Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2004-0644

    The asn1buf_skiptail function in the ASN.1 decoder library for MIT Kerberos 5 (krb5) 1.2.2 through 1.3.4 allows remote attackers to cause a denial of service (infinite loop) via a certain BER encoding.... Read more

    Affected Products : kerberos_5
    • EPSS Score: %8.58
    • Published: Sep. 28, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0408

    Buffer overflow in the child_service function in the ident2 ident daemon allows remote attackers to execute arbitrary code.... Read more

    Affected Products : ident2
    • EPSS Score: %3.42
    • Published: Sep. 28, 2004
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-1583

    Buffer overflow in sqllib/security/db2ckpw for IBM DB2 Universal Database 6.0 and 7.0 allows local users to execute arbitrary code via a long username that is read from a file descriptor argument.... Read more

    Affected Products : db2_universal_database
    • EPSS Score: %0.27
    • Published: Sep. 28, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0163

    Sygate Secure Enterprise (SSE) 3.5MR3 and earlier does not change the key used to encrypt data, which allows remote attackers to cause a denial of service (resource exhaustion) by capturing a session and repeatedly replaying the session.... Read more

    Affected Products : secure_enterprise
    • EPSS Score: %0.74
    • Published: Sep. 28, 2004
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-1052

    IBM DB2 7.1 and 8.1 allow the bin user to gain root privileges by modifying the shared libraries that are used in setuid root programs.... Read more

    Affected Products : db2 db2_universal_database
    • EPSS Score: %0.37
    • Published: Sep. 28, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0458

    mah-jong before 1.6.2 allows remote attackers to cause a denial of service (server crash) via a missing argument, which triggers a null pointer dereference.... Read more

    Affected Products : debian_linux mah-jong
    • EPSS Score: %2.15
    • Published: Sep. 28, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0699

    Heap-based buffer overflow in ASN.1 decoding library in Check Point VPN-1 products, when Aggressive Mode IKE is implemented, allows remote attackers to execute arbitrary code by initiating an IKE negotiation and then sending an IKE packet with malformed A... Read more

    Affected Products : vpn-1 firewall-1 vpn-1_firewall-1
    • EPSS Score: %19.80
    • Published: Sep. 28, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0558

    The Internet Printing Protocol (IPP) implementation in CUPS before 1.1.21 allows remote attackers to cause a denial of service (service hang) via a certain UDP packet to the IPP port.... Read more

    Affected Products : cups
    • EPSS Score: %8.77
    • Published: Sep. 28, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0642

    Double free vulnerabilities in the error handling code for ASN.1 decoders in the (1) Key Distribution Center (KDC) library and (2) client library for MIT Kerberos 5 (krb5) 1.3.4 and earlier may allow remote attackers to execute arbitrary code.... Read more

    • EPSS Score: %25.80
    • Published: Sep. 28, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0692

    The XPM parser in the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application crash) via a malformed image file that triggers a null dereference, a different vulnerability than CVE-2004-0693.... Read more

    Affected Products : qt
    • EPSS Score: %2.24
    • Published: Sep. 28, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0500

    Buffer overflow in the MSN protocol plugins (1) object.c and (2) slp.c for Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via MSNSLP protocol messages that are not properly handled in a strncpy ca... Read more

    • EPSS Score: %3.26
    • Published: Sep. 28, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0629

    Buffer overflow in the ActiveX component (pdf.ocx) for Adobe Acrobat 5.0.5 and Acrobat Reader, and possibly other versions, allows remote attackers to execute arbitrary code via a URI for a PDF file with a null terminator (%00) followed by a long string.... Read more

    Affected Products : acrobat acrobat_reader
    • EPSS Score: %20.76
    • Published: Sep. 28, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0593

    Sygate Enforcer 3.5MR1 and earlier passes broadcast traffic before authentication, which could allow remote attackers to bypass filtering rules.... Read more

    Affected Products : enforcer secure_enterprise
    • EPSS Score: %0.53
    • Published: Sep. 28, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0105

    ServerMask 2.2 and earlier does not obfuscate (1) ETag, (2) HTTP Status Message, or (3) Allow HTTP responses, which could tell remote attackers that the web server is an IIS server.... Read more

    Affected Products : servermask
    • EPSS Score: %0.64
    • Published: Sep. 28, 2004
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2003-1049

    IBM DB2 Universal Database 7 before FixPak 12 creates certain DMS directories with insecure permissions (777), which allows local users to modify or delete certain DB2 files.... Read more

    Affected Products : db2_universal_database
    • EPSS Score: %0.05
    • Published: Sep. 28, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0929

    Clearswift MAILsweeper before 4.3.15 does not properly detect and filter ZIP 6.0 encoded files, which allows remote attackers to bypass intended policy.... Read more

    Affected Products : mailsweeper
    • EPSS Score: %0.31
    • Published: Sep. 28, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0931

    Sygate Enforcer 4.0 earlier allows remote attackers to cause a denial of service (service hang) by replaying a malformed discovery packet to UDP port 39999.... Read more

    Affected Products : enforcer
    • EPSS Score: %0.74
    • Published: Sep. 28, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0930

    Clearswift MAILsweeper before 4.3.15 does not properly detect filenames in BinHex (HQX) encoded files, which allows remote attackers to bypass intended policy.... Read more

    Affected Products : mailsweeper
    • EPSS Score: %0.17
    • Published: Sep. 28, 2004
    • Modified: Apr. 03, 2025

  • 7.1

    HIGH
    CVE-2004-0689

    KDE before 3.3.0 does not properly handle when certain symbolic links point to "stale" locations, which could allow local users to create or truncate arbitrary files.... Read more

    Affected Products : debian_linux kde
    • EPSS Score: %0.03
    • Published: Sep. 28, 2004
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2004-0457

    The mysqlhotcopy script in mysql 4.0.20 and earlier, when using the scp method from the mysql-server package, allows local users to overwrite arbitrary files via a symlink attack on temporary files.... Read more

    Affected Products : mysql
    • EPSS Score: %0.11
    • Published: Sep. 28, 2004
    • Modified: Apr. 03, 2025
Showing 20 of 291616 Results