Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2005-1552

    GeoVision Digital Video Surveillance System 6.04, 6.1 and 7.0, when set to create JPEG images, does not properly protect an image even when a password and username is assigned, which may allow remote attackers to gain sensitive information via a direct re... Read more

    Affected Products : digital_surveillance_system
    • EPSS Score: %5.02
    • Published: May. 14, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1554

    SQL injection vulnerability in view_user.php in WowBB 1.6, 1.61, and 1.62 allows remote attackers to execute arbitrary SQL commands via the sort_by parameter.... Read more

    Affected Products : wowbb_web_forum
    • EPSS Score: %0.74
    • Published: May. 14, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-1575

    The file download dialog in Mozilla Firefox 0.10.1 and 1.0 for Windows allows remote attackers to hide the real file types of downloaded files via the Content-Type HTTP header and a filename containing whitespace, dots, or ASCII byte 160.... Read more

    Affected Products : firefox
    • EPSS Score: %0.49
    • Published: May. 14, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-1581

    Cross-site scripting (XSS) vulnerability in Bug Report 1.0 allows remote attackers to inject arbitrary web script or HTML via various fields to bug_report.php, which are not filtered or quoted when processed by bug_list.php or admin/index.php.... Read more

    Affected Products : bug_report
    • EPSS Score: %0.30
    • Published: May. 14, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1553

    GeoVision Digital Video Surveillance System 6.04, 6.1 and 7.0 uses a weak encryption scheme to encrypt passwords, which allows remote attackers to obtain the password via sniffing.... Read more

    Affected Products : digital_surveillance_system
    • EPSS Score: %0.48
    • Published: May. 14, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-1584

    Cross-site scripting (XSS) vulnerability in index.php for Quick.Forum 2.1.6 allows remote attackers to inject arbitrary web script or HTML via the topic field in a NewTopic action.... Read more

    Affected Products : quick.forum
    • EPSS Score: %0.44
    • Published: May. 14, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-1556

    Gamespy cd-key validation system allows remote attackers to cause a denial of service (cd-key already in use) by capturing and replaying a cd-key authorization session.... Read more

    • EPSS Score: %1.13
    • Published: May. 14, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1577

    APG Technology ClassMaster does not properly restrict access to sensitive folders, which allows remote attackers to access folders via a network share.... Read more

    Affected Products : classmaster
    • EPSS Score: %0.66
    • Published: May. 14, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-1570

    forum.asp in bttlxeForum 2.0 allows remote attackers to obtain full path information via a certain hex-encoded argument to the page parameter, possibly due to a SQL injection vulnerability.... Read more

    Affected Products : bttlxeforum
    • EPSS Score: %0.34
    • Published: May. 14, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1550

    easymsgb.pl in Easy Message Board allows remote attackers to execute arbitrary commands via shell metacharacters in the print parameter.... Read more

    Affected Products : easy_message_board
    • EPSS Score: %6.58
    • Published: May. 14, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-1549

    Directory traversal vulnerability in easymsgb.pl in Easy Message Board allows remote attackers to read arbitrary files via a .. (dot dot) in the print parameter.... Read more

    Affected Products : easy_message_board
    • EPSS Score: %0.28
    • Published: May. 14, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-1586

    Quick.Forum 2.1.6 stores potentially sensitive information such as usernames, banned IP addresses, censored words, and backups under the web document root, which allows remote attackers to obtain that information via a direct request to (1) db/users.txt, ... Read more

    Affected Products : quick.forum
    • EPSS Score: %0.46
    • Published: May. 14, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-1582

    Cross-site scripting (XSS) vulnerability in index.php for 1Two News 1.0 allows remote attackers to inject arbitrary web script or HTML via the (1) nom, (2) email, (3) siteweb, or (4) commentaire variables.... Read more

    Affected Products : 1two_news
    • EPSS Score: %0.35
    • Published: May. 14, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-1587

    Cross-site scripting (XSS) vulnerability in index.php for Quick.cart 0.3.0 allows remote attackers to inject arbitrary web script or HTML via the sWord parameter.... Read more

    Affected Products : quick.cart
    • EPSS Score: %0.53
    • Published: May. 14, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-1569

    Cross-site scripting (XSS) vulnerability in DirectTopics 2.1 and 2.2 allows remote attackers to inject arbitrary web script via a javascript: URL in (1) a thread or (2) an IMG tag.... Read more

    Affected Products : directtopics
    • EPSS Score: %0.30
    • Published: May. 14, 2005
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-2005-1546

    Buffer overflow in the PE parser in HT Editor before 0.8.0 allows remote attackers to execute arbitrary code via a crafted PE file.... Read more

    Affected Products : ht_editor
    • EPSS Score: %2.91
    • Published: May. 14, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-1563

    Bugzilla 2.10 through 2.18, 2.19.1, and 2.19.2 displays a different error message depending on whether a product exists or not, which allows remote attackers to determine hidden products.... Read more

    Affected Products : bugzilla
    • EPSS Score: %0.81
    • Published: May. 14, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1566

    Acrowave AAP-3100AR wireless router allows remote attackers to bypass authentication by pressing CTRL-C at the username or password prompt in a telnet session, which causes the shell to crash and restart, then leave the user in the new shell.... Read more

    Affected Products : wlan_ap_\+_adsl_router
    • EPSS Score: %0.62
    • Published: May. 14, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1574

    Windows Media Player 9 and 10, in certain cases, allows content protected by Windows Media Digital Rights Management (WMDRM) to redirect the user to a web site to obtain a license, even when the "Acquire licenses automatically for protected content" setti... Read more

    • EPSS Score: %4.08
    • Published: May. 14, 2005
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-2005-1551

    Sophos Anti-Virus 3.93 does not check downloaded files for viruses when they have only been written, which creates a race condition and may allow remote attackers to bypass virus protection if the file is executed before the antivirus starts on system reb... Read more

    Affected Products : sophos_anti-virus
    • EPSS Score: %0.77
    • Published: May. 14, 2005
    • Modified: Apr. 03, 2025
Showing 20 of 291728 Results