Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2005-1627

    Unknown vulnerability in Viewglob before 2.0.1, related to "a potential security issue with the Viewglob display and ssh X forwarding," has unknown impact.... Read more

    Affected Products : viewglob
    • EPSS Score: %0.09
    • Published: May. 17, 2005
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2005-1632

    Cheetah 0.9.15 and 0.9.16 searches the /tmp directory for modules before using the paths in the PYTHONPATH variable, which allows local users to execute arbitrary code via a malicious module in /tmp/.... Read more

    Affected Products : cheetah
    • EPSS Score: %0.05
    • Published: May. 17, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-1635

    JGS-XA JGS-Portal 3.0.2 and earlier allows remote attackers to obtain the full server path via direct requests to (1) jgs_portal_ref.php, (2) jgs_portal_land.php, (3) jgs_portal_log.php, (4) jgs_portal_global_sponsor.php, (5) jgs_portal_global.php, (6) jg... Read more

    Affected Products : jgs-portal
    • EPSS Score: %0.35
    • Published: May. 17, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1637

    Multiple SQL injection vulnerabilities in NPDS 4.8 and 5.0 allow remote attackers to execute arbitrary SQL commands via the thold parameter to (1) comments.php or (2) pollcomments.php.... Read more

    Affected Products : npds
    • EPSS Score: %0.33
    • Published: May. 17, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-1638

    The _writeAttrs function in SafeHTML before 1.3.2 does not properly handle quotes in attribute values, which could allow remote attackers to exploit cross-site scripting (XSS) vulnerabilities in applications that rely on SafeHTML for protection.... Read more

    Affected Products : safehtml
    • EPSS Score: %0.38
    • Published: May. 17, 2005
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2005-1589

    The pkt_ioctl function in the pktcdvd block device ioctl handler (pktcdvd.c) in Linux kernel 2.6.12-rc4 and earlier calls the wrong function before passing an ioctl to the block device, which crosses security boundaries by making kernel address space acce... Read more

    Affected Products : linux_kernel enterprise_linux
    • EPSS Score: %0.14
    • Published: May. 17, 2005
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2005-1636

    mysql_install_db in MySQL 4.1.x before 4.1.12 and 5.x up to 5.0.4 creates the mysql_install_db.X file with a predictable filename and insecure permissions, which allows local users to execute arbitrary SQL commands by modifying the file's contents.... Read more

    Affected Products : mysql mysql
    • EPSS Score: %0.02
    • Published: May. 17, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1630

    Unknown vulnerability in Attachment Mod before 2.3.13, related to a "serious issue with realnames," has unknown impact and attack vectors.... Read more

    Affected Products : attachment_mod
    • EPSS Score: %0.39
    • Published: May. 17, 2005
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2005-1307

    The (1) stopserver.sh and (2) startserver.sh scripts in Adobe Version Cue on Mac OS X uses the current working directory to find and execute the productname.sh script, which allows local users to execute arbitrary code by copying and calling the scripts f... Read more

    Affected Products : mac_os_x version_cue
    • EPSS Score: %0.67
    • Published: May. 17, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1639

    SQL injection vulnerability in Sigmaweb.DLL in Sigma ISP Manager 6.6 allows remote attackers to execute arbitrary SQL commands via the (1) username, (2) password, or (3) domain fields.... Read more

    Affected Products : sigma_isp_manager
    • EPSS Score: %0.69
    • Published: May. 17, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1626

    Multiple buffer overflows in handlers.c for Pico Server (pServ) before 3.3 may allow attackers to execute arbitrary code.... Read more

    Affected Products : pico_server
    • EPSS Score: %1.18
    • Published: May. 17, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-1617

    Willings WebCam and WebCam Lite 2.8 and earlier stores the password in memory in plaintext, which allows local users to gain sensitive information.... Read more

    Affected Products : webcam webcam_lite
    • EPSS Score: %0.06
    • Published: May. 16, 2005
    • Modified: Apr. 03, 2025

  • 6.8

    MEDIUM
    CVE-2005-1605

    Cross-site scripting (XSS) vulnerability in the guestbook for SiteStudio 1.6 allows remote attackers to inject arbitrary web script or HTML via the name field to (1) psoft.guestbook.GuestBookServ in Standalone Site Studio or (2) E-Guest_sign.pl in Integra... Read more

    Affected Products : sitestudio
    • EPSS Score: %2.53
    • Published: May. 16, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-1601

    MRO Maximo Self Service 4 and 5 stores certain information under the web document root using file extensions that are not processed by Tomcat, which allows remote attackers to obtain sensitive information via a direct request for the file, such as MXServe... Read more

    Affected Products : maximo_self_service
    • EPSS Score: %0.43
    • Published: May. 16, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-1599

    Cross-site scripting (XSS) vulnerability in Kryloff Technologies Subject Search Server (SSServer) 1.1 allows remote attackers to inject arbitrary web script or HTML via the "Search For" field.... Read more

    Affected Products : subject_search_server
    • EPSS Score: %0.35
    • Published: May. 16, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1609

    Unknown vulnerability in Sun StorEdge 6130 Arrays (SE6130) with serial numbers between 0451AWF00G and 0513AWF00J allows local users and remote attackers to delete data.... Read more

    Affected Products : storedge_6130_arrays
    • EPSS Score: %4.79
    • Published: May. 16, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1600

    A "mathematical flaw" in the implementation of the El Gamal signature algorithm for LibTomCrypt 1.0 to 1.0.2 allows attackers to generate valid signatures without having the private key.... Read more

    Affected Products : libtomcrypt
    • EPSS Score: %0.70
    • Published: May. 16, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2005-1365

    Pico Server (pServ) 3.2 and earlier allows remote attackers to execute arbitrary commands via a URL with multiple leading "/" (slash) characters and ".." sequences.... Read more

    Affected Products : pico_server
    • EPSS Score: %7.34
    • Published: May. 16, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1193

    The bbencode_second_pass and make_clickable functions in bbcode.php for phpBB before 2.0.15, as used in viewtopic.php, privmsg.php, and other scripts, allow remote attackers to execute arbitrary script via a BBcode tag with a (1) javascript:, (2) applet:,... Read more

    Affected Products : phpbb
    • EPSS Score: %27.11
    • Published: May. 16, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-1621

    Directory traversal vulnerability in the pnModFunc function in pnMod.php for PostNuke 0.750 through 0.760rc4 allows remote attackers to read arbitrary files via a .. (dot dot) in the func parameter to index.php.... Read more

    Affected Products : postnuke
    • EPSS Score: %0.55
    • Published: May. 16, 2005
    • Modified: Apr. 03, 2025
Showing 20 of 291659 Results