Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.3

    MEDIUM
    CVE-2005-3498

    IBM WebSphere Application Server 5.0.x before 5.02.15, 5.1.x before 5.1.1.8, and 6.x before fixpack V6.0.2.5, when session trace is enabled, records a full URL including the queryString in the trace logs when an application encodes a URL, which could allo... Read more

    Affected Products : websphere_application_server
    • Published: Nov. 04, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-3491

    Multiple buffer overflows in the receiver function in loop.c in FlatFrag 0.3 and earlier allow remote attackers to execute arbitrary code via the (1) version, (2) name, and (3) model fields.... Read more

    Affected Products : flatfrag
    • Published: Nov. 04, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-3490

    Directory traversal vulnerability in the web server in Asus Video Security 3.5.0.0 and earlier allows remote attackers to read arbitrary files via "../" or "..\" sequences in the URL.... Read more

    Affected Products : video_security_online
    • Published: Nov. 04, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-3494

    Cross-site scripting (XSS) vulnerability in Ar-blog 5.2 and earlier allows remote attackers to inject arbitrary web script or HTML via a blog comment.... Read more

    Affected Products : ar-blog
    • Published: Nov. 04, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-3499

    Frisk F-Prot Antivirus allows remote attackers to bypass protection via a ZIP file with a version header greater than 15, which prevents F-Prot from decompressing and analyzing the file.... Read more

    Affected Products : f-prot_antivirus
    • Published: Nov. 04, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-3493

    Battle Carry .005 and earlier allows remote attackers to cause a denial of service (inaccessible port) via a large packet, which triggers a socket error and terminates the socket that is listening on the server's UDP port.... Read more

    Affected Products : battle_carry
    • Published: Nov. 04, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-3492

    FlatFrag 0.3 and earlier allows remote attackers to cause a denial of service (crash) by sending an NT_CONN_OK command from a client that is not connected, which triggers a null dereference.... Read more

    Affected Products : flatfrag
    • Published: Nov. 04, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-3487

    Multiple buffer overflows in Scorched 3D 39.1 (bf) and earlier allow remote attackers to execute arbitrary code via various (1) GLConsole::addLine, (2) ServerCommon::sendString, (3) ServerCommon::serverLog functions, (4) a long command that is not properl... Read more

    Affected Products : scorched_3d
    • Published: Nov. 03, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-3485

    Buffer overflow in Glider Collect'n kill 1.0.0.0 allows remote attackers to execute arbitrary code via a gl_playerEnter command with a long player name.... Read more

    Affected Products : collectn_kill
    • Published: Nov. 03, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-3484

    Directory traversal vulnerability in NeroNET 1.2.0.2 and earlier allows remote attackers to read arbitrary files with certain file extensions (such as ZIP, AVI, JPG, TXT, and HTML) via ".." and hex-encoded (1) slash "/" ("%2f") or (2) backslash "\" ("%5c"... Read more

    Affected Products : neronet
    • Published: Nov. 03, 2005
    • Modified: Apr. 03, 2025

  • 7.8

    HIGH
    CVE-2005-3488

    Scorched 3D 39.1 (bf) and earlier allows remote attackers to cause a denial of service (long loop and server hang) via a negative numplayers value that bypasses a signed check in ServerConnectHandler.cpp.... Read more

    Affected Products : scorched_3d
    • Published: Nov. 03, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-3483

    Buffer overflow in GO-Global for Windows 3.1.0.3270 and earlier allows remote attackers to execute arbitrary code via a data block that is longer than the specified data block size.... Read more

    Affected Products : windows go-global
    • Published: Nov. 03, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-3486

    Multiple format string vulnerabilities in Scorched 3D 39.1 (bf) and earlier allow remote attackers to execute arbitrary code via various (1) GLConsole::addLine, (2) ServerCommon::sendString, (3) ServerCommon::serverLog functions, and possibly other unspec... Read more

    Affected Products : scorched_3d
    • Published: Nov. 03, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-3478

    SQL injection vulnerability in index.php in PHPCafe.net Tutorials Manager 1.0 Beta 2 allows remote attackers to execute arbitrary SQL commands via the id parameter.... Read more

    Affected Products : tutorial_manager
    • Published: Nov. 03, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-3472

    Unspecified vulnerability in Sun Java System Communications Express 2005Q1 and 2004Q2 allows local and remote attackers to read sensitive information from configuration files.... Read more

    • Published: Nov. 03, 2005
    • Modified: Apr. 03, 2025

  • 9.3

    HIGH
    CVE-2005-3481

    Cisco IOS 12.0 to 12.4 might allow remote attackers to execute arbitrary code via a heap-based buffer overflow in system timers. NOTE: this issue does not correspond to a specific vulnerability, rather a general weakness that only increases the feasibilit... Read more

    Affected Products : ios
    • Published: Nov. 03, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-3477

    Multiple interpretation error in the image upload handling code in Invision Gallery 2.0.3 allows remote attackers to conduct cross-site scripting (XSS) attacks via HTML or script in an image whose type does not match its extension, which is rendered by In... Read more

    Affected Products : invision_gallery
    • Published: Nov. 03, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-3476

    Unspecified vulnerability in HP OpenVMS Integrity 8.2-1 and 8.2, and OpenVMS Alpha 7.3-2 and 8.2, allows local users to cause a denial of service.... Read more

    Affected Products : openvms
    • Published: Nov. 03, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-3473

    Multiple cross-site scripting (XSS) vulnerabilities in Simple PHP Blog 0.4.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) entry, (2) blog_subject, and (3) blog_text parameters (involving the temp_subject variable) ... Read more

    Affected Products : simple_php_blog
    • Published: Nov. 03, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-3479

    Cross-site scripting (XSS) vulnerability in login.asp in Ringtail CaseBook 6.1.0 allows remote attackers to inject arbitrary web script or HTML via the users parameter.... Read more

    Affected Products : casebook
    • Published: Nov. 03, 2005
    • Modified: Apr. 03, 2025
Showing 20 of 292769 Results