Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.3

    MEDIUM
    CVE-2004-2293

    Multiple cross-site scripting (XSS) vulnerabilities in PHP-Nuke 6.0 to 7.3 allow remote attackers to inject arbitrary web script or HTML via the (1) eid parameter or (2) query parameter to the Encyclopedia module, (3) preview_review function in the Review... Read more

    Affected Products : php-nuke
    • EPSS Score: %0.06
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-2283

    Unknown vulnerability in DansGuardian before 2.6.1-13 allows remote attackers to bypass URL filters via a crafted request that causes a page to be added to the clean page cache.... Read more

    Affected Products : dansguardian
    • EPSS Score: %0.22
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-2280

    Buffer overflow in IBM Lotus Notes 6.5.x before 6.5.3 and 6.0.x before 6.0.5 allows remote attackers to cause a denial of service (crash) via unknown vectors related to Java applets, as identified by KSPR62F4KN.... Read more

    Affected Products : lotus_notes
    • EPSS Score: %3.93
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-2234

    Unknown vulnerability in Moodle before 1.2 allows teachers to log in as administrators.... Read more

    Affected Products : moodle
    • EPSS Score: %0.39
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-2217

    Multiple unknown vulnerabilities in yhttpd in yChat before 0.7 allow remote attackers to cause a denial of service (segmentation fault) via unknown vectors.... Read more

    Affected Products : ychat
    • EPSS Score: %0.91
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2004-1767

    The kernel in Solaris 2.6, 7, 8, and 9 allows local users to gain privileges by loading arbitrary loadable kernel modules (LKM), possibly involving the modload function.... Read more

    Affected Products : solaris sunos
    • EPSS Score: %0.07
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-1792

    swnet.dll in YaSoft Switch Off 2.3 and earlier allows remote attackers to cause a denial of service (infinite loop) via a long packet with two CRLF sequences to the service management port (TCP 8000).... Read more

    Affected Products : switch_off
    • EPSS Score: %6.56
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-1812

    Multiple stack-based buffer overflows in Agent Common Services (1) cam.exe and (2) awservices.exe in Unicenter TNG 2.4 allow remote attackers to execute arbitrary code.... Read more

    Affected Products : unicenter_tng
    • EPSS Score: %31.84
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-2105

    The webacc servlet in Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to read arbitrary .htt files via a full pathname in the error parameter.... Read more

    Affected Products : netware
    • EPSS Score: %0.13
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2004-1844

    Cross-site scripting (XSS) vulnerability in Member Management System 2.1 allows remote attackers to inject arbitrary web script or HTML via (1) the err parameter to error.asp or (2) register.asp.... Read more

    Affected Products : member_management_system
    • EPSS Score: %1.16
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-2421

    Unknown vulnerability in Hitachi Job Management Partner (JP1) JP1/File Transmission Server/FTP 6 and 7, when running on HP-UX in trusted mode, allows attackers to bypass authentication and gain administrator rights.... Read more

    • EPSS Score: %0.77
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-1804

    wMCam server 2.1.348 allows remote attackers to cause a denial of service (no new connections) via multiple malformed HTTP requests without the GET command.... Read more

    Affected Products : wmcam_server
    • EPSS Score: %0.74
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-2397

    The web-based Management Console in Blue Coat Security Gateway OS 3.0 through 3.1.3.13 and 3.2.1, when importing a private key, stores the key and its passphrase in plaintext in a log file, which allows attackers to steal digital certificates.... Read more

    Affected Products : bluecoat_security_gateway
    • EPSS Score: %0.34
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-1814

    Directory traversal vulnerability in VocalTec VGW4/8 Gateway 8.0 allows remote attackers to read protected files via .. (dot dot) sequences in an HTTP request, as demonstrated using home.asp.... Read more

    Affected Products : vgw4_8_telephony_gateway
    • EPSS Score: %0.27
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-1800

    Unknown vulnerability in Sysbotz SimpleData 4.0.1 and possibly earlier versions allows remote attackers to gain access via a crafted URL and a certain cookie.... Read more

    Affected Products : simpledata
    • EPSS Score: %0.91
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2004-1790

    Cross-site scripting (XSS) vulnerability in the web management interface in Edimax AR-6004 ADSL Routers allows remote attackers to inject arbitrary web script or HTML via the URL.... Read more

    Affected Products : full_rate_adsl_router
    • EPSS Score: %0.83
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-2389

    Unknown vulnerability in Jabber Gadu-Gadu Transport (a.k.a. jabber-gg-transport) 2.0.x before 2.0.8 allows remote attackers to cause a denial of service (infinite loop) via user re-registration.... Read more

    Affected Products : jabber_gadu-gadu_transport
    • EPSS Score: %1.27
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-2505

    Macromedia ColdFusion MX before 6.1 does not restrict the size of error messages, which allows remote attackers to cause a denial of service (memory consumption and crash) by sending repeated GET or POST requests that trigger error messages that use long ... Read more

    Affected Products : coldfusion
    • EPSS Score: %21.88
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-2359

    Dell TrueMobile 1300 WLAN Mini-PCI Card Util TrayApplet 3.10.39.0 does not properly drop SYSTEM privileges when started from the systray applet, which allows local users to gain privileges by accessing the Help functionality.... Read more

    • EPSS Score: %1.23
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-2712

    Buffer overflow in Gyach Enhanced (Gyach-E) before 1.0.0-SneakPeek-3 allows remote attackers to cause a denial of service (crash) via unspecified vectors related to "URL data."... Read more

    Affected Products : gyach_enhanced
    • EPSS Score: %0.52
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025
Showing 20 of 291783 Results