Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2005-2639

    Buffer overflow in Chris Moneymaker's World Poker Championship 1.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long nickname.... Read more

    • EPSS Score: %13.52
    • Published: Aug. 23, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-2653

    Cross-site scripting (XSS) vulnerability in BBCaffe 2.0 allows remote attackers to inject arbitrary web script or HTML via e-mail data in a message.... Read more

    Affected Products : bbcaffe
    • EPSS Score: %0.67
    • Published: Aug. 23, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-2664

    Whisper 32 1.16, and possibly earlier versions, stores passwords in plaintext in memory, which allows local users to obtain the password using a debugger or another mechanism to read process memory.... Read more

    Affected Products : whisper32
    • EPSS Score: %0.07
    • Published: Aug. 23, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-2684

    nquser.php in Virtual Edge Netquery 3.11 allows remote attackers to execute arbitrary commands via shell metacharacters in the host parameter to a dig query.... Read more

    Affected Products : netquery
    • EPSS Score: %2.16
    • Published: Aug. 23, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-2641

    Unknown vulnerability in pam_ldap before 180 does not properly handle a new password policy control, which could allow attackers to gain privileges. NOTE: CVE-2005-2497 had also been assigned to this issue, but CVE-2005-2641 is the correct candidate.... Read more

    Affected Products : pam_ldap
    • EPSS Score: %2.20
    • Published: Aug. 23, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-2491

    Integer overflow in pcre_compile.c in Perl Compatible Regular Expressions (PCRE) before 6.2, as used in multiple products such as Python, Ethereal, and PHP, allows attackers to execute arbitrary code via quantifier values in regular expressions, which lea... Read more

    Affected Products : pcre
    • EPSS Score: %2.00
    • Published: Aug. 23, 2005
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2005-2666

    SSH, as implemented in OpenSSH before 4.0 and possibly other implementations, stores hostnames, IP addresses, and keys in plaintext in the known_hosts file, which makes it easier for an attacker that has compromised an SSH user's account to generate a lis... Read more

    Affected Products : openssh
    • EPSS Score: %0.15
    • Published: Aug. 23, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-2457

    The driver for compressed ISO file systems (zisofs) in the Linux kernel before 2.6.12.5 allows local users and remote attackers to cause a denial of service (kernel crash) via a crafted compressed ISO file system.... Read more

    Affected Products : linux_kernel enterprise_linux
    • EPSS Score: %4.85
    • Published: Aug. 23, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-2458

    inflate.c in the zlib routines in the Linux kernel before 2.6.12.5 allows remote attackers to cause a denial of service (kernel crash) via a compressed file with "improper tables".... Read more

    Affected Products : linux_kernel enterprise_linux
    • EPSS Score: %12.94
    • Published: Aug. 23, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2005-2668

    Multiple buffer overflows in Computer Associates (CA) Message Queuing (CAM / CAFT) 1.05, 1.07 before Build 220_13, and 1.11 before Build 29_13 allow remote attackers to execute arbitrary code via unknown vectors.... Read more

    • EPSS Score: %82.85
    • Published: Aug. 23, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-2650

    Cross-site scripting (XSS) vulnerability in sign.asp in Emefa Guestbook 1.2 allows remote attackers to inject arbitrary web script or HTML via the (1) name, (2) location, and (3) email parameters.... Read more

    Affected Products : emefa_guestbook
    • EPSS Score: %0.55
    • Published: Aug. 23, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-2640

    Behavioral discrepancy information leak in Juniper Netscreen VPN running ScreenOS 5.2.0 and earlier, when using IKE with pre-shared key authentication, allows remote attackers to enumerate valid usernames via an IKE Aggressive Mode packet, which generates... Read more

    • EPSS Score: %5.88
    • Published: Aug. 23, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-2643

    Tor 0.1.0.13 and earlier, and experimental versions 0.1.1.4-alpha and earlier, does not reject certain weak keys when using ephemeral Diffie-Hellman (DH) handshakes, which allows malicious Tor servers to obtain the keys that a client uses for other system... Read more

    Affected Products : tor tor
    • EPSS Score: %0.41
    • Published: Aug. 23, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-2674

    Note: the vendor has disputed this issue. Multiple cross-site scripting (XSS) vulnerabilities in Land Down Under (LDU) 800 allow remote attackers to inject arbitrary web script or HTML via the (1) c or (2) m parameters to index.php or (3) w parameter to j... Read more

    Affected Products : land_down_under
    • EPSS Score: %0.44
    • Published: Aug. 23, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-2672

    pwmconfig in LM_sensors before 2.9.1 creates temporary files insecurely, which allows local users to overwrite arbitrary files via a symlink attack on the fancontrol temporary file.... Read more

    Affected Products : lm_sensors
    • EPSS Score: %0.10
    • Published: Aug. 23, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-2673

    SQL injection vulnerability in modcp.php in WoltLab Burning Board 2.2.2 and 2.3.3 allows remote authenticated attackers to execute arbitrary SQL commands via the (1) x or (2) y parameters.... Read more

    Affected Products : burning_board
    • EPSS Score: %0.29
    • Published: Aug. 23, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-2499

    slocate before 2.7 does not properly process very long paths, which allows local users to cause a denial of service (updatedb exit and incomplete slocate database) via a certain crafted directory structure.... Read more

    Affected Products : slocate
    • EPSS Score: %0.06
    • Published: Aug. 23, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-2647

    Cross-site scripting (XSS) vulnerability in Xerox MicroServer Web Server in Document Centre 220 through 265, 332 and 340, 420 through 490, and 535 through 555 allows remote attackers to inject arbitrary web script or HTML and modify web pages via unknown ... Read more

    • EPSS Score: %0.54
    • Published: Aug. 23, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-2645

    Unknown vulnerability in Xerox MicroServer Web Server in Document Centre 220 through 265, 332 and 340, 420 through 490, and 535 through 555 allows remote attackers to bypass authentication.... Read more

    • EPSS Score: %0.78
    • Published: Aug. 23, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2005-2669

    Computer Associates (CA) Message Queuing (CAM / CAFT) 1.05, 1.07 before Build 220_13, and 1.11 before Build 29_13 allows remote attackers to execute arbitrary commands via spoofed CAFT packets.... Read more

    • EPSS Score: %7.10
    • Published: Aug. 23, 2005
    • Modified: Apr. 03, 2025
Showing 20 of 292212 Results