Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2005-1351

    The ad.cgi script allows remote attackers to execute arbitrary commands via shell metacharacters in the argument.... Read more

    Affected Products : ad.cgi
    • EPSS Score: %0.90
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-1350

    The ad.cgi script allows remote attackers to read arbitrary files via a full pathname in the argument.... Read more

    Affected Products : ad.cgi
    • EPSS Score: %0.35
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-1028

    PHP-Nuke 6.x through 7.6 allows remote attackers to obtain sensitive information via a direct request to (1) index.php with the forum_admin parameter set, (2) the Surveys module, or (3) the Your_Account module, which reveals the path in a PHP error messag... Read more

    Affected Products : php-nuke
    • EPSS Score: %0.35
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2005-0855

    CoolForum 0.8.1 beta and earlier allows remote attackers to obtain sensitive path information via direct requests to (1) entete.php, (2) profile_accueil.php, (3) profile_mdp.php, (4) profile_notify.php, (5) profile_options.php, (6) profile_perso.php, (7) ... Read more

    Affected Products : coolforum
    • EPSS Score: %1.21
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-0279

    Soldner Secret Wars 30830 and earlier does not properly handle the "message too long" socket error, which allows remote attackers to cause a denial of service (socket termination) via a long UDP packet.... Read more

    Affected Products : soldner_secret_wars
    • EPSS Score: %0.92
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-0272

    ReviewPost PHP Pro before 2.84 allows remote attackers to upload and execute arbitrary PHP files by posting a review file with multiple extensions, which bypasses the intended restrictions.... Read more

    Affected Products : reviewpost_php_pro
    • EPSS Score: %3.48
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2005-0183

    ftpfile in the Vacation plugin 0.15 and earlier for Squirrelmail allows local users to execute arbitrary commands via shell metacharacters in a command line argument.... Read more

    Affected Products : vacation_plugin
    • EPSS Score: %0.07
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-0195

    Cisco IOS 12.0S through 12.3YH allows remote attackers to cause a denial of service (device restart) via a crafted IPv6 packet.... Read more

    Affected Products : ios
    • EPSS Score: %2.00
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-0252

    SQL injection vulnerability in BibORB 1.3.2, and possibly earlier versions, allows remote attackers to execute arbitrary SQL commands via the (1) Username or (2) Password.... Read more

    Affected Products : biborb
    • EPSS Score: %0.84
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-0303

    Multiple cross-site scripting (XSS) vulnerabilities in (1) comersus_supportError.asp or (2) comersus_backofficelite_supportError.asp in BackOffice Lite 6.0 and 6.01 allow remote attackers to inject arbitrary web script or HTML via the error parameter.... Read more

    Affected Products : comersus_backoffice_lite
    • EPSS Score: %0.34
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-0147

    Firefox before 1.0 and Mozilla before 1.7.5, when configured to use a proxy, respond to 407 proxy auth requests from arbitrary servers, which allows remote attackers to steal NTLM or SPNEGO credentials.... Read more

    Affected Products : firefox mozilla
    • EPSS Score: %1.13
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-0286

    eMotion MediaPartner Web Server 5.0 and 5.1 allows remote attackers to obtain sensitive information via an HTTP request for a .bhtml file that contains a (1) . (dot) or (2) + (plus sign) at the end, which returns the source code for that file.... Read more

    Affected Products : mediapartner_web_server
    • EPSS Score: %0.43
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-0278

    The FTP service in 3Com 3CDaemon 2.0 revision 10 allows remote attackers to gain sensitive information via a cd command that contains an MS-DOS device name, which reveals the installation path in an error message.... Read more

    Affected Products : 3cdaemon
    • EPSS Score: %0.46
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2005-0065

    The original design of TCP does not check that the TCP sequence number in an ICMP error message is within the range of sequence numbers for data that has been sent but not acknowledged (aka "TCP sequence number checking"), which makes it easier for attack... Read more

    Affected Products : tcp
    • EPSS Score: %1.06
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-0248

    The Solaris Management Console (SMC) GUI for Solaris 8 and 9, when creating user accounts that are configured for password aging, creates the accounts with a blank password, which allows remote or local attackers to break into those accounts.... Read more

    Affected Products : solaris sunos
    • EPSS Score: %0.57
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-0225

    firehol.sh in FireHOL before 1.224 creates temporary files with predictable file names, which could allow local users to overwrite arbitrary files via a symlink attack.... Read more

    Affected Products : firehol
    • EPSS Score: %0.08
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-0324

    Infinite Mobile Delivery Webmail 2.6 allows remote attackers to gain sensitive information via an HTTP request that contains invalid characters for a Windows foldername, which reveals the path in an error message.... Read more

    Affected Products : infinite_mobile_delivery_webmail
    • EPSS Score: %0.53
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-0281

    Cross-site scripting (XSS) vulnerability in the web interface in Soldner Secret Wars 30830 allows remote attackers to inject arbitrary web script or HTML via a user message, which is not filtered or quoted when the administrator views the server logs.... Read more

    Affected Products : soldner_secret_wars
    • EPSS Score: %0.41
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-0185

    Stack-based buffer overflow in NodeManager Professional 2.00 allows remote attackers to execute arbitrary commands via a LinkDown-Trap packet that contains a long OCTET-STRING in the Trap variable-bindings field.... Read more

    Affected Products : nodemanager_professional
    • EPSS Score: %4.18
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-0254

    BibORB 1.3.2, and possibly earlier versions, does not properly enforce a restriction for uploading only PDF and PS files, which allows remote attackers to upload arbitrary files that are presented to other users with PDF or PS icons, which may trick some ... Read more

    Affected Products : biborb
    • EPSS Score: %0.70
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025
Showing 20 of 292507 Results