Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2005-3252

    Stack-based buffer overflow in the Back Orifice (BO) preprocessor for Snort before 2.4.3 allows remote attackers to execute arbitrary code via a crafted UDP packet.... Read more

    Affected Products : snort snort
    • EPSS Score: %83.52
    • Published: Oct. 18, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-3256

    The key selection dialogue in Enigmail before 0.92.1 can incorrectly select a key with a user ID that does not have additional information, which allows parties with that key to decrypt the message.... Read more

    Affected Products : enigmail
    • EPSS Score: %0.63
    • Published: Oct. 18, 2005
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2005-3251

    Directory traversal vulnerability in the gallery script in Gallery 2.0 (G2) allows remote attackers to read or include arbitrary files via ".." sequences in the g2_itemId parameter.... Read more

    Affected Products : gallery
    • EPSS Score: %1.60
    • Published: Oct. 17, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-3250

    Unknown vulnerability in Solaris 10 allows local users to cause a denial of service (panic) via unknown vectors related to the "/proc" filesystem, which trigger a null dereference.... Read more

    Affected Products : solaris
    • EPSS Score: %0.06
    • Published: Oct. 17, 2005
    • Modified: Apr. 03, 2025

  • 9.8

    CRITICAL
    CVE-2005-3120

    Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and earlier allows remote NNTP servers to execute arbitrary code via certain article headers containing Asian characters that cause Lynx to add extra escape (ESC) characters.... Read more

    Affected Products : debian_linux lynx
    • EPSS Score: %30.44
    • Published: Oct. 17, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-3238

    Multiple unspecified vulnerabilities in Solaris 10 SCTP Socket Option Processing allows local users to cause a denial of service (panic) via unspecified attack vectors.... Read more

    Affected Products : solaris
    • EPSS Score: %0.06
    • Published: Oct. 14, 2005
    • Modified: Apr. 03, 2025

  • 7.8

    HIGH
    CVE-2005-3239

    The OLE2 unpacker in clamd in Clam AntiVirus (ClamAV) 0.87-1 allows remote attackers to cause a denial of service (segmentation fault) via a DOC file with an invalid property tree, which triggers an infinite recursion in the ole2_walk_property_tree functi... Read more

    Affected Products : clamav
    • EPSS Score: %4.59
    • Published: Oct. 14, 2005
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-2005-3232

    Multiple interpretation error in unspecified versions of TheHacker allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products... Read more

    Affected Products : thehacker
    • EPSS Score: %0.30
    • Published: Oct. 14, 2005
    • Modified: Apr. 03, 2025

  • 6.8

    MEDIUM
    CVE-2005-3236

    Multiple SQL injection vulnerabilities in Cyphor 0.19 allow remote attackers to execute arbitrary SQL and obtain administrative access via (1) the fid parameter of newmsg.php, which can enable XSS attacks when the SQL syntax is invalid or (2) the nick par... Read more

    Affected Products : cyphor
    • EPSS Score: %4.30
    • Published: Oct. 14, 2005
    • Modified: Apr. 03, 2025

  • 6.8

    MEDIUM
    CVE-2005-3202

    Multiple cross-site scripting (XSS) vulnerabilities in Oracle HTML DB (HTMLDB) 1.3 through 1.3.6 allow remote attackers to inject arbitrary web script or HTML, and subsequently execute SQL statements via the (1) p or (2) p_t02 parameters.... Read more

    Affected Products : html_db
    • EPSS Score: %11.49
    • Published: Oct. 14, 2005
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-2005-3228

    Multiple interpretation error in unspecified versions of Ikarus AntiVirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by p... Read more

    Affected Products : ikarus_antivirus
    • EPSS Score: %0.30
    • Published: Oct. 14, 2005
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-2005-3221

    Multiple interpretation error in unspecified versions of Fortinet Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by... Read more

    Affected Products : fortinet_antivirus
    • EPSS Score: %0.30
    • Published: Oct. 14, 2005
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-2005-3226

    Multiple interpretation error in unspecified versions of ArcaVir Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by ... Read more

    Affected Products : arcavir_antivirus
    • EPSS Score: %0.30
    • Published: Oct. 14, 2005
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-2005-3215

    Multiple interpretation error in unspecified versions of McAfee Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by p... Read more

    Affected Products : antivirus_engine
    • EPSS Score: %0.30
    • Published: Oct. 14, 2005
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-2005-3229

    Multiple interpretation error in unspecified versions of ClamAV Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by p... Read more

    Affected Products : clamav
    • EPSS Score: %0.30
    • Published: Oct. 14, 2005
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-2005-3216

    Multiple interpretation error in unspecified versions of Sophos Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by p... Read more

    Affected Products : sophos_anti-virus
    • EPSS Score: %0.92
    • Published: Oct. 14, 2005
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2005-3196

    Planet Technology Corp FGSW2402RS switch with firmware 1.2 has a default password, which allows attackers with physical access to the device's serial port to gain privileges.... Read more

    Affected Products : fgsw2402rs
    • EPSS Score: %0.07
    • Published: Oct. 14, 2005
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-2005-3218

    Multiple interpretation error in unspecified versions of Dr.Web Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by p... Read more

    Affected Products : dr.web_antivirus
    • EPSS Score: %0.30
    • Published: Oct. 14, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-3207

    The forms servlet (f90servlet) in Oracle Forms 4.5.10.22 allows remote attackers to cause a denial of service (TNS listener stop) via a userid parameter that contains a STOP command.... Read more

    Affected Products : forms
    • EPSS Score: %39.46
    • Published: Oct. 14, 2005
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2005-3209

    Aenovo products (1) aeNovo, (2) aeNovoShop, and (3) aeNovoWYSI store password information in plaintext in the (a) control, (b) content, and (c) page tables, which allows attackers with database access to obtain those passwords and gain privileges.... Read more

    Affected Products : aenovo aenovoshop aenovowysi
    • EPSS Score: %0.09
    • Published: Oct. 14, 2005
    • Modified: Apr. 03, 2025
Showing 20 of 292325 Results