Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.1

    MEDIUM
    CVE-2005-3219

    Multiple interpretation error in unspecified versions of Avira Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by pr... Read more

    Affected Products : antivir_personal
    • EPSS Score: %0.30
    • Published: Oct. 14, 2005
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-2005-3225

    Multiple interpretation error in unspecified versions of (1) eTrust-Iris and (2) eTrust-Vet Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, wh... Read more

    • EPSS Score: %0.30
    • Published: Oct. 14, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-2967

    Format string vulnerability in input_cdda.c in xine-lib 1-beta through 1-beta 3, 1-rc, 1.0 through 1.0.2, and 1.1.1 allows remote servers to execute arbitrary code via format string specifiers in metadata in CDDB server responses when the victim plays a C... Read more

    Affected Products : xine-lib
    • EPSS Score: %11.33
    • Published: Oct. 14, 2005
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-2005-3223

    Multiple interpretation error in unspecified versions of Rising Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by p... Read more

    Affected Products : rising_antivirus
    • EPSS Score: %0.30
    • Published: Oct. 14, 2005
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-2005-3194

    Multiple buffer overflows in ALZip 6.12 (Korean), 6.1 (International), and 5.52 (English) allow remote attackers to execute arbitrary code via a long filename in a compressed (1) ALZ, (2) ARJ, (3) ZIP, (4) UUE, or (5) XXE archive.... Read more

    Affected Products : alzip
    • EPSS Score: %4.82
    • Published: Oct. 14, 2005
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2005-3197

    Stack-based buffer overflow in PWIWrapper.dll for Webroot Desktop Firewall before 1.3.0build52 allows local users to execute arbitrary code as SYSTEM by sending a crafted DeviceIoControl command, then removing an allowed program from the firewall list.... Read more

    Affected Products : desktop_firewall
    • EPSS Score: %0.06
    • Published: Oct. 14, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-3185

    Stack-based buffer overflow in the ntlm_output function in http-ntlm.c for (1) wget 1.10, (2) curl 7.13.2, and (3) libcurl 7.13.2, and other products that use libcurl, when NTLM authentication is enabled, allows remote servers to execute arbitrary code vi... Read more

    Affected Products : curl curl libcurl wget
    • EPSS Score: %4.85
    • Published: Oct. 13, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-2992

    arc 5.21j and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different type of vulnerability than CVE-2005-2945.... Read more

    Affected Products : arc
    • EPSS Score: %0.07
    • Published: Oct. 13, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-2943

    Stack-based buffer overflow in sendmail in XMail before 1.22 allows remote attackers to execute arbitrary code via a long -t command line option.... Read more

    Affected Products : xmail
    • EPSS Score: %27.30
    • Published: Oct. 13, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-2933

    Buffer overflow in the mail_valid_net_parse_work function in mail.c for Washington's IMAP Server (UW-IMAP) before imap-2004g allows remote attackers to execute arbitrary code via a mailbox name containing a single double-quote (") character without a clos... Read more

    Affected Products : uw-imap
    • EPSS Score: %35.08
    • Published: Oct. 13, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-3190

    Buffer overflow in Computer Associates (CA) iGateway 3.0 and 4.0 before 4.0.050623, when running in debug mode, allows remote attackers to execute arbitrary code via HTTP GET requests.... Read more

    Affected Products : igateway
    • EPSS Score: %78.66
    • Published: Oct. 13, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-2963

    The mod_auth_shadow module 1.0 through 1.5 and 2.0 for Apache with AuthShadow enabled uses shadow authentication for all locations that use the require group directive, even when other authentication mechanisms are specified, which might allow remote auth... Read more

    Affected Products : mod_auth_shadow
    • EPSS Score: %1.49
    • Published: Oct. 13, 2005
    • Modified: Apr. 03, 2025

  • 6.5

    MEDIUM
    CVE-2005-2120

    Stack-based buffer overflow in the Plug and Play (PnP) service (UMPNPMGR.DLL) in Microsoft Windows 2000 SP4, and XP SP1 and SP2, allows remote or local authenticated attackers to execute arbitrary code via a large number of "\" (backslash) characters in a... Read more

    Affected Products : windows_2000 windows_xp
    • EPSS Score: %73.41
    • Published: Oct. 13, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1987

    Buffer overflow in Collaboration Data Objects (CDO), as used in Microsoft Windows and Microsoft Exchange Server, allows remote attackers to execute arbitrary code when CDOSYS or CDOEX processes an e-mail message with a large header name, as demonstrated u... Read more

    • EPSS Score: %61.14
    • Published: Oct. 13, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1985

    The Client Service for NetWare (CSNW) on Microsoft Windows 2000 SP4, XP SP1 and Sp2, and Server 2003 SP1 and earlier, allows remote attackers to execute arbitrary code due to an "unchecked buffer" when processing certain crafted network messages.... Read more

    • EPSS Score: %58.18
    • Published: Oct. 13, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2005-2715

    Format string vulnerability in the Java user interface service (bpjava-msvc) daemon for VERITAS NetBackup Data and Business Center 4.5FP and 4.5MP, and NetBackup Enterprise/Server/Client 5.0, 5.1, and 6.0, allows remote attackers to execute arbitrary code... Read more

    • EPSS Score: %66.31
    • Published: Oct. 12, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-3183

    The HTBoundary_put_block function in HTBound.c for W3C libwww (w3c-libwww) allows remote servers to cause a denial of service (segmentation fault) via a crafted multipart/byteranges MIME message that triggers an out-of-bounds read.... Read more

    Affected Products : libwww
    • EPSS Score: %2.51
    • Published: Oct. 12, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-1980

    Distributed Transaction Controller in Microsoft Windows allows remote servers to cause a denial of service (MSDTC service hang) via a crafted Transaction Internet Protocol (TIP) message that causes DTC to repeatedly connect to a target IP and port number ... Read more

    • EPSS Score: %68.14
    • Published: Oct. 12, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-2119

    The MIDL_user_allocate function in the Microsoft Distributed Transaction Coordinator (MSDTC) proxy (MSDTCPRX.DLL) allocates a 4K page of memory regardless of the required size, which allows attackers to overwrite arbitrary memory locations using an incorr... Read more

    • EPSS Score: %58.23
    • Published: Oct. 12, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1978

    COM+ in Microsoft Windows does not properly "create and use memory structures," which allows local users or remote attackers to execute arbitrary code.... Read more

    • EPSS Score: %44.22
    • Published: Oct. 12, 2005
    • Modified: Apr. 03, 2025
Showing 20 of 292319 Results