Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2005-3297

    Multiple integer overflows in OpenWBEM on SuSE Linux 9 allow remote attackers to execute arbitrary code via unknown vectors.... Read more

    Affected Products : suse_linux
    • Published: Oct. 23, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-3295

    Unspecified vulnerability in HP-UX B.11.23 on Itanium platforms allows local users to cause a denial of service due to a "specific stack size."... Read more

    Affected Products : hp-ux
    • Published: Oct. 23, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-3294

    Typsoft FTP Server 1.11, with "Sub Directory Include" enabled, allows remote attackers to cause a denial of service (crash) by sending multiple RETR commands. NOTE: it was later reported that 1.10 is also affected.... Read more

    Affected Products : typsoft_ftp_server
    • Published: Oct. 23, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-3298

    Multiple buffer overflows in OpenWBEM on SuSE Linux 9 allow remote attackers to execute arbitrary code via unknown vectors.... Read more

    Affected Products : suse_linux
    • Published: Oct. 23, 2005
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2005-3291

    Stani's Python Editor (SPE) 0.7.5 is installed with world-writable permissions, which allows local users to gain privileges by modifying executable files.... Read more

    Affected Products : stanis_python_editor
    • Published: Oct. 23, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-3284

    Multiple buffer overflows in AhnLab V3 AntiVirus V3Pro 2004 before 6.0.0.488, V3Net for Windows Server 6.0 before 6.0.0.488, and MyV3, with compressed file scanning enabled, allow remote attackers to execute arbitrary code via crafted (1) ALZ, (2) UUE, or... Read more

    Affected Products : v3net v3pro_2004 myv3
    • Published: Oct. 23, 2005
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2005-3279

    Stack-based buffer overflow in the vgasco_printf function in Jan Kybic BitMap Viewer (BMV) 1.2, when compiled with the M_UNIX flag and running setuid, allows local users to gain privileges via a long filename in the -b command line option.... Read more

    Affected Products : bitmap_viewer
    • Published: Oct. 23, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-3285

    Cross-site scripting (XSS) vulnerability in comersus_backoffice_searchItemForm.asp in Comersus BackOffice Plus allows remote attackers to inject arbitrary web script or HTML via the (1) forwardTo1, (2) forwardTo2, (3) nameFT1, or (4) nameFT2 parameters.... Read more

    Affected Products : comersus_backoffice_plus
    • Published: Oct. 23, 2005
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2005-3278

    Integer overflow in the openpsfile function in gsinterf.c for Jan Kybic BitMap Viewer (BMV) 1.2 allows local users to execute arbitrary code via a PostScript (PS) file containing a large number of pages value, which leads to a resultant buffer overflow.... Read more

    Affected Products : bitmap_viewer
    • Published: Oct. 23, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-3283

    Cross-site scripting (XSS) vulnerability in TikiWiki before 1.9.1.1 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.... Read more

    Affected Products : tikiwiki_cms\/groupware
    • Published: Oct. 23, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-3286

    The FWDRV driver in Kerio Personal Firewall 4.2 and Server Firewall 1.1.1 allows local users to cause a denial of service (crash) by setting the PAGE_NOACCESS or PAGE_GUARD protection on the Page Environment Block (PEB), which triggers an exception, aka t... Read more

    Affected Products : personal_firewall serverfirewall
    • Published: Oct. 23, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-3288

    Mailsite Express allows remote attackers to upload and execute files with executable extensions such as ASP by attaching the file using the "compose page" feature, then accessing the file from the cache directory before saving or sending the message.... Read more

    Affected Products : mailsite_express
    • Published: Oct. 23, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-3290

    SQL injection vulnerability in Accelerated Mortgage Manager allows remote attackers to execute arbitrary SQL commands via the password field.... Read more

    Affected Products : accelerated_mortgage_manager
    • Published: Oct. 23, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-3282

    Splatt Forum 3.0 to 3.2 allows remote attackers to bypass authentication via unknown vectors.... Read more

    Affected Products : splatt_forum
    • Published: Oct. 23, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-3289

    LSCFG in IBM AIX 5.2 and 5.3 does not create temporary files securely, which allows local users to corrupt /etc/passwd and possibly other system files via the trace file.... Read more

    Affected Products : aix
    • Published: Oct. 23, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-3292

    Multiple cross-site scripting (XSS) vulnerabilities in Xeobook 0.93 allow remote attackers to inject arbitrary web script or HTML via Javascript events in tages such as <b>.... Read more

    Affected Products : xeobook
    • Published: Oct. 23, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-3280

    Paros 3.2.5 uses a default password for the "sa" account in the underlying HSQLDB database and does not restrict access to the local machine, which allows remote attackers to gain privileges.... Read more

    Affected Products : paros
    • Published: Oct. 23, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-3293

    Xerver 4.17 allows remote attackers to (1) obtain source code of scripts via a request with a trailing "." (dot) or (2) list directory contents via a trailing null character.... Read more

    Affected Products : xerver
    • Published: Oct. 23, 2005
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-2005-2972

    Multiple stack-based buffer overflows in the RTF import feature in AbiWord before 2.2.11 allow user-assisted attackers to execute arbitrary code via an RTF file with long identifiers, which are not properly handled in the (1) ParseLevelText, (2) getCharsI... Read more

    Affected Products : community_abiword
    • Published: Oct. 23, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-3287

    Incomplete blacklist vulnerability in Mailsite Express allows remote attackers to upload and possibly execute files via attachments with executable extensions such as ASPX, which are not converted to .TXT like other dangerous extensions, and which can be ... Read more

    Affected Products : mailsite_express
    • Published: Oct. 23, 2005
    • Modified: Apr. 03, 2025
Showing 20 of 292818 Results