Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.3

    MEDIUM
    CVE-2005-1895

    Cross-site scripting (XSS) vulnerability in FlatNuke 2.5.3 allows remote attackers to inject arbitrary web script or HTML via the border or back parameters to (1) help.php or (2) footer.php.... Read more

    Affected Products : flatnuke
    • EPSS Score: %3.86
    • Published: Jun. 09, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-1870

    PHP remote file inclusion vulnerability in childwindow.inc.php in Popper 1.41-r2 and earlier allows remote attackers to execute arbitrary PHP code via the form parameter.... Read more

    Affected Products : popper
    • EPSS Score: %4.07
    • Published: Jun. 09, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-1899

    Rakkarsoft RakNet network library 2.33 and earlier, when released before 30 May 2005, and as used in multiple products including nFusion Elite Warriors: Vietnam, allows remote attackers to cause a denial of service (infinite loop) via a zero-byte UDP pack... Read more

    Affected Products : raknet
    • EPSS Score: %4.59
    • Published: Jun. 09, 2005
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2005-1905

    The klif.sys driver in Kaspersky Labs Anti-Virus 5.0.227, 5.0.228, and 5.0.335 on Windows 2000 allows local users to gain privileges by modifying certain critical code addresses that are later accessed by privileged programs.... Read more

    • EPSS Score: %0.15
    • Published: Jun. 09, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-1896

    Directory traversal vulnerability in thumb.php in FlatNuke 2.5.3 allows remote attackers to read arbitrary images or obtain the installation path via the image parameter.... Read more

    Affected Products : flatnuke
    • EPSS Score: %0.90
    • Published: Jun. 09, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1904

    SQL injection vulnerability in login.asp in JiRo's Upload System (JUS) 1 allows remote attackers to execute arbitrary SQL commands via the password parameter.... Read more

    Affected Products : jiro_upload_system
    • EPSS Score: %0.50
    • Published: Jun. 09, 2005
    • Modified: Apr. 03, 2025

  • 3.6

    LOW
    CVE-2005-1902

    Directory traversal vulnerability in the IMAP service for SPA-PRO Mail @Solomon 4.00 allows remote authenticated users to read other users' mail and perform operations on arbitrary directories via .. sequences in the (1) SELECT, (2) CREATE, (3) DELETE, an... Read more

    Affected Products : spa-pro_mail_atsolomon
    • EPSS Score: %3.10
    • Published: Jun. 09, 2005
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2005-1884

    Directory traversal vulnerability in the (1) rmdir or (2) mkdir commands in upload.php in YaPiG 0.92b, 0.93u and 0.94u allows remote attackers to create or delete arbitrary directories via a .. (dot dot) in the dir parameter.... Read more

    Affected Products : yapig
    • EPSS Score: %4.00
    • Published: Jun. 09, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-1874

    Directory traversal vulnerability in Dzip before 2.9 allows remote attackers to create arbitrary files via a filename containing a .. (dot dot) in a .dz archive.... Read more

    Affected Products : dzip
    • EPSS Score: %1.36
    • Published: Jun. 09, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-1883

    global.php in YaPiG 0.92b allows remote attackers to include arbitrary local files via the BASE_DIR parameter.... Read more

    Affected Products : yapig
    • EPSS Score: %0.52
    • Published: Jun. 09, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1964

    PHP remote file inclusion vulnerability in utilit.php for Ovidentia Portal allows remote attackers to execute arbitrary PHP code via the babInstallPath parameter.... Read more

    Affected Products : ovidentia
    • EPSS Score: %0.64
    • Published: Jun. 09, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1867

    Symantec Brightmail AntiSpam before 6.0.2 has a hard-coded database administrator password, which allows remote attackers to gain privileges.... Read more

    Affected Products : brightmail_antispam
    • EPSS Score: %1.13
    • Published: Jun. 09, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1868

    I-Man 0.9, and possibly earlier versions, allows remote attackers to execute arbitrary PHP code by uploading a file attachment with a .php extension.... Read more

    Affected Products : i-man
    • EPSS Score: %1.40
    • Published: Jun. 09, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1908

    Perception LiteWeb allows remote attackers to bypass access controls for files via an extra leading / (slash) or leading \ (backslash) in the URL.... Read more

    Affected Products : liteweb
    • EPSS Score: %0.52
    • Published: Jun. 09, 2005
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2005-1892

    FlatNuke 2.5.3 allows remote attackers to cause a denial of service or obtain sensitive information via (1) a direct request to foot_news.php, which triggers an infinite loop, or (2) direct requests to unknown scripts, which reveals the web document root ... Read more

    Affected Products : flatnuke
    • EPSS Score: %1.03
    • Published: Jun. 09, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1894

    Direct code injection vulnerability in FlatNuke 2.5.3 allows remote attackers to execute arbitrary PHP code by placing the code into the Referer header of an HTTP request, which causes the code to be injected into referer.php, which can then be accessed b... Read more

    Affected Products : flatnuke
    • EPSS Score: %7.81
    • Published: Jun. 09, 2005
    • Modified: Apr. 03, 2025

  • 4.5

    MEDIUM
    CVE-2005-1876

    Direct code injection vulnerability in CuteNews 1.3.6 and earlier allows remote attackers with administrative privileges to execute arbitrary PHP code via certain inputs that are injected into a template (.tpl) file.... Read more

    Affected Products : cutenews
    • EPSS Score: %0.74
    • Published: Jun. 09, 2005
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2005-1763

    Buffer overflow in ptrace in the Linux Kernel for 64-bit architectures allows local users to write bytes into kernel memory.... Read more

    • EPSS Score: %0.04
    • Published: Jun. 09, 2005
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2005-1887

    Unknown vulnerability in the Sun Solaris C library (libc and libproject) in Solaris 10 allows local users to gain privileges.... Read more

    Affected Products : solaris
    • EPSS Score: %0.08
    • Published: Jun. 09, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-1909

    The web server control panel in 602LAN SUITE 2004 allows remote attackers to make it more difficult for the administrator to read portions of log files via a "</pre><!-" sequence in an HTTP GET request in the logon, possibly due to a cross-site scripting ... Read more

    Affected Products : 602lan_suite
    • EPSS Score: %0.35
    • Published: Jun. 09, 2005
    • Modified: Apr. 03, 2025
Showing 20 of 291601 Results