Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2005-2068

    FreeBSD 4.x through 4.11 and 5.x through 5.4 allows remote attackers to modify certain TCP options via a TCP packet with the SYN flag set for an already established session.... Read more

    Affected Products : freebsd
    • EPSS Score: %0.34
    • Published: Jul. 05, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-0360

    The Microsoft Log Sink Class ActiveX control in pkmcore.dll is marked as "safe for scripting" for Internet Explorer, which allows remote attackers to create or append to arbitrary files.... Read more

    Affected Products : log_sink_class_activex_control
    • EPSS Score: %6.37
    • Published: Jul. 05, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-2089

    Microsoft IIS 5.0 and 6.0 allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes II... Read more

    Affected Products : internet_information_services
    • EPSS Score: %31.00
    • Published: Jul. 05, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-1917

    kpopper 1.0 and earlier allows local users to create and overwrite arbitrary files via a symlink attack on the .popper-new temporary file.... Read more

    Affected Products : kpopper
    • EPSS Score: %0.08
    • Published: Jul. 05, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-2138

    Cross-site scripting (XSS) vulnerability in index.php in Comdev eCommerce 3.0 and 3.1 allows remote attackers to inject arbitrary web script or HTML via Javascript in the onMouseOver event of an "A" tag in a review message.... Read more

    Affected Products : comdev_ecommerce
    • EPSS Score: %0.33
    • Published: Jul. 05, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-2091

    IBM WebSphere 5.1 and WebSphere 5.0 allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which... Read more

    Affected Products : websphere_application_server
    • EPSS Score: %1.65
    • Published: Jul. 05, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-2092

    BEA Systems WebLogic 8.1 SP1 allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes... Read more

    Affected Products : weblogic_server
    • EPSS Score: %2.11
    • Published: Jul. 05, 2005
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2005-2136

    Raritan Dominion SX (DSX) Console Servers DSX16, DSX32, DSX4, DSX8, and DSXA-48 set (1) world-readable permissions for /etc/shadow and (2) world-writable permissions for /bin/busybox, which allows local users to obtain hashed passwords or execute arbitrar... Read more

    • EPSS Score: %0.15
    • Published: Jul. 05, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-2144

    Prevx Pro 2005 1.0 allows local users to bypass file protection and modify files by using MapViewOfFile to perform memory mapping on the file.... Read more

    Affected Products : prevx_pro_2005
    • EPSS Score: %0.07
    • Published: Jul. 05, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-2090

    Jakarta Tomcat 5.0.19 (Coyote/1.1) and Tomcat 4.1.24 (Coyote/1.0) allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and ... Read more

    Affected Products : tomcat
    • EPSS Score: %81.99
    • Published: Jul. 05, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-2083

    Format string vulnerability in IMAP4 in IA eMailServer Corporate Edition 5.2.2 build 1051 allows remote attackers to cause a denial of service (application crash) via a LIST command with format string specifiers as the second argument.... Read more

    Affected Products : ia_emailserver
    • EPSS Score: %4.19
    • Published: Jul. 05, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-2114

    Mozilla 1.7.8, Firefox 1.0.4, Camino 0.8.4, Netscape 8.0.2, and K-Meleon 0.9, and possibly other products that use the Gecko engine, allow remote attackers to cause a denial of service (application crash) via JavaScript that repeatedly calls an empty func... Read more

    Affected Products : firefox mozilla camino
    • EPSS Score: %4.32
    • Published: Jul. 05, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1921

    Eval injection vulnerability in PEAR XML_RPC 1.3.0 and earlier (aka XML-RPC or xmlrpc) and PHPXMLRPC (aka XML-RPC For PHP or php-xmlrpc) 1.1 and earlier, as used in products such as (1) WordPress, (2) Serendipity, (3) Drupal, (4) egroupware, (5) MailWatch... Read more

    • EPSS Score: %86.90
    • Published: Jul. 05, 2005
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2005-1923

    The ENSURE_BITS macro in mszipd.c for Clam AntiVirus (ClamAV) 0.83, and other versions vefore 0.86, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a cabinet (CAB) file with the cffile_FolderOffset field set to ... Read more

    Affected Products : clamav
    • EPSS Score: %0.66
    • Published: Jul. 05, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-2106

    Unknown vulnerability in Drupal 4.5.0 through 4.5.3, 4.6.0, and 4.6.1 allows remote attackers to execute arbitrary PHP code via a public comment or posting.... Read more

    Affected Products : drupal
    • EPSS Score: %5.24
    • Published: Jul. 05, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-2084

    Cross-site scripting (XSS) vulnerability in SearchResults.aspx in Community Forum allows remote attackers to inject arbitrary web script or HTML via the q parameter.... Read more

    Affected Products : community_server_forums
    • EPSS Score: %0.30
    • Published: Jul. 05, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-2135

    SQL injection vulnerability in verify.asp in EtoShop Dynamic Biz Website Builder (QuickWeb) 1.0 allows remote attackers to execute arbitrary SQL commands via the (1) T1 or (2) T2 parameters.... Read more

    • EPSS Score: %0.51
    • Published: Jul. 05, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-2087

    Internet Explorer 5.01 SP4 up to 6 on various Windows operating systems, including IE 6.0.2900.2180 on Windows XP, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CL... Read more

    Affected Products : internet_explorer ie
    • EPSS Score: %65.27
    • Published: Jul. 05, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-2137

    Unknown vulnerability in NateOn Messenger 3.0 allows remote attackers to list arbitrary directories via unknown attack vectors.... Read more

    Affected Products : nateon_messenger
    • EPSS Score: %0.39
    • Published: Jul. 05, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-2140

    Directory traversal vulnerability in default.asp for FSboard 2.0 allows remote attackers to read arbitrary files via ".." sequences in the filename parameter.... Read more

    Affected Products : fsboard
    • EPSS Score: %3.05
    • Published: Jul. 05, 2005
    • Modified: Apr. 03, 2025
Showing 20 of 291647 Results