Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2004-1828

    Vcard 2.9 and possibly other versions does not require authorization to run uninstall.php, which could allow remote attackers to uninstall Vcard and delete database tables via a direct request to uninstall.php.... Read more

    Affected Products : vcard
    • EPSS Score: %3.06
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-2613

    Unspecified vulnerability in procfs in the Linux-VServer stable branch for the 2.4 kernel before 1.23 and Linux-VServer development branch for the 2.4 kernel before 1.3.5 has unspecified impact and attack vectors, related to "write access to specific proc... Read more

    Affected Products : linux-vserver
    • EPSS Score: %0.38
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2004-2369

    Directory traversal vulnerability in webadmin.nsf for Lotus Domino R6 6.5.1 allows attackers to create and detect directories via a .. (dot dot) in the directory creation command.... Read more

    Affected Products : lotus_domino
    • EPSS Score: %0.26
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 6.0

    MEDIUM
    CVE-2004-1389

    Unknown vulnerability in the Veritas NetBackup Administrative Assistant interface for NetBackup BusinesServer 3.4, 3.4.1, and 4.5, DataCenter 3.4, 3.4.1, and 4.5, Enterprise Server 5.1, and NetBackup Server 5.0 and 5.1, allows attackers to execute arbitra... Read more

    Affected Products : netbackup
    • EPSS Score: %35.32
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2004-2103

    Cross-site scripting (XSS) vulnerability in Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to process arbitrary script or HTML as other users via (1) a malformed request for a Perl program with script in the filename, (2) the Use... Read more

    Affected Products : netware
    • EPSS Score: %0.18
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-2344

    Unknown vulnerability in the ASN.1/H.323/H.225 stack of VocalTec VGW120 and VGW480 allows remote attackers to cause a denial of service.... Read more

    • EPSS Score: %3.84
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2004-1410

    Cross-site scripting (XSS) vulnerability in Gadu-Gadu build 155 and earlier allows remote attackers to inject arbitrary web script via a URL, which is echoed in a popup window that displays a parsing error message, a different vulnerability than CVE-2004-... Read more

    Affected Products : gadu-gadu_instant_messenger
    • EPSS Score: %0.46
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 6.5

    MEDIUM
    CVE-2004-2345

    Unknown multiple vulnerabilities in Oracle9i Database Server 9.0.1.4, 9.0.1.5, 9.2.0.3, and 9.2.0.4 allow local users with the ability to invoke SQL to cause a denial of service or obtain sensitive information.... Read more

    Affected Products : database_server
    • EPSS Score: %0.77
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2004-2335

    The Macromedia installers and e-licensing client on Mac OS X, as used for Macromedia Contribute 2, Director, Dreamweaver, Fireworks, Flash, and Studio, install the AuthenticationService setuid and writable by other users, which allows local users to gain ... Read more

    Affected Products : contribute studio
    • EPSS Score: %0.01
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2004-2642

    Yeemp 0.9.9 and earlier does not properly encrypt inbound files, which allows remote attackers to spoof the identity of the sender.... Read more

    Affected Products : yeemp
    • EPSS Score: %0.60
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-2645

    Unspecified vulnerability in ASN.1 Compiler (asn1c) before 0.9.7 has unknown impact and attack vectors when processing "CHOICE" types with "indefinite length structures."... Read more

    Affected Products : asn.1_compiler
    • EPSS Score: %0.62
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-1483

    Multiple unknown vulnerabilities in the ActiveX and HTML file browsers in Symantec Clientless VPN Gateway 4400 Series 5.0 have unknown attack vectors and unknown impact.... Read more

    Affected Products : clientless_vpn_gateway_4400
    • EPSS Score: %3.04
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 7.8

    HIGH
    CVE-2004-2652

    The DecodeTCPOptions function in decode.c in Snort before 2.3.0, when printing TCP/IP options using FAST output or verbose mode, allows remote attackers to cause a denial of service (crash) via packets with invalid TCP/IP options, which trigger a null der... Read more

    Affected Products : snort
    • EPSS Score: %22.66
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-1395

    The Lithtech engine, as used in (1) Contract Jack 1.1 and earlier, (2) No one lives forever 2 1.3 and earlier, (3) Tron 2.0 1.042 and earlier, (4) F.E.A.R. (First Encounter Assault and Recon), and possibly other games, allows remote attackers to cause a d... Read more

    • EPSS Score: %12.48
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2004-2017

    Multiple cross-site scripting (XSS) vulnerabilities in Turbo Traffic Trader C (TTT-C) 1.0 allow remote attackers to inject arbitrary HTML or web script, as demonstrated via (1) the link parameter to ttt-out, (2) the X-Forwarded-For header in a GET request... Read more

    Affected Products : turbotraffictrader_c
    • EPSS Score: %9.50
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 5.8

    MEDIUM
    CVE-2004-2694

    Microsoft Outlook Express 6.0 allows remote attackers to bypass intended access restrictions, load content from arbitrary sources into the Outlook context, and facilitate phishing attacks via a "BASE HREF" with the target set to "_top".... Read more

    Affected Products : outlook_express
    • EPSS Score: %17.27
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-2706

    Unspecified vulnerability in Gyach Enhanced (Gyach-E) before 1.0.4 allows remote attackers to cause a denial of service (crash) via conference packets with error messages.... Read more

    Affected Products : gyach_enhanced
    • EPSS Score: %0.47
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-2708

    Gyach Enhanced (Gyach-E) before 1.0.0 stores passwords in plaintext, which allows attackers to obtain user passwords by reading the configuration file.... Read more

    Affected Products : gyach_enhanced
    • EPSS Score: %0.26
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-2716

    Multiple SQL injection vulnerabilities in usersL.php3 in PHPMyChat 0.14.5 allow remote attackers to execute arbitrary SQL commands via the (1) sortBy, (2) sortOrder, (3) startReg, (4) U, (5) LastCheck , and (6) R parameters.... Read more

    Affected Products : phpmychat
    • EPSS Score: %0.54
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 7.1

    HIGH
    CVE-2004-2724

    LionMax Software Chat Anywhere 2.72a allows remote attackers to cause a denial of service (server crash and client CPU consumption) via a username beginning with percent (%) followed by a null character.... Read more

    Affected Products : chat_anywhere
    • EPSS Score: %0.95
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025
Showing 20 of 291647 Results