Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2007-4773

    Systrace before 1.6.0 has insufficient escape policy enforcement.... Read more

    Affected Products : systrace
    • EPSS Score: %0.63
    • Published: Jan. 15, 2020
    • Modified: Nov. 21, 2024

  • 9.1

    CRITICAL
    CVE-2007-3915

    Mondo 2.24 has insecure handling of temporary files.... Read more

    Affected Products : mondo
    • EPSS Score: %0.36
    • Published: Nov. 07, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2007-3732

    In Linux 2.6 before 2.6.23, the TRACE_IRQS_ON function in iret_exc calls a C function without ensuring that the segments are set properly. The kernel's %fs needs to be restored before the call in TRACE_IRQS_ON and before enabling interrupts, so that "curr... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.16
    • Published: Nov. 07, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2007-20001

    A flaw was found in StarWind iSCSI target. An attacker could script standard iSCSI Initiator operation(s) to exhaust the StarWind service socket, which could lead to denial of service. This affects iSCSI SAN (Windows Native) Version 3.2.2 build 2007-02-20... Read more

    Affected Products : iscsi_san
    • EPSS Score: %0.39
    • Published: Feb. 06, 2022
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2007-10003

    A vulnerability, which was classified as critical, has been found in The Hackers Diet Plugin up to 0.9.6b on WordPress. This issue affects some unknown processing of the file ajax_blurb.php of the component HTTP POST Request Handler. The manipulation of t... Read more

    Affected Products : the_hackers_diet
    • EPSS Score: %0.13
    • Published: Oct. 29, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2007-10002

    A vulnerability, which was classified as critical, has been found in web-cyradm. Affected by this issue is some unknown functionality of the file auth.inc.php. The manipulation of the argument login/login_password/LANG leads to sql injection. The attack m... Read more

    Affected Products : web-cyradm
    • EPSS Score: %0.06
    • Published: Jan. 08, 2023
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2007-10001

    A vulnerability classified as problematic has been found in web-cyradm. This affects an unknown part of the file search.php. The manipulation of the argument searchstring leads to sql injection. It is recommended to apply a patch to fix this issue. The id... Read more

    Affected Products : web-cyradm
    • EPSS Score: %0.06
    • Published: Jan. 05, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2007-0899

    There is a possible heap overflow in libclamav/fsg.c before 0.100.0.... Read more

    Affected Products : debian_linux clamav
    • EPSS Score: %0.45
    • Published: Nov. 06, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2007-0158

    thttpd 2007 has buffer underflow.... Read more

    Affected Products : thttpd
    • EPSS Score: %0.42
    • Published: Dec. 27, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2006-7254

    The nscd daemon in the GNU C Library (glibc) before version 2.5 does not close incoming client sockets if they cannot be handled by the daemon, allowing local users to carry out a denial of service attack on the daemon.... Read more

    Affected Products : glibc
    • EPSS Score: %0.04
    • Published: Apr. 10, 2019
    • Modified: Nov. 21, 2024

  • 6.8

    MEDIUM
    CVE-2006-7246

    NetworkManager 0.9.x does not pin a certificate's subject to an ESSID when 802.11X authentication is used.... Read more

    • EPSS Score: %0.06
    • Published: Jan. 27, 2020
    • Modified: Nov. 21, 2024

  • 8.1

    HIGH
    CVE-2006-4245

    archivemail 0.6.2 uses temporary files insecurely leading to a possible race condition.... Read more

    Affected Products : debian_linux archivemail
    • EPSS Score: %0.34
    • Published: Nov. 06, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2006-4243

    linux vserver 2.6 before 2.6.17 suffers from privilege escalation in remount code.... Read more

    Affected Products : linux_kernel linux-vserver
    • EPSS Score: %0.37
    • Published: Nov. 06, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2006-3100

    termpkg 3.3 suffers from buffer overflow.... Read more

    Affected Products : termpkg
    • EPSS Score: %0.51
    • Published: Nov. 06, 2019
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2006-10001

    A vulnerability, which was classified as problematic, was found in Subscribe to Comments Plugin up to 2.0.7 on WordPress. This affects an unknown part of the file subscribe-to-comments.php. The manipulation leads to cross site scripting. It is possible to... Read more

    • EPSS Score: %0.11
    • Published: Mar. 05, 2023
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2006-0062

    xlockmore 5.13 allows potential xlock bypass when FVWM switches to the same virtual desktop as a new Gaim window.... Read more

    Affected Products : xlockmore
    • EPSS Score: %0.13
    • Published: Nov. 06, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2006-0061

    xlockmore 5.13 and 5.22 segfaults when using libpam-opensc and returns the underlying xsession. This allows unauthorized users access to the X session.... Read more

    Affected Products : xlockmore
    • EPSS Score: %0.44
    • Published: Nov. 06, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2005-4891

    Simple Machine Forum (SMF) versions 1.0.4 and earlier have an SQL injection vulnerability that allows remote attackers to inject arbitrary SQL statements.... Read more

    Affected Products : simple_machine_forum
    • EPSS Score: %0.27
    • Published: Jan. 15, 2020
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2005-4890

    There is a possible tty hijacking in shadow 4.x before 4.1.5 and sudo 1.x before 1.7.4 via "su - user -c program". The user session can be escaped to the parent session by using the TIOCSTI ioctl to push characters into the input buffer to be read by the ... Read more

    • EPSS Score: %0.16
    • Published: Nov. 04, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2005-3590

    The getgrouplist function in the GNU C library (glibc) before version 2.3.5, when invoked with a zero argument, writes to the passed pointer even if the specified array size is zero, leading to a buffer overflow and potentially allowing attackers to corru... Read more

    Affected Products : glibc
    • EPSS Score: %0.49
    • Published: Apr. 10, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 291360 Results