Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.6

    MEDIUM
    CVE-2005-0993

    Buffer overflow in nwprint in SCO OpenServer 5.0.7 allows local users to execute arbitrary code via a long command line argument.... Read more

    Affected Products : openserver
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-0958

    Format string vulnerability in the log_do function in log.c for YepYep mtftpd 0.0.3, when the statistics option is enabled, allows remote attackers to execute arbitrary code via the CWD command.... Read more

    Affected Products : mtftpd
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-0917

    PHP remote file inclusion vulnerability in index_header.php for EncapsBB 0.3.2_fixed, and possibly other versions, allows remote attackers to execute arbitrary PHP code via the root parameter.... Read more

    Affected Products : encapsbb
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-0965

    The gaim_markup_strip_html function in Gaim 1.2.0, and possibly earlier versions, allows remote attackers to cause a denial of service (application crash) via a string that contains malformed HTML, which causes an out-of-bounds read.... Read more

    Affected Products : enterprise_linux gaim
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-0812

    The web interface in NotifyLink 3.0 displays passwords in cleartext on the administrative page, which could allow remote attackers or local users to obtain sensitive information.... Read more

    Affected Products : notifylink
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-0910

    Multiple cross-site scripting (XSS) vulnerabilities in exoops allow remote attackers to inject arbitrary web script or HTML via (1) the sortdays parameter to viewforum.php or (2) the viewcat parameter to index.php.... Read more

    Affected Products : e-xoops
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 3.6

    LOW
    CVE-2005-0894

    OpenmosixCollector and OpenMosixView in OpenMosixView 1.5 allow local users to overwrite or delete arbitrary files via a symlink attack on (1) temporary files in the openmosixcollector directory or (2) nodes.tmp.... Read more

    Affected Products : openmosixview
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-0854

    betaparticle blog (bp blog), posisbly before version 4, allows remote attackers to bypass authentication and (1) upload files via a direct request to upload.asp or (2) delete files via a direct request to myFiles.asp.... Read more

    Affected Products : betaparticle_blog
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-0817

    Unknown vulnerability in the DNSd proxy, as used in Symantec Gateway Security 5400 2.x and 5300 1.x, Enterprise Firewall 7.0.x and 8.x, and VelociRaptor 1100/1200/1300 1.5, allows remote attackers to poison the DNS cache and redirect users to malicious si... Read more

    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-0852

    Microsoft Windows XP SP1 allows local users to cause a denial of service (system crash) via an empty datagram to a raw IP over IP socket (IP protocol 4), as originally demonstrated using code in Python 2.3.... Read more

    Affected Products : windows_xp
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2005-1015

    Buffer overflow in MailEnable Imapd (MEIMAP.exe) allows remote attackers to execute arbitrary code via a long LOGIN command.... Read more

    Affected Products : imapd
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-0856

    CoolForum 0.8.1 beta and earlier allows remote attackers to manipulate SQL commands via certain requests to (1) alert.php or (2) viewip.php, possibly due to a SQL injection vulnerability.... Read more

    Affected Products : coolforum
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-0975

    Integer signedness error in the parse_machfile function in the mach-o loader (mach_loader.c) for the Darwin Kernel as used in Mac OS X 10.3.7, and other versions before 10.3.9, allows local users to cause a denial of service (CPU consumption) via a crafte... Read more

    Affected Products : mac_os_x mac_os_x_server darwin_kernel
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-0862

    Multiple PHP remote file inclusion vulnerabilities in PHPOpenChat 3.0.1 and earlier allow remote attackers to execute arbitrary PHP code via the phpbb_root_path parameter to (1) poc_loginform.php or (2) phpbb/poc.php, the poc_root_path parameter to (3) ph... Read more

    Affected Products : phpopenchat
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-0830

    Multiple buffer overflows in Xzabite DYNDNSUpdate 0.6.15 and earlier, including the ipcheck function in dyndnsupdate.c, allow remote attackers who spoof a dyndns.org server to execute arbitrary code via unknown vectors.... Read more

    Affected Products : dyndnsupdate
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-0853

    betaparticle blog (bp blog) stores the database under the web root, which allows remote attackers to obtain sensitive information via a direct request to (1) dbBlogMX.mdb for versions before 3.0, or (2) Blog.mdb for versions 3.0 and later. NOTE: it was l... Read more

    Affected Products : betaparticle_blog
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-1309

    Cross-site scripting (XSS) vulnerability in bBlog 0.7.4 allows remote attackers to inject arbitrary web script or HTML via the (1) entry title field or (2) comment body text.... Read more

    Affected Products : bblog bblog
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-0213

    Directory traversal vulnerability in WinHKI 1.4d allows remote attackers to overwrite arbitrary files via a .. (dot dot) in a zip file.... Read more

    Affected Products : winhki
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-1319

    Cross-site scripting (XSS) vulnerability in Horde IMP Webmail client before 3.2.8 allows remote attackers to inject arbitrary web script or HTML via the parent's frame page title.... Read more

    Affected Products : imp
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-0275

    TFTP in 3Com 3CDaemon 2.0 revision 10 allows remote attackers to cause a denial of service (application crash) via a GET request containing an MS-DOS device name.... Read more

    Affected Products : 3cdaemon
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025
Showing 20 of 292836 Results