Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2005-1631

    booby.php in Booby 1.0.0 and earlier allows remote attackers to view private bookmarks by guessing item IDs.... Read more

    Affected Products : booby
    • EPSS Score: %0.40
    • Published: May. 17, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1637

    Multiple SQL injection vulnerabilities in NPDS 4.8 and 5.0 allow remote attackers to execute arbitrary SQL commands via the thold parameter to (1) comments.php or (2) pollcomments.php.... Read more

    Affected Products : npds
    • EPSS Score: %0.33
    • Published: May. 17, 2005
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2005-1632

    Cheetah 0.9.15 and 0.9.16 searches the /tmp directory for modules before using the paths in the PYTHONPATH variable, which allows local users to execute arbitrary code via a malicious module in /tmp/.... Read more

    Affected Products : cheetah
    • EPSS Score: %0.05
    • Published: May. 17, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-1638

    The _writeAttrs function in SafeHTML before 1.3.2 does not properly handle quotes in attribute values, which could allow remote attackers to exploit cross-site scripting (XSS) vulnerabilities in applications that rely on SafeHTML for protection.... Read more

    Affected Products : safehtml
    • EPSS Score: %0.38
    • Published: May. 17, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-1635

    JGS-XA JGS-Portal 3.0.2 and earlier allows remote attackers to obtain the full server path via direct requests to (1) jgs_portal_ref.php, (2) jgs_portal_land.php, (3) jgs_portal_log.php, (4) jgs_portal_global_sponsor.php, (5) jgs_portal_global.php, (6) jg... Read more

    Affected Products : jgs-portal
    • EPSS Score: %0.35
    • Published: May. 17, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-1627

    Unknown vulnerability in Viewglob before 2.0.1, related to "a potential security issue with the Viewglob display and ssh X forwarding," has unknown impact.... Read more

    Affected Products : viewglob
    • EPSS Score: %0.09
    • Published: May. 17, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1640

    mod_channel.bas in The Ignition Project ignitionServer 0.3.0 to 0.3.6, and possibly earlier versions, does not properly verify whether a host has the owner privileges required to delete IRC channel access entries, which allows remote attackers to bypass i... Read more

    Affected Products : ignitionserver
    • EPSS Score: %0.17
    • Published: May. 17, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1642

    SQL injection vulnerability in the verify_email function in Woltlab Burning Board 2.x and earlier allows remote attackers to execute arbitrary SQL commands via the $email variable.... Read more

    Affected Products : burning_board
    • EPSS Score: %0.51
    • Published: May. 17, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1633

    Multiple SQL injection vulnerabilities in JGS-XA JGS-Portal 3.0.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) anzahl_beitraege parameter to jgs_portal.php, 2) year parameter to (jgs_portal_statistik.php, 3) year parame... Read more

    Affected Products : jgs-portal
    • EPSS Score: %0.31
    • Published: May. 17, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-1643

    The ZCom_BitStream::Deserialize function in Zoidcom 1.0 beta 4 and earlier allows remote attackers to cause a denial of service via a crafted UDP packet with a large size value, which causes a memory allocation error or an out-of-bounds read.... Read more

    Affected Products : zoidcom
    • EPSS Score: %0.54
    • Published: May. 17, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-1641

    mod_channel in The Ignition Project ignitionServer 0.3.0 to 0.3.6, and possibly earlier versions, does not allow protected operators to access channels that have been locked out by a key, which allows IRC users to cause a denial of service.... Read more

    Affected Products : ignitionserver
    • EPSS Score: %0.03
    • Published: May. 17, 2005
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2005-1636

    mysql_install_db in MySQL 4.1.x before 4.1.12 and 5.x up to 5.0.4 creates the mysql_install_db.X file with a predictable filename and insecure permissions, which allows local users to execute arbitrary SQL commands by modifying the file's contents.... Read more

    Affected Products : mysql mysql
    • EPSS Score: %0.02
    • Published: May. 17, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1639

    SQL injection vulnerability in Sigmaweb.DLL in Sigma ISP Manager 6.6 allows remote attackers to execute arbitrary SQL commands via the (1) username, (2) password, or (3) domain fields.... Read more

    Affected Products : sigma_isp_manager
    • EPSS Score: %0.69
    • Published: May. 17, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1626

    Multiple buffer overflows in handlers.c for Pico Server (pServ) before 3.3 may allow attackers to execute arbitrary code.... Read more

    Affected Products : pico_server
    • EPSS Score: %1.18
    • Published: May. 17, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1367

    Pico Server (pServ) 3.2 and earlier allows local users to read arbitrary files as the pServ user via a symlink to a file outside of the web document root.... Read more

    Affected Products : pico_server
    • EPSS Score: %0.42
    • Published: May. 16, 2005
    • Modified: Apr. 03, 2025

  • 6.8

    MEDIUM
    CVE-2005-1605

    Cross-site scripting (XSS) vulnerability in the guestbook for SiteStudio 1.6 allows remote attackers to inject arbitrary web script or HTML via the name field to (1) psoft.guestbook.GuestBookServ in Standalone Site Studio or (2) E-Guest_sign.pl in Integra... Read more

    Affected Products : sitestudio
    • EPSS Score: %2.53
    • Published: May. 16, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-1599

    Cross-site scripting (XSS) vulnerability in Kryloff Technologies Subject Search Server (SSServer) 1.1 allows remote attackers to inject arbitrary web script or HTML via the "Search For" field.... Read more

    Affected Products : subject_search_server
    • EPSS Score: %0.35
    • Published: May. 16, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-1601

    MRO Maximo Self Service 4 and 5 stores certain information under the web document root using file extensions that are not processed by Tomcat, which allows remote attackers to obtain sensitive information via a direct request for the file, such as MXServe... Read more

    Affected Products : maximo_self_service
    • EPSS Score: %0.43
    • Published: May. 16, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-1620

    Cross-site scripting (XSS) vulnerability in Skull-Splitter Guestbook 1.0, 2.0 and 2.2 allows remote attackers to inject arbitrary web script or HTML via the (1) title or (2) content of a message.... Read more

    Affected Products : skull-splitter_guestbook
    • EPSS Score: %0.53
    • Published: May. 16, 2005
    • Modified: Apr. 03, 2025

  • 6.8

    MEDIUM
    CVE-2005-1613

    Cross-site scripting (XSS) vulnerability in member.php in Open Bulletin Board (OpenBB) 1.0.8 allows remote attackers to inject arbitrary web script or HTML via the reverse parameter in a list action.... Read more

    Affected Products : openbb
    • EPSS Score: %0.52
    • Published: May. 16, 2005
    • Modified: Apr. 03, 2025
Showing 20 of 291782 Results