Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2005-1750

    SQL injection vulnerability in login.asp in ezdwc NewsletterEz 3.0 allows remote attackers to execute arbitrary SQL commands via the password parameter.... Read more

    Affected Products : newsletterez
    • EPSS Score: %0.60
    • Published: May. 25, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-1249

    The IMAP daemon (IMAPD32.EXE) in Ipswitch Collaboration Suite (ICS) allows remote attackers to cause a denial of service (CPU consumption) via an LSUB command with a large number of null characters, which causes an infinite loop.... Read more

    Affected Products : ipswitch_collaboration_suite
    • EPSS Score: %1.13
    • Published: May. 25, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-1252

    Directory traversal vulnerability in the Web Calendaring server in Ipswitch Imail 8.13, and other versions before IMail Server 8.2 Hotfix 2, allows remote attackers to read arbitrary files via "..\" (dot dot backslash) sequences in the query string argume... Read more

    Affected Products : imail imail_server
    • EPSS Score: %0.33
    • Published: May. 25, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-1748

    The embedded LDAP server in BEA WebLogic Server and Express 8.1 through Service Pack 4, and 7.0 through Service Pack 5, allows remote anonymous binds, which may allow remote attackers to view user entries or cause a denial of service.... Read more

    Affected Products : weblogic_server weblogic_portal
    • EPSS Score: %0.75
    • Published: May. 24, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2005-1740

    fixproc in Net-snmp 5.x before 5.2.1-r1 creates temporary files insecurely, which allows local users to modify the contents of those files to execute arbitrary commands, or overwrite arbitrary files via a symlink attack.... Read more

    Affected Products : net-snmp
    • EPSS Score: %2.54
    • Published: May. 24, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-1714

    Cross-site scripting (XSS) vulnerability in NetWin SurgeMail 3.0c2 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.... Read more

    Affected Products : surgemail
    • EPSS Score: %0.30
    • Published: May. 24, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-1715

    Cross-site scripting (XSS) vulnerability in index.php for TOPo 2.2 (2.2.178) allows remote attackers to inject arbitrary web script or HTML via the (1) m, (2) s, (3) ID, or (4) t parameters, or the (5) field name, (6) Your Web field, or (7) email field in... Read more

    Affected Products : topo
    • EPSS Score: %0.67
    • Published: May. 24, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1736

    PROMS 0.11 does not properly handle "certain combinations of rights," which gives more rights to users than intended.... Read more

    Affected Products : proms
    • EPSS Score: %0.39
    • Published: May. 24, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2005-1738

    Format string vulnerability in the logPrintBadfile function in delbadfiles.c Iron Bars SHell (ibsh) before 0.3d allows users to "access files outside the home directory" and possibly execute arbitrary code via certain inputs that are not properly handled ... Read more

    Affected Products : iron_bars_shell
    • EPSS Score: %0.89
    • Published: May. 24, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1734

    Multiple SQL injection vulnerabilities in PROMS before 0.11 allow remote attackers to execute arbitrary SQL commands via unknown vectors.... Read more

    Affected Products : proms
    • EPSS Score: %0.49
    • Published: May. 24, 2005
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2005-1708

    templates.admin.users.user_form_processing in Blue Coat Reporter before 7.1.2 allows authenticated users to gain administrator privileges via an HTTP POST that sets volatile.user.administrator to true.... Read more

    Affected Products : reporter
    • EPSS Score: %0.91
    • Published: May. 24, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1702

    Format string vulnerability in Warrior Kings: Battles 1.23 and earlier and Warrior Kings 1.3 and earlier allows remote attackers to execute arbitrary code via format string specifiers in a nickname.... Read more

    Affected Products : warrior_kings warrior_kings_battles
    • EPSS Score: %11.83
    • Published: May. 24, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-1741

    Gearbox Software Halo: Combat Evolved 1.6 allows remote attackers to cause a denial of service (infinite loop) via malformed data.... Read more

    Affected Products : halo_combat_evolved
    • EPSS Score: %8.72
    • Published: May. 24, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1694

    Multiple SQL injection vulnerabilities in Xanthia.php in the Xanthia module in PostNuke 0.750 allow remote attackers to execute arbitrary SQL commands via the (1) name or (2) module parameter.... Read more

    Affected Products : postnuke
    • EPSS Score: %0.43
    • Published: May. 24, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-1732

    Cookie Cart allows remote attackers to read the Order Notification list via the testmycgi and path parameters to testmy.cgi.... Read more

    Affected Products : cookie_cart
    • EPSS Score: %0.48
    • Published: May. 24, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-1716

    TOPo 2.2 (2.2.178) stores data files in the data directory under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as client IP addresses.... Read more

    Affected Products : topo
    • EPSS Score: %0.42
    • Published: May. 24, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1706

    Unknown vulnerability in MailScanner 4.41.3 and earlier, related to "incomplete reporting of viruses in zip files," allows remote attackers to bypass virus detection.... Read more

    Affected Products : mailscanner
    • EPSS Score: %0.31
    • Published: May. 24, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-1718

    Buffer overflow in LS Games War Times 1.03 and earlier allows remote attackers to cause a denial of service (server crash) via a long nickname.... Read more

    Affected Products : war_times
    • EPSS Score: %5.13
    • Published: May. 24, 2005
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2005-1705

    gdb before 6.3 searches the current working directory to load the .gdbinit configuration file, which allows local users to execute arbitrary commands as the user running gdb.... Read more

    Affected Products : gdb
    • EPSS Score: %0.06
    • Published: May. 24, 2005
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2005-1695

    Multiple cross-site scripting (XSS) vulnerabilities in the RSS module in PostNuke 0.750 and 0.760RC2 and RC3 allow remote attackers to inject arbitrary web script or HTML via the (1) rss_url parameter to magpie_slashbox.php, or the url parameter to (2) ma... Read more

    Affected Products : postnuke
    • EPSS Score: %0.34
    • Published: May. 24, 2005
    • Modified: Apr. 03, 2025
Showing 20 of 291712 Results