Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2005-2516

    Safari in Mac OS X 10.3.9 and 10.4.2, when rendering Rich Text Format (RTF) files, can directly access URLs without performing the normal security checks, which allows remote attackers to execute arbitrary commands.... Read more

    Affected Products : mac_os_x safari
    • Published: Aug. 19, 2005
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2005-2503

    AppKit for Mac OS X 10.3.9 and 10.4.2 allows attackers with physical access to create local accounts by forcing a particular error to occur at the login window.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • Published: Aug. 19, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-2514

    Buffer overflow in ping in Mac OS X 10.3.9 allows local users to execute arbitrary code.... Read more

    Affected Products : mac_os_x
    • Published: Aug. 19, 2005
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2005-2521

    Buffer overflow in traceroute in Mac OS X 10.3.9 allows local users to execute arbitrary code via unknown vectors.... Read more

    Affected Products : mac_os_x
    • Published: Aug. 19, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-2512

    Mail.app in Mac OS 10.4.2 and earlier, when printing or forwarding an HTML message, loads remote images even when the user's preferences state otherwise, which could result in a privacy leak.... Read more

    Affected Products : mac_os_x mail
    • Published: Aug. 19, 2005
    • Modified: Apr. 03, 2025

  • 7.6

    HIGH
    CVE-2005-2501

    Buffer overflow in AppKit for Mac OS X 10.3.9 and 10.4.2 allows external user-assisted attackers to execute arbitrary code via a crafted Rich Text Format (RTF) file.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • Published: Aug. 19, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-2520

    The password assistant in Mac OS X 10.4 to 10.4.2, when used to create multiple accounts from the same process, does not reset the suggested password list when the assistant is displayed, which allows attackers to view recently used passwords.... Read more

    Affected Products : mac_os_x
    • Published: Aug. 19, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2005-2626

    Unspecified vulnerability in Kismet before 2005-08-R1 allows remote attackers to have an unknown impact via unprintable characters in the SSID.... Read more

    Affected Products : kismet
    • Published: Aug. 19, 2005
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2005-2510

    The Server Admin tool in servermgr_ipfilter for Mac OS X 10.4 to 10.4.2, when using multiple subnets and Address Groups, does not always properly write firewall rules to the Active Rules when certain conditions occur, which could result in firewall polici... Read more

    Affected Products : mac_os_x_server
    • Published: Aug. 19, 2005
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-2005-2502

    Buffer overflow in AppKit for Mac OS X 10.3.9 and 10.4.2, as used in applications such as TextEdit, allows external user-assisted attackers to execute arbitrary code via a crafted Microsoft Word file.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • Published: Aug. 19, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-2627

    Multiple integer underflows in Kismet before 2005-08-R1 allow remote attackers to execute arbitrary code via (1) kernel headers in a pcap file or (2) data frame dissection, which leads to heap-based buffer overflows.... Read more

    Affected Products : kismet
    • Published: Aug. 19, 2005
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2005-2508

    dsidentity in Directory Services in Mac OS X 10.4.2 allows local users to add or remove user accounts.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • Published: Aug. 19, 2005
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2005-2504

    The System Profiler in Mac OS X 10.4.2 labels a Bluetooth device with "Requires Authentication: No" even when the user has selected the "Require pairing for security" option, which could confuse users about which setting is valid.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • Published: Aug. 19, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-2518

    Buffer overflow in servermgrd in Mac OS X 10.3.9 and 10.4.2 allows remote attackers to execute arbitrary code during authentication.... Read more

    Affected Products : mac_os_x
    • Published: Aug. 19, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-2507

    Buffer overflow in Directory Services in Mac OS X 10.3.9 and 10.4.2 allows remote attackers to execute arbitrary code during authentication.... Read more

    Affected Products : mac_os_x_server
    • Published: Aug. 19, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-2612

    Direct code injection vulnerability in WordPress 1.5.1.3 and earlier allows remote attackers to execute arbitrary PHP code via the cache_lastpostdate[server] cookie.... Read more

    Affected Products : wordpress
    • Published: Aug. 17, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-2600

    FUDForum 2.6.15 with "Tree View" enabled, as used in other products such as phpgroupware and egroupware, allows remote attackers to read private posts via a modified mid parameter.... Read more

    Affected Products : fudforum
    • Published: Aug. 17, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-2609

    index.php in VegaDNS 0.8.1, 0.9.8, and possibly other versions, allows remote attackers to obtain the full server path via an invalid VDNS_Sessid parameter.... Read more

    Affected Products : vegadns
    • Published: Aug. 17, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-2594

    Apple Safari 1.3 (132) on Mac OS X 1.3.9 allows remote attackers to cause a denial of service (crash) via certain Javascript, possibly involving a function that defines a handler for itself within the function body.... Read more

    Affected Products : safari
    • Published: Aug. 17, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2005-2593

    Parlano MindAlign 5.0 and later versions uses weak encryption, with unknown impact and attack vectors.... Read more

    Affected Products : mindalign
    • Published: Aug. 17, 2005
    • Modified: Apr. 03, 2025
Showing 20 of 292801 Results