Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.3

    MEDIUM
    CVE-2005-1962

    Cross-site scripting (XSS) vulnerability in Cerberus Helpdesk 0.97.3 allows remote attackers to inject arbitrary web script or HTML via the (1) errorcode parameter to index.php or (2) certain fields to clients.php.... Read more

    Affected Products : cerberus_helpdesk
    • EPSS Score: %0.41
    • Published: Jun. 16, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-2003

    Ultimate PHP Board (UPB) 1.9.6 GOLD allows remote attackers to obtain sensitive information via an invalid (zero) id parameter to (1) viewtopic.php, (2) profile.php, or (3) newpost.php, which reveals the path in an error message.... Read more

    Affected Products : ultimate_php_board
    • EPSS Score: %0.35
    • Published: Jun. 16, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-2032

    Unknown vulnerability in lpadmin on Sun Solaris 7, 8, and 9 allows local users to overwrite arbitrary files.... Read more

    Affected Products : solaris sunos
    • EPSS Score: %0.06
    • Published: Jun. 16, 2005
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-2005-1974

    Unspecified vulnerability in Java 2 Platform, Standard Edition (J2SE) 5.0 and 5.0 Update 1 and J2SE 1.4.2 up to 1.4.2_07, as used in multiple products and platforms including (1) HP-UX and (2) APC PowerChute, allows applications to assign permissions to t... Read more

    Affected Products : j2se
    • EPSS Score: %1.02
    • Published: Jun. 16, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-1265

    The mmap function in the Linux Kernel 2.6.10 can be used to create memory maps with a start address beyond the end address, which allows local users to cause a denial of service (kernel crash).... Read more

    Affected Products : linux_kernel enterprise_linux
    • EPSS Score: %0.06
    • Published: Jun. 16, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-2026

    Enterasys Vertical Horizon VH-2402S before firmware 2.05.05.09 has a hard-coded account and password for debugging, which allows remote attackers to gain privileges.... Read more

    Affected Products : vertical_horizon-2402s
    • EPSS Score: %0.55
    • Published: Jun. 16, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1971

    Directory traversal vulnerability in InteractivePHP FusionBB .11 Beta and earlier allows remote attackers to include arbitrary local files via ".." sequences in the language parameter.... Read more

    Affected Products : fusionbb
    • EPSS Score: %0.44
    • Published: Jun. 16, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1949

    The eping_validaddr function in functions.php for the ePing plugin for e107 portal allows remote attackers to execute arbitrary commands via shell metacharacters after a valid argument to the eping_host parameter.... Read more

    Affected Products : e107
    • EPSS Score: %1.01
    • Published: Jun. 16, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1952

    Directory traversal vulnerability in Pico Server (pServ) 3.3 allows remote attackers to read arbitrary files and execute arbitrary commands via a /./ (slash dot slash) before each .. (dot dot) sequence in the URL, which results in an incorrect directory d... Read more

    Affected Products : pico_server
    • EPSS Score: %1.73
    • Published: Jun. 16, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-2035

    SQL injection vulnerability in login.asp for Cool Cafe (Cool Café) Chat 1.2.1 allows remote attackers to execute arbitrary SQL commands via the password.... Read more

    Affected Products : cool_cafe_chat
    • EPSS Score: %0.64
    • Published: Jun. 16, 2005
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2005-1722

    Unknown vulnerability in the CoreGraphics Window Server for Mac OS X 10.4.x up to 10.4.1 allows local users to inject arbitrary commands into root sessions.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • EPSS Score: %0.05
    • Published: Jun. 16, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-2027

    Enterasys Vertical Horizon VH-2402S before firmware 2.05.05.09 does not properly restrict certain debugging commands to the ADMIN account, which could allow attackers to obtain sensitive information or modify the registry.... Read more

    Affected Products : vertical_horizon-2402s
    • EPSS Score: %0.30
    • Published: Jun. 16, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-2030

    Ultimate PHP Board (UPB) 1.9.6 GOLD uses weak encryption for passwords in the users.dat file, which allows attackers to easily decrypt the passwords and gain privileges, possibly after exploiting CVE-2005-2005 to obtain users.dat.... Read more

    Affected Products : ultimate_php_board
    • EPSS Score: %1.54
    • Published: Jun. 16, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-2031

    Multiple SQL injection vulnerabilities in socialMPN allow remote attackers to execute arbitrary SQL commands via (1) the sid parameter to article.php, (2) uname parameter to user.php, (3) siteid parameter to viewforum.php, (4) username parameter to newtop... Read more

    Affected Products : socialmpn
    • EPSS Score: %0.52
    • Published: Jun. 16, 2005
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-2005-1973

    Java Web Start in Java 2 Platform Standard Edition (J2SE) 5.0 and 5.0 Update 1 allows applications to assign permissions to themselves and gain privileges.... Read more

    Affected Products : j2se
    • EPSS Score: %0.41
    • Published: Jun. 16, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-2036

    modifyUser.asp in Cool Cafe (Cool Café) Chat 1.2.1 allows remote attackers to obtain the administrator password and email address via a modified nickname value.... Read more

    Affected Products : cool_cafe_chat
    • EPSS Score: %0.86
    • Published: Jun. 16, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1721

    Buffer overflow in the legacy client support for AFP Server for Mac OS X 10.4.1 allows attackers to execute arbitrary code.... Read more

    Affected Products : afp_server
    • EPSS Score: %0.88
    • Published: Jun. 16, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-1996

    PHP remote file inclusion vulnerability in start.php in Bitrix Site Manager 4.0.x allows remote attackers to execute arbitrary PHP code via the _SERVER[DOCUMENT_ROOT] parameter.... Read more

    Affected Products : bitrix_site_manager
    • EPSS Score: %0.68
    • Published: Jun. 15, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-2002

    SQL injection vulnerability in content.php in Mambo 4.5.2.2 and earlier allows remote attackers to execute arbitrary SQL commands via the user_rating parameter.... Read more

    Affected Products : mambo
    • EPSS Score: %1.34
    • Published: Jun. 15, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-1266

    Apache SpamAssassin 3.0.1, 3.0.2, and 3.0.3 allows remote attackers to cause a denial of service (CPU consumption and slowdown) via a message with a long Content-Type header without any boundaries.... Read more

    Affected Products : enterprise_linux spamassassin
    • EPSS Score: %6.73
    • Published: Jun. 15, 2005
    • Modified: Apr. 03, 2025
Showing 20 of 292387 Results