Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 1.2

    LOW
    CVE-2003-1080

    Unknown vulnerability in mail for Solaris 2.6 through 9 allows local users to read the email of other users.... Read more

    Affected Products : solaris sunos
    • Published: Feb. 11, 2003
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2005-4660

    Race condition in IPCop (aka IPCop Firewall) before 1.4.10 might allow local users to overwrite system configuration files and gain privileges by replacing a backup archive during the time window when the archive is owned by "nobody" but not yet encrypted... Read more

    Affected Products : ipcop
    • Published: Dec. 31, 2005
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2006-5297

    Race condition in the safe_open function in the Mutt mail client 1.5.12 and earlier, when creating temporary files in an NFS filesystem, allows local users to overwrite arbitrary files due to limitations of the use of the O_EXCL flag on NFS filesystems.... Read more

    Affected Products : mutt
    • Published: Oct. 16, 2006
    • Modified: Apr. 09, 2025

  • 1.2

    LOW
    CVE-2006-1695

    The fbgs script in the fbi package 2.01-1.4, when the TMPDIR environment variable is not defined, allows local users to overwrite arbitrary files via a symlink attack on temporary files in /var/tmp/fbps-[PID].... Read more

    Affected Products : fbida
    • Published: Apr. 11, 2006
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2002-1508

    slapd in OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allows local users to overwrite arbitrary files via a race condition during the creation of a log file for rejected replication requests.... Read more

    Affected Products : openldap
    • Published: Feb. 19, 2003
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2005-0448

    Race condition in the rmtree function in File::Path.pm in Perl before 5.8.4 allows local users to create arbitrary setuid binaries in the tree being deleted, a different vulnerability than CVE-2004-0452.... Read more

    Affected Products : perl
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2013-1442

    Xen 4.0 through 4.3.x, when using AVX or LWP capable CPUs, does not properly clear previous data from registers when using an XSAVE or XRSTOR to extend the state components of a saved or restored vCPU after touching other restored extended registers, whic... Read more

    Affected Products : xen
    • Published: Sep. 30, 2013
    • Modified: Apr. 11, 2025

  • 1.2

    LOW
    CVE-2006-0741

    Linux kernel before 2.6.15.5, when running on Intel processors, allows local users to cause a denial of service ("endless recursive fault") via unknown attack vectors related to a "bad elf entry address."... Read more

    Affected Products : linux_kernel
    • Published: Mar. 07, 2006
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2009-1707

    Race condition in the Reset Safari implementation in Apple Safari before 4.0 on Windows might allow local users to read stored web-site passwords via unspecified vectors.... Read more

    Affected Products : safari
    • Published: Jun. 10, 2009
    • Modified: Apr. 09, 2025

  • 1.2

    LOW
    CVE-2012-2313

    The rio_ioctl function in drivers/net/ethernet/dlink/dl2k.c in the Linux kernel before 3.3.7 does not restrict access to the SIOCSMIIREG command, which allows local users to write data to an Ethernet adapter via an ioctl call.... Read more

    • Published: Jun. 13, 2012
    • Modified: Apr. 11, 2025

  • 1.2

    LOW
    CVE-2011-3163

    HP MFP Digital Sending Software 4.9x through 4.91.21 allows local users to obtain sensitive workflow-metadata information via unspecified vectors.... Read more

    • Published: Oct. 23, 2011
    • Modified: Apr. 11, 2025

  • 1.2

    LOW
    CVE-2011-4028

    The LockServer function in os/utils.c in X.Org xserver before 1.11.2 allows local users to determine the existence of arbitrary files via a symlink attack on a temporary lock file, which is handled differently if the file exists.... Read more

    Affected Products : x_server
    • Published: Jul. 03, 2012
    • Modified: Apr. 11, 2025

  • 1.2

    LOW
    CVE-2008-3259

    OpenSSH before 5.1 sets the SO_REUSEADDR socket option when the X11UseLocalhost configuration setting is disabled, which allows local users on some platforms to hijack the X11 forwarding port via a bind to a single IP address, as demonstrated on the HP-UX... Read more

    Affected Products : openssh
    • Published: Jul. 22, 2008
    • Modified: Apr. 09, 2025

  • 1.2

    LOW
    CVE-2001-0095

    catman in Solaris 2.7 and 2.8 allows local users to overwrite arbitrary files via a symlink attack on the sman_PID temporary file.... Read more

    Affected Products : sunos
    • Published: Feb. 12, 2001
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2001-0142

    squid 2.3 and earlier allows local users to overwrite arbitrary files via a symlink attack in some configurations.... Read more

    • Published: Mar. 12, 2001
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2001-0118

    rdist 6.1.5 allows local users to overwrite arbitrary files via a symlink attack.... Read more

    Affected Products : linux mandrake_linux immunix
    • Published: Mar. 12, 2001
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2002-1674

    procfs on FreeBSD before 4.5 allows local users to cause a denial of service (kernel panic) by removing a file that the fstatfs function refers to.... Read more

    Affected Products : freebsd
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2002-1563

    stunnel 4.0.3 and earlier allows attackers to cause a denial of service (crash) via SIGCHLD signal handler race conditions that cause an inconsistency in the child counter.... Read more

    Affected Products : stunnel
    • Published: May. 12, 2003
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2007-0832

    VMware Workstation 5.5.3 34685 does not immediately change the availability of a shared clipboard when the "Enable copy and paste to and from this virtual machine" checkbox is changed, which allows local users to obtain sensitive information or conduct ce... Read more

    Affected Products : workstation
    • Published: Feb. 07, 2007
    • Modified: Apr. 09, 2025

  • 1.2

    LOW
    CVE-2007-0833

    VMware Workstation 5.5.3 34685, when the "Enable copy and paste to and from this virtual machine" option is enabled, preserves clipboard data on the guest operating system after it was deleted on the host operating system, which might allow local users to... Read more

    Affected Products : workstation
    • Published: Feb. 07, 2007
    • Modified: Apr. 09, 2025
Showing 20 of 294342 Results