Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2005-1741

    Gearbox Software Halo: Combat Evolved 1.6 allows remote attackers to cause a denial of service (infinite loop) via malformed data.... Read more

    Affected Products : halo_combat_evolved
    • EPSS Score: %8.72
    • Published: May. 24, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1706

    Unknown vulnerability in MailScanner 4.41.3 and earlier, related to "incomplete reporting of viruses in zip files," allows remote attackers to bypass virus detection.... Read more

    Affected Products : mailscanner
    • EPSS Score: %0.31
    • Published: May. 24, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-1716

    TOPo 2.2 (2.2.178) stores data files in the data directory under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as client IP addresses.... Read more

    Affected Products : topo
    • EPSS Score: %0.42
    • Published: May. 24, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-1718

    Buffer overflow in LS Games War Times 1.03 and earlier allows remote attackers to cause a denial of service (server crash) via a long nickname.... Read more

    Affected Products : war_times
    • EPSS Score: %5.13
    • Published: May. 24, 2005
    • Modified: Apr. 03, 2025

  • 4.0

    MEDIUM
    CVE-2005-1699

    Directory traversal vulnerability in pnadminapi.php in the Xanthia module in PostNuke 0.760-RC3 allows remote administrators to read arbitrary files via a .. (dot dot) in the skin parameter.... Read more

    Affected Products : postnuke
    • EPSS Score: %0.33
    • Published: May. 24, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-1748

    The embedded LDAP server in BEA WebLogic Server and Express 8.1 through Service Pack 4, and 7.0 through Service Pack 5, allows remote anonymous binds, which may allow remote attackers to view user entries or cause a denial of service.... Read more

    Affected Products : weblogic_server weblogic_portal
    • EPSS Score: %0.75
    • Published: May. 24, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-1698

    PostNuke 0.750 and 0.760RC3 allows remote attackers to obtain sensitive information via a direct request to (1) theme.php or (2) Xanthia.php in the Xanthia module, (3) user.php, (4) thelang.php, (5) text.php, (6) html.php, (7) menu.php, (8) finclude.php, ... Read more

    Affected Products : postnuke
    • EPSS Score: %0.32
    • Published: May. 24, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1711

    Gibraltar Firewall 2.2 and earlier, when using the ClamAV update to 0.81 for Squid, uses a defunct ClamAV method to scan memory for viruses, which does not return an error code and prevents viruses from being detected.... Read more

    Affected Products : clamav squid gibraltar_firewall
    • EPSS Score: %0.04
    • Published: May. 24, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1719

    Unknown vulnerability in ALWIL avast! antivirus 4 (4.6.6230) and earlier, when running on Windows NT 4.0, does not properly detect certain viruses.... Read more

    Affected Products : avast_antivirus
    • EPSS Score: %0.47
    • Published: May. 24, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-1735

    Multiple cross-site scripting (XSS) vulnerabilities in PROMS before 0.11 allow remote attackers to inject arbitrary web script or HTML via unknown vectors.... Read more

    Affected Products : proms
    • EPSS Score: %0.34
    • Published: May. 24, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1709

    Unknown vulnerability in Blue Coat Reporter before 7.1.2 allows remote unauthenticated attackers to add a license.... Read more

    Affected Products : reporter
    • EPSS Score: %3.78
    • Published: May. 24, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-1717

    ZyXEL Prestige 650R-31 router running ZyNOS FW v3.40(KO.1) allows remote attackers to cause a denial of service (CPU consumption and network loss) via crafted fragmented IP packets.... Read more

    Affected Products : prestige_650r-31
    • EPSS Score: %0.92
    • Published: May. 24, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-1715

    Cross-site scripting (XSS) vulnerability in index.php for TOPo 2.2 (2.2.178) allows remote attackers to inject arbitrary web script or HTML via the (1) m, (2) s, (3) ID, or (4) t parameters, or the (5) field name, (6) Your Web field, or (7) email field in... Read more

    Affected Products : topo
    • EPSS Score: %0.67
    • Published: May. 24, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1736

    PROMS 0.11 does not properly handle "certain combinations of rights," which gives more rights to users than intended.... Read more

    Affected Products : proms
    • EPSS Score: %0.39
    • Published: May. 24, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1692

    Format string vulnerability in gxine 0.4.1 through 0.4.4, and other versions down to 0.3, allows remote attackers to execute arbitrary code via a ram file with a URL whose hostname contains format string specifiers.... Read more

    Affected Products : gxine
    • EPSS Score: %1.96
    • Published: May. 24, 2005
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2005-1704

    Integer overflow in the Binary File Descriptor (BFD) library for gdb before 6.3, binutils, elfutils, and possibly other packages, allows user-assisted attackers to execute arbitrary code via a crafted object file that specifies a large number of section h... Read more

    Affected Products : gdb
    • EPSS Score: %0.22
    • Published: May. 24, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-1739

    The XWD Decoder in ImageMagick before 6.2.2.3, and GraphicsMagick before 1.1.6-r1, allows remote attackers to cause a denial of service (infinite loop) via an image with a zero color mask.... Read more

    Affected Products : imagemagick graphicsmagick
    • EPSS Score: %12.13
    • Published: May. 24, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-1710

    Multiple cross-site scripting (XSS) vulnerabilities in Blue Coat Reporter before 7.1.2 allow remote attackers to inject arbitrary web script or HTML via (1) the username in an Add User window or (2) the license key (volatile.license_to_add parameter) in t... Read more

    Affected Products : reporter
    • EPSS Score: %0.53
    • Published: May. 24, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1737

    Multiple unknown vulnerabilities in PROMS 0.11 allow "non-authorized users" to (1) view or modify the project member list or (2) modify the todos list.... Read more

    Affected Products : proms
    • EPSS Score: %0.53
    • Published: May. 24, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1701

    SQL injection vulnerability in PortailPHP 1.3 allows remote attackers to execute arbitrary SQL commands via the id parameter to the (1) News, (2) File, (3) Liens, or (4) Faq modules.... Read more

    Affected Products : portailphp
    • EPSS Score: %0.33
    • Published: May. 24, 2005
    • Modified: Apr. 03, 2025
Showing 20 of 291908 Results