Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2005-0968

    Computer Associates (CA) eTrust Intrusion Detection 3.0 allows remote attackers to cause a denial of service via large size values that are not properly validated before calling the CPImportKey function in the Crypto API.... Read more

    Affected Products : etrust_intrusion_detection
    • EPSS Score: %0.66
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1159

    The native implementations of InstallTrigger and other functions in Firefox before 1.0.3 and Mozilla Suite before 1.7.7 do not properly verify the types of objects being accessed, which causes the Javascript interpreter to continue execution at the wrong ... Read more

    Affected Products : firefox mozilla
    • EPSS Score: %3.69
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-0084

    Buffer overflow in the X11 dissector in Ethereal 0.8.10 through 0.10.8 allows remote attackers to execute arbitrary code via a crafted packet.... Read more

    Affected Products : ethereal
    • EPSS Score: %2.32
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1054

    PHP remote file inclusion vulnerability in news.php in ModernBill 4.3.0 and earlier allows remote attackers to execute arbitrary PHP code by modifying the DIR parameter to reference a URL on a remote web server that contains the code.... Read more

    Affected Products : modernbill
    • EPSS Score: %2.41
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1221

    SQL injection vulnerability in login.asp for Ecommerce-Carts EcommPro 3.0 allows remote attackers to execute arbitrary SQL commands via the password field.... Read more

    Affected Products : ecommpro
    • EPSS Score: %0.58
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1364

    Multiple SQL injection vulnerabilities in MetaBid Auctions allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password fields in logIn.asp, or (3) intAuctionID parameter to item.asp.... Read more

    Affected Products : metabid_auctions
    • EPSS Score: %1.04
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-1357

    text.cgi script allows remote attackers to read arbitrary files via a full pathname in the argument.... Read more

    Affected Products : text.cgi
    • EPSS Score: %0.35
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-1184

    The TCP/IP stack in multiple operating systems allows remote attackers to cause a denial of service (CPU consumption) via a TCP packet with the correct sequence number but the wrong Acknowledgement number, which generates a large number of "keep alive" pa... Read more

    • EPSS Score: %44.26
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-1198

    Directory traversal vulnerability in apexec.pl for Anaconda Foundation Directory allows remote attackers to read arbitrary files via hex-encoded null characters (%00) in the middle of ".." sequences in the template parameter.... Read more

    Affected Products : foundation_directory
    • EPSS Score: %0.21
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-0332

    Directory traversal vulnerability in DeskNow Mail and Collaboration Server 2.5.12 allows remote attackers to (1) upload and possibly execute files outside the directory via the AttachmentsKey parameter to attachment.do, as demonstrated using JSP pages, or... Read more

    • EPSS Score: %1.63
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2005-0402

    Firefox before 1.0.2 allows remote attackers to execute arbitrary code by tricking a user into saving a page as a Firefox sidebar panel, then using the sidebar panel to inject Javascript into a privileged page.... Read more

    Affected Products : firefox
    • EPSS Score: %1.44
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-0207

    Unknown vulnerability in Linux kernel 2.4.x, 2.5.x, and 2.6.x allows NFS clients to cause a denial of service via O_DIRECT.... Read more

    • EPSS Score: %0.08
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-1038

    crontab in Vixie cron 4.1, when running with the -e option, allows local users to read the cron files of other users by changing the file being edited to a symlink. NOTE: there is insufficient information to know whether this is a duplicate of CVE-2001-0... Read more

    Affected Products : enterprise_linux vixie_cron
    • EPSS Score: %0.08
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-1123

    Monkey daemon (monkeyd) before 0.9.1 allows remote attackers to cause a denial of service (memory corruption) via a request for a zero byte file.... Read more

    Affected Products : monkey
    • EPSS Score: %0.76
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-1327

    Cross-site scripting (XSS) vulnerability in pms.php for Woltlab Burning Board 2.3.1 PL2 and earlier allows remote attackers to inject arbitrary web script or HTML via the folderid parameter.... Read more

    Affected Products : burning_board
    • EPSS Score: %0.35
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-0435

    awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to read server web logs by setting the loadplugin and pluginmode parameters to rawlog.... Read more

    Affected Products : awstats
    • EPSS Score: %4.26
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-0390

    Buffer overflow in the HTTP redirection capability in conn.c for Axel before 1.0b may allow remote attackers to execute arbitrary code.... Read more

    Affected Products : axel axel
    • EPSS Score: %4.10
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-1108

    The ij_untrusted_url function in JunkBuster 2.0.2-r2, with single-threaded mode enabled, allows remote attackers to overwrite the referrer field via a crafted HTTP request.... Read more

    Affected Products : internet_junkbuster
    • EPSS Score: %0.99
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-0992

    Cross-site scripting (XSS) vulnerability in index.php in phpMyAdmin before 2.6.2-rc1 allows remote attackers to inject arbitrary web script or HTML via the convcharset parameter.... Read more

    Affected Products : phpmyadmin
    • EPSS Score: %10.16
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 6.2

    MEDIUM
    CVE-2005-0602

    Unzip 5.51 and earlier does not properly warn the user when extracting setuid or setgid files, which may allow local users to gain privileges.... Read more

    Affected Products : unzip
    • EPSS Score: %0.03
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025
Showing 20 of 291812 Results