Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2006-0062

    xlockmore 5.13 allows potential xlock bypass when FVWM switches to the same virtual desktop as a new Gaim window.... Read more

    Affected Products : xlockmore
    • EPSS Score: %0.13
    • Published: Nov. 06, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2006-0061

    xlockmore 5.13 and 5.22 segfaults when using libpam-opensc and returns the underlying xsession. This allows unauthorized users access to the X session.... Read more

    Affected Products : xlockmore
    • EPSS Score: %0.44
    • Published: Nov. 06, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2005-4891

    Simple Machine Forum (SMF) versions 1.0.4 and earlier have an SQL injection vulnerability that allows remote attackers to inject arbitrary SQL statements.... Read more

    Affected Products : simple_machine_forum
    • EPSS Score: %0.27
    • Published: Jan. 15, 2020
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2005-4890

    There is a possible tty hijacking in shadow 4.x before 4.1.5 and sudo 1.x before 1.7.4 via "su - user -c program". The user session can be escaped to the parent session by using the TIOCSTI ioctl to push characters into the input buffer to be read by the ... Read more

    • EPSS Score: %0.16
    • Published: Nov. 04, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2005-3590

    The getgrouplist function in the GNU C library (glibc) before version 2.3.5, when invoked with a zero argument, writes to the passed pointer even if the specified array size is zero, leading to a buffer overflow and potentially allowing attackers to corru... Read more

    Affected Products : glibc
    • EPSS Score: %0.49
    • Published: Apr. 10, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2005-3056

    TWiki allows arbitrary shell command execution via the Include function... Read more

    Affected Products : twiki
    • EPSS Score: %1.22
    • Published: Nov. 01, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2005-2354

    Nvu 0.99+1.0pre uses an old copy of Mozilla XPCOM which can result in multiple security issues.... Read more

    Affected Products : nvu
    • EPSS Score: %0.51
    • Published: Nov. 05, 2019
    • Modified: Nov. 20, 2024

  • 8.1

    HIGH
    CVE-2005-2352

    I race condition in Temp files was found in gs-gpl before 8.56 addons scripts.... Read more

    Affected Products : gs-gpl
    • EPSS Score: %0.32
    • Published: Nov. 01, 2019
    • Modified: Nov. 20, 2024

  • 5.5

    MEDIUM
    CVE-2005-2351

    Mutt before 1.5.20 patch 7 allows an attacker to cause a denial of service via a series of requests to mutt temporary files.... Read more

    Affected Products : debian_linux mutt
    • EPSS Score: %0.13
    • Published: Nov. 01, 2019
    • Modified: Nov. 20, 2024

  • 6.1

    MEDIUM
    CVE-2005-2350

    Cross-site scripting (XSS) vulnerability in websieve v0.62 allows remote attackers to inject arbitrary web script or HTML code in the web user interface.... Read more

    Affected Products : websieve
    • EPSS Score: %0.43
    • Published: Nov. 01, 2019
    • Modified: Nov. 20, 2024

  • 7.5

    HIGH
    CVE-2005-2349

    Zoo 2.10 has Directory traversal... Read more

    Affected Products : zoo
    • EPSS Score: %0.36
    • Published: Oct. 28, 2019
    • Modified: Nov. 20, 2024

  • 9.8

    CRITICAL
    CVE-2005-10002

    A vulnerability, which was classified as critical, was found in almosteffortless secure-files Plugin up to 1.1 on WordPress. Affected is the function sf_downloads of the file secure-files.php. The manipulation of the argument downloadfile leads to path tr... Read more

    Affected Products : secure_files
    • EPSS Score: %0.20
    • Published: Oct. 29, 2023
    • Modified: Nov. 20, 2024

  • 6.1

    MEDIUM
    CVE-2005-10001

    A vulnerability was found in Netegrity SiteMinder up to 4.5.1 and classified as critical. Affected by this issue is the file /siteminderagent/pwcgi/smpwservicescgi.exe of the component Login. The manipulation of the argument target leads to an open redire... Read more

    Affected Products : symantec_siteminder
    • EPSS Score: %0.20
    • Published: Mar. 28, 2022
    • Modified: Nov. 20, 2024

  • 7.5

    HIGH
    CVE-2004-2779

    id3_utf16_deserialize() in utf16.c in libid3tag through 0.15.1b misparses ID3v2 tags encoded in UTF-16 with an odd number of bytes, triggering an endless loop allocating memory until an OOM condition is reached, leading to denial-of-service (DoS).... Read more

    Affected Products : libid3tag
    • EPSS Score: %0.44
    • Published: Feb. 20, 2018
    • Modified: Nov. 20, 2024

  • 9.8

    CRITICAL
    CVE-2004-2776

    go.cgi in GoScript 2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) query string or (2) artarchive parameter.... Read more

    Affected Products : goscript
    • EPSS Score: %2.22
    • Published: Dec. 31, 2019
    • Modified: Nov. 20, 2024

  • 6.1

    MEDIUM
    CVE-2003-5003

    A vulnerability was found in ISS BlackICE PC Protection. It has been rated as problematic. Affected by this issue is the Update Handler. The manipulation with an unknown input leads to cross site scripting. The attack may be launched remotely. The exploit... Read more

    Affected Products : iss_blackice_pc_protection
    • EPSS Score: %0.28
    • Published: Mar. 28, 2022
    • Modified: Nov. 20, 2024

  • 5.3

    MEDIUM
    CVE-2003-5002

    A vulnerability was found in ISS BlackICE PC Protection. It has been declared as problematic. Affected by this vulnerability is the component Update Handler which allows cleartext transmission of data. NOTE: This vulnerability only affects products that a... Read more

    Affected Products : iss_blackice_pc_protection
    • EPSS Score: %0.14
    • Published: Mar. 28, 2022
    • Modified: Nov. 20, 2024

  • 9.8

    CRITICAL
    CVE-2003-5001

    A vulnerability was found in ISS BlackICE PC Protection and classified as critical. Affected by this issue is the component Cross Site Scripting Detection. The manipulation as part of POST/PUT/DELETE/OPTIONS Request leads to privilege escalation. The atta... Read more

    Affected Products : iss_blackice_pc_protection
    • EPSS Score: %0.32
    • Published: Mar. 28, 2022
    • Modified: Nov. 20, 2024

  • 7.5

    HIGH
    CVE-2003-1605

    curl 7.x before 7.10.7 sends CONNECT proxy credentials to the remote server.... Read more

    Affected Products : curl
    • EPSS Score: %0.40
    • Published: Aug. 23, 2018
    • Modified: Nov. 20, 2024

  • 9.8

    CRITICAL
    CVE-2002-2444

    Snoopy before 2.0.0 has a security hole in exec cURL... Read more

    Affected Products : snoopy
    • EPSS Score: %0.48
    • Published: Oct. 28, 2019
    • Modified: Nov. 20, 2024
Showing 20 of 291558 Results