Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2005-2277

    Bluetooth FTP client (BTFTP) in Nokia Affix 2.1.2 and 3.2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename argument of a PUT command.... Read more

    Affected Products : affix
    • EPSS Score: %7.22
    • Published: Jul. 15, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2005-2149

    config.php in Cacti 0.8.6e and earlier allows remote attackers to set the no_http_headers switch, then modify session information to gain privileges and disable the use of addslashes to conduct SQL injection attacks.... Read more

    Affected Products : cacti
    • EPSS Score: %1.29
    • Published: Jul. 06, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2005-1983

    Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application,... Read more

    Affected Products : windows_2000 windows_xp
    • EPSS Score: %87.82
    • Published: Aug. 10, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2005-1099

    Multiple buffer overflows in the HandleChild function in server.c in Greylisting daemon (GLD) 1.3 and 1.4, when GLD is listening on a network interface, allow remote attackers to execute arbitrary code.... Read more

    Affected Products : gld
    • EPSS Score: %79.03
    • Published: Apr. 12, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-1794

    Unknown vulnerability in pam_authz in the LDAP-UX Integration product on HP-UX 11.00 and 11.11 allows remote attackers to execute r-commands with privileges of other users.... Read more

    Affected Products : hp-ux ldap-ux_integration
    • EPSS Score: %0.90
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    CRITICAL
    CVE-2023-40044

    In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a pre-authenticated attacker could leverage a .NET deserialization vulnerability in the Ad Hoc Transfer module to execute remote commands on the underlying WS_FTP Server operating system.... Read more

    Affected Products : ws_ftp_server
    • Actively Exploited
    • EPSS Score: %94.43
    • Published: Sep. 27, 2023
    • Modified: Feb. 13, 2025

  • 10.0

    HIGH
    CVE-2003-0494

    password.asp in Snitz Forums 3.4.03 and earlier allows remote attackers to reset passwords and gain privileges as other users by via a direct request to password.asp with a modified member id.... Read more

    Affected Products : snitz_forums_2000
    • EPSS Score: %0.93
    • Published: Aug. 07, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2008-4304

    general/login.php in phpCollab 2.5 rc3 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in unspecified input related to the SSL_CLIENT_CERT environment variable. NOTE: in some environments, SSL_CLIENT_CERT always ... Read more

    Affected Products : phpcollab
    • EPSS Score: %1.79
    • Published: Dec. 23, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2005-0065

    The original design of TCP does not check that the TCP sequence number in an ICMP error message is within the range of sequence numbers for data that has been sent but not acknowledged (aka "TCP sequence number checking"), which makes it easier for attack... Read more

    Affected Products : tcp
    • EPSS Score: %1.06
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2005-0059

    Buffer overflow in the Message Queuing component of Microsoft Windows 2000 and Windows XP SP1 allows remote attackers to execute arbitrary code via a crafted message.... Read more

    • EPSS Score: %87.44
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2005-0011

    Multiple vulnerabilities in fliccd, when installed setuid root as part of the kdeedu Kstars support for Instrument Neutral Distributed Interface (INDI) in KDE 3.3 to 3.3.2, allow local users and remote attackers to execute arbitrary code via stack-based b... Read more

    Affected Products : kde kde
    • EPSS Score: %4.91
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2008-0725

    Multiple heap-based buffer overflows in the (1) FTP service and (2) administration service in Titan FTP Server 6.0.5.549 allow remote attackers to cause a denial of service (daemon hang) and possibly execute arbitrary code via a long command. NOTE: the U... Read more

    Affected Products : ftp_server
    • EPSS Score: %2.12
    • Published: Feb. 12, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2004-1701

    Heap-based buffer overflow in the AuthenticationDialogue function in cfservd for Cfengine 2.0.0 to 2.1.7p1 allows remote attackers to execute arbitrary code via a long SAUTH command during RSA authentication.... Read more

    Affected Products : cfengine
    • EPSS Score: %56.76
    • Published: Aug. 09, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-1127

    Buffer overflow in Open Dc Hub 0.7.14 allows remote attackers, with administrator privileges, to execute arbitrary code via a long RedirectAll command.... Read more

    • EPSS Score: %7.19
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-1120

    Multiple buffer overflows in (1) http.c, (2) http-retr.c, (3) main.c and other code that handles network protocols in ProZilla 1.3.6-r2 and earlier allow remote servers to execute arbitrary code via a long Location header.... Read more

    Affected Products : prozilla_download_accelerator
    • EPSS Score: %10.19
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-1064

    The safe mode checks in PHP 4.x to 4.3.9 and PHP 5.x to 5.0.2 truncate the file path before passing the data to the realpath function, which could allow attackers to bypass safe mode. NOTE: this issue was originally REJECTed by its CNA before publication... Read more

    Affected Products : ubuntu_linux php
    • EPSS Score: %2.83
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-1063

    PHP 4.x to 4.3.9, and PHP 5.x to 5.0.2, when running in safe mode on a multithreaded Unix webserver, allows local users to bypass safe_mode_exec_dir restrictions and execute commands outside of the intended safe_mode_exec_dir via shell metacharacters in t... Read more

    Affected Products : ubuntu_linux php
    • EPSS Score: %3.03
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-1052

    Buffer overflow in the getnickuserhost function in BNC 2.8.9, and possibly other versions, allows remote IRC servers to execute arbitrary code via an IRC server response that contains many (1) ! (exclamation) or (2) @ (at sign) characters.... Read more

    Affected Products : debian_linux linux bnc
    • EPSS Score: %1.47
    • Published: Mar. 01, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    CRITICAL
    CVE-2023-3432

    Server-Side Request Forgery (SSRF) in GitHub repository plantuml/plantuml prior to 1.2023.9.... Read more

    Affected Products : fedora plantuml
    • EPSS Score: %0.18
    • Published: Jun. 27, 2023
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2004-1011

    Stack-based buffer overflow in Cyrus IMAP Server 2.2.4 through 2.2.8, with the imapmagicplus option enabled, allows remote attackers to execute arbitrary code via a long (1) PROXY or (2) LOGIN command, a different vulnerability than CVE-2004-1015.... Read more

    • EPSS Score: %16.62
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025
Showing 20 of 291562 Results