Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2005-2518

    Buffer overflow in servermgrd in Mac OS X 10.3.9 and 10.4.2 allows remote attackers to execute arbitrary code during authentication.... Read more

    Affected Products : mac_os_x
    • EPSS Score: %1.61
    • Published: Aug. 19, 2005
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2005-2517

    Safari in Mac OS X 10.3.9 and 10.4.2 submits forms from an XSL formatted page to the next page that is browsed by the user, which causes form data to be sent to the wrong site.... Read more

    Affected Products : mac_os_x safari
    • EPSS Score: %0.30
    • Published: Aug. 19, 2005
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2005-2515

    Quartz Composer Screen Saver in Mac OS X 10.4.2 allows local users to access links from the RSS Visualizer even when a password is required.... Read more

    Affected Products : mac_os_x
    • EPSS Score: %0.07
    • Published: Aug. 19, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-2513

    Unknown vulnerability in HItoolbox for Mac OS X 10.4.2 allows VoiceOver services to read secure input fields.... Read more

    Affected Products : mac_os_x
    • EPSS Score: %0.60
    • Published: Aug. 19, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2005-2511

    Unknown vulnerability in Mac OS X 10.4.2 and earlier, when using Kerberos authentication with LDAP, allows attackers to gain access to a root Terminal window.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • EPSS Score: %0.40
    • Published: Aug. 19, 2005
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-2005-2502

    Buffer overflow in AppKit for Mac OS X 10.3.9 and 10.4.2, as used in applications such as TextEdit, allows external user-assisted attackers to execute arbitrary code via a crafted Microsoft Word file.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • EPSS Score: %1.01
    • Published: Aug. 19, 2005
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2005-2504

    The System Profiler in Mac OS X 10.4.2 labels a Bluetooth device with "Requires Authentication: No" even when the user has selected the "Require pairing for security" option, which could confuse users about which setting is valid.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • EPSS Score: %0.07
    • Published: Aug. 19, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-2505

    Buffer overflow in CoreFoundation in Mac OS X 10.3.9 allows attackers to execute arbitrary code via command line arguments to an application that uses CoreFoundation.... Read more

    Affected Products : mac_os_x
    • EPSS Score: %0.92
    • Published: Aug. 19, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-2507

    Buffer overflow in Directory Services in Mac OS X 10.3.9 and 10.4.2 allows remote attackers to execute arbitrary code during authentication.... Read more

    Affected Products : mac_os_x_server
    • EPSS Score: %3.11
    • Published: Aug. 19, 2005
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2005-2508

    dsidentity in Directory Services in Mac OS X 10.4.2 allows local users to add or remove user accounts.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • EPSS Score: %0.19
    • Published: Aug. 19, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-2514

    Buffer overflow in ping in Mac OS X 10.3.9 allows local users to execute arbitrary code.... Read more

    Affected Products : mac_os_x
    • EPSS Score: %0.99
    • Published: Aug. 19, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-2607

    PHP file include vulnerability in download.php in PHPSimplicity Simplicity oF Upload before 1.3.1 allows remote attackers to include arbitrary local and remote files via the language parameter and a terminating null ("%00") characters.... Read more

    Affected Products : simplicity_of_upload
    • EPSS Score: %0.59
    • Published: Aug. 17, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-2614

    Discuz! 4.0 rc4 does not properly restrict types of files that are uploaded to the server, which allows remote attackers to execute arbitrary commands via a filename containing ".php.rar" or other multiple extensions that include .php.... Read more

    Affected Products : discuz
    • EPSS Score: %2.16
    • Published: Aug. 17, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-2616

    Multiple PHP file include vulnerabilities in ezUpload 2.2 allow remote attackers to execute arbitrary code via the path parameter to (1) initialize.php, (2) customize.php, (3) form.php, or (4) index.php.... Read more

    Affected Products : ezupload
    • EPSS Score: %20.09
    • Published: Aug. 17, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-2600

    FUDForum 2.6.15 with "Tree View" enabled, as used in other products such as phpgroupware and egroupware, allows remote attackers to read private posts via a modified mid parameter.... Read more

    Affected Products : fudforum
    • EPSS Score: %0.60
    • Published: Aug. 17, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2005-2611

    VERITAS Backup Exec for Windows Servers 8.6 through 10.0, Backup Exec for NetWare Servers 9.0 and 9.1, and NetBackup for NetWare Media Server Option 4.5 through 5.1 uses a static password during authentication from the NDMP agent to the server, which allo... Read more

    • EPSS Score: %81.84
    • Published: Aug. 17, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-2612

    Direct code injection vulnerability in WordPress 1.5.1.3 and earlier allows remote attackers to execute arbitrary PHP code via the cache_lastpostdate[server] cookie.... Read more

    Affected Products : wordpress
    • EPSS Score: %73.42
    • Published: Aug. 17, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-2598

    Multiple directory traversal vulnerabilities in Dokeos 1.6 and earlier, and possibly Claroline, allow remote attackers to (1) delete arbitrary files or directories via the delete parameter to claroline/scorm/scormdocument.php, (2) move arbitrary files via... Read more

    Affected Products : dokeos
    • EPSS Score: %0.29
    • Published: Aug. 17, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-2610

    Cross-site scripting (XSS) vulnerability in index.php in VegaDNS 0.8.1, 0.9.8, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via the message parameter.... Read more

    Affected Products : vegadns
    • EPSS Score: %0.41
    • Published: Aug. 17, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-2615

    Unknown vulnerability in session.php in EQdkp before 1.3.0 has unknown impact and attack vectors, possibly involving auto_login_id.... Read more

    Affected Products : eqdkp
    • EPSS Score: %0.53
    • Published: Aug. 17, 2005
    • Modified: Apr. 03, 2025
Showing 20 of 291617 Results