Apr. 11, 2025

  • 1.2

    LOW
    CVE-2005-1759

    Race condition in shtool 2.0.1 and earlier allows local users to modify or create arbitrary files via a symlink attack on temporary files after they have been created, a different vulnerability than CVE-2005-1751.... Read more

    Affected Products : shtool
    • Published: Jun. 28, 2005
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2011-4617

    virtualenv.py in virtualenv before 1.5 allows local users to overwrite arbitrary files via a symlink attack on a certain file in /tmp/.... Read more

    Affected Products : virtualenv virtualenv
    • Published: Dec. 31, 2011
    • Modified: Apr. 11, 2025

  • 1.2

    LOW
    CVE-2005-1066

    Race condition in rpdump in Pine 4.62 and earlier allows local users to overwrite arbitrary files via a symlink attack.... Read more

    Affected Products : enterprise_linux pine
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2015-4823

    Unspecified vulnerability in the Hyperion Installation Technology component in Oracle Hyperion 11.1.2.3 allows local users to affect confidentiality via unknown vectors related to Essbase Rapid Deploy.... Read more

    Affected Products : hyperion
    • Published: Oct. 21, 2015
    • Modified: Apr. 12, 2025

  • 1.2

    LOW
    CVE-2000-1045

    nss_ldap earlier than 121, when run with nscd (name service caching daemon), allows remote attackers to cause a denial of service via a flood of LDAP requests.... Read more

    Affected Products : nss_ldap
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2003-1080

    Unknown vulnerability in mail for Solaris 2.6 through 9 allows local users to read the email of other users.... Read more

    Affected Products : solaris sunos
    • Published: Feb. 11, 2003
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2001-0036

    KTH Kerberos IV allows local users to overwrite arbitrary files via a symlink attack on a ticket file.... Read more

    Affected Products : kth_kerberos
    • Published: Feb. 16, 2001
    • Modified: Apr. 03, 2025
Showing 20 of 293640 Results