Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.2

    HIGH
    CVE-2004-0536

    Format string vulnerability in Tripwire commercial 4.0.1 and earlier, including 2.4, and open source 2.3.1 and earlier, allows local users to gain privileges via format string specifiers in a file name, which is used in the generation of an email report.... Read more

    Affected Products : tripwire
    • EPSS Score: %0.08
    • Published: Aug. 06, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0683

    Symantec Norton AntiVirus 2002 and 2003 allows remote attackers to cause a denial of service (CPU consumption) via a compressed archive that contains a large number of directories.... Read more

    Affected Products : norton_antivirus
    • EPSS Score: %4.16
    • Published: Aug. 06, 2004
    • Modified: Apr. 03, 2025

  • 6.8

    MEDIUM
    CVE-2004-0663

    Cross-site scripting (XSS) vulnerability in modules.php in PowerPortal 1.x allows remote attackers to inject arbitrary script or HTML via the (1) id parameter to the (a) private_messages module; (2) search parameter to the (b) links and (c) content module... Read more

    Affected Products : powerportal
    • EPSS Score: %0.83
    • Published: Aug. 06, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-0542

    PHP before 4.3.7 on Win32 platforms does not properly filter all shell metacharacters, which allows local or remote attackers to execute arbitrary code, overwrite files, and access internal environment variables via (1) the "%", "|", or ">" characters to ... Read more

    Affected Products : php
    • EPSS Score: %7.68
    • Published: Aug. 06, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-0549

    The WebBrowser ActiveX control, or the Internet Explorer HTML rendering engine (MSHTML), as used in Internet Explorer 6, allows remote attackers to execute arbitrary code in the Local Security context by using the showModalDialog method and modifying the ... Read more

    Affected Products : internet_explorer
    • EPSS Score: %71.70
    • Published: Aug. 06, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0670

    Prestige 650HW-31 running Rompager 4.7 software allows remote attackers to cause a denial of service (device reboot) via a long password.... Read more

    Affected Products : prestige
    • EPSS Score: %0.76
    • Published: Aug. 06, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-0676

    Directory traversal vulnerability in Fastream NETFile FTP/Web Server 6.7.2.1085 and earlier allows remote attackers to create or delete arbitrary files via .. (dot dot) and // (double slash) sequences in the filename parameter.... Read more

    Affected Products : netfile_ftp_web_server
    • EPSS Score: %3.12
    • Published: Aug. 06, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0528

    Netscape Navigator 7.1 allows remote attackers to spoof a legitimate URL in the status bar via A HREF tags with modified "alt" values that point to the legitimate site, combined with an image map whose href points to the malicious site, which facilitates ... Read more

    Affected Products : navigator
    • EPSS Score: %3.06
    • Published: Aug. 06, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0662

    PowerPortal 1.x allows remote attackers to gain sensitive information via invalid or missing parameters in HTTP requests to (1) resize.php or (2) modules.php, which reveals the path in an error message.... Read more

    Affected Products : powerportal
    • EPSS Score: %0.48
    • Published: Aug. 06, 2004
    • Modified: Apr. 03, 2025

  • 6.8

    MEDIUM
    CVE-2004-0675

    Cross-site scripting (XSS) vulnerability in (1) cart32.exe or (2) c32web.exe in Cart32 shopping cart allows remote attackers to execute arbitrary web script via the cart32 parameter to a GetLatestBuilds command.... Read more

    Affected Products : cart32
    • EPSS Score: %4.08
    • Published: Aug. 06, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-0586

    acpRunner ActiveX 1.2.5.0 allows remote attackers to execute arbitrary code via the (1) DownLoadURL, (2) SaveFilePath, and (3) Download ActiveX methods.... Read more

    Affected Products : acprunner
    • EPSS Score: %5.62
    • Published: Aug. 06, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0671

    Brightmail Spamfilter 6.0 and earlier beta releases allows remote attackers to read mail from other users by modifying the id parameter in a viewMsgDetails.do request.... Read more

    Affected Products : brightmail_antispam
    • EPSS Score: %4.68
    • Published: Aug. 06, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0526

    Unknown versions of Internet Explorer and Outlook allow remote attackers to spoof a legitimate URL in the status bar via A HREF tags with modified "alt" values that point to the legitimate site, combined with an image map whose href points to the maliciou... Read more

    • EPSS Score: %51.34
    • Published: Aug. 06, 2004
    • Modified: Apr. 03, 2025

  • 6.8

    MEDIUM
    CVE-2004-0672

    Multiple cross-site scripting (XSS) vulnerabilities in the primary and management web interfaces in Netegrity IdentityMinder Web Edition 5.6 allows remote attackers to execute script as other users via (1) script that starts with %00 in the numOfExpressio... Read more

    Affected Products : identityminder policy_server
    • EPSS Score: %0.35
    • Published: Aug. 06, 2004
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2004-0453

    Format string vulnerability in the monitor "memory dump" command in VICE 1.6 to 1.14 allows local users to cause a denial of service (emulator crash) and possibly execute arbitrary code via format string specifiers in an output string.... Read more

    Affected Products : vice
    • EPSS Score: %0.07
    • Published: Aug. 06, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-0680

    Zoom X3 ADSL modem has a terminal running on port 254 that can be accessed using the default HTML management password, even if the password has been changed for the HTTP interface, which could allow remote attackers to gain unauthorized access.... Read more

    Affected Products : model_5560_x3_ethernet_adsl_modem
    • EPSS Score: %0.93
    • Published: Aug. 06, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-0137

    Unknown vulnerability in init for IRIX 6.5.20 through 6.5.24 allows local users to cause a denial of service (system panic) as a result of "page invalidation issues."... Read more

    Affected Products : irix
    • EPSS Score: %0.07
    • Published: Aug. 06, 2004
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2004-1712

    Cross-site scripting (XSS) vulnerability in TypePad allows remote attackers to inject arbitrary Javascript via the name parameter.... Read more

    Affected Products : typepad
    • EPSS Score: %0.34
    • Published: Aug. 06, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-0535

    The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this issue was originally incorrectly reported as a "buffer overflow" by some sour... Read more

    • EPSS Score: %0.09
    • Published: Aug. 06, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-0659

    Buffer overflow in TranslateFilename for common.c in MPlayer 1.0pre4 allows remote attackers to execute arbitrary code via a long file name.... Read more

    Affected Products : mplayer
    • EPSS Score: %4.45
    • Published: Aug. 06, 2004
    • Modified: Apr. 03, 2025
Showing 20 of 291419 Results