Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.6

    MEDIUM
    CVE-2005-1194

    Stack-based buffer overflow in the ieee_putascii function for nasm 0.98 and earlier allows attackers to execute arbitrary code via a crafted asm file, a different vulnerability than CVE-2004-1287.... Read more

    • Published: May. 04, 2005
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2005-1335

    Unknown vulnerability in Mac OS X 10.3.9 allows local users to gain privileges via (1) chfn, (2) chpass, and (3) chsh, which "use external helper programs in an insecure manner."... Read more

    Affected Products : mac_os_x mac_os_x_server
    • Published: May. 04, 2005
    • Modified: Apr. 03, 2025

  • 4.9

    MEDIUM
    CVE-2005-1330

    AppKit in Mac OS X 10.3.9 allows attackers to cause a denial of service (Cocoa application crash) via a malformed TIFF image that causes the NXSeek to use an incorrect offset, leading to an unhandled exception.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • Published: May. 04, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1340

    The HTTP proxy service in Server Admin for Mac OS X 10.3.9 does not restrict access when it is enabled, which allows remote attackers to use the proxy.... Read more

    Affected Products : mac_os_x
    • Published: May. 04, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1332

    Bluetooth-enabled systems in Mac OS X 10.3.9 enables the Bluetooth file exchange service by default, which allows remote attackers to access files without the user being notified, and local users to access files via the default directory.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • Published: May. 04, 2005
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2005-1336

    Buffer overflow in the Foundation framework for Mac OS X 10.3.9 allows local users to execute arbitrary code via a long environment variable.... Read more

    Affected Products : mac_os_x
    • Published: May. 04, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1339

    lukemftpd in Mac OS X 10.3.9 allows remote authenticated users to escape the chroot environment by logging in with their full name.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • Published: May. 04, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1337

    Apple Help Viewer 2.0.7 and 3.0.0 in Mac OS X 10.3.9 allows remote attackers to read and execute arbitrary scrpts with less restrictive privileges via a help:// URI.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • Published: May. 04, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-0676

    index.php in Zorum 3.5 allows remote attackers to trigger an SQL error, and possibly inject arbitrary SQL commands, via the search capability.... Read more

    Affected Products : zorum
    • Published: May. 04, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-1410

    The tsearch2 module in PostgreSQL 7.4 through 8.0.x declares the (1) dex_init, (2) snb_en_init, (3) snb_ru_init, (4) spell_init, and (5) syn_init functions as "internal" even when they do not take an internal argument, which allows attackers to cause a de... Read more

    Affected Products : postgresql secure_linux
    • Published: May. 03, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1409

    PostgreSQL 7.3.x through 8.0.x gives public EXECUTE access to certain character conversion functions, which allows unprivileged users to call those functions with malicious values, with unknown impact, aka the "Character conversion vulnerability."... Read more

    Affected Products : postgresql
    • Published: May. 03, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1376

    Multiple directory traversal vulnerabilities in (1) document.php or (2) insertMyDoc.php in Claroline 1.5.3 through 1.6 Release Candidate 1, and possibly Dokeos, allow remote project administrators to upload arbitrary files.... Read more

    Affected Products : claroline
    • Published: May. 03, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-1382

    The webcacheadmin module in Oracle Webcache 9i allows remote attackers to corrupt arbitrary files via a full pathname in the cache_dump_file parameter.... Read more

    • Published: May. 03, 2005
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2005-1379

    The LAM runtime environment package (lam-runtime-7.0.6-2mdk) on Mandrake Linux installs the mpi user without a password, which allows local users to gain privileges.... Read more

    Affected Products : mandrake_lam-runtime
    • Published: May. 03, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1435

    Open WebMail (OWM) before 2.51 20050430 allows remote authenticated users to execute arbitrary commands via shell metacharacters in a filename.... Read more

    Affected Products : open_webmail
    • Published: May. 03, 2005
    • Modified: Apr. 03, 2025

  • 6.8

    MEDIUM
    CVE-2005-1443

    Multiple cross-site scripting (XSS) vulnerabilities in index.php for Invision Power Board (IPB) 2.0.3 and 2.1 Alpha 2 allows remote attackers to inject arbitrary web script or HTML via the (1) act, (2) Members, (3) calendar, or (4) HID parameters.... Read more

    Affected Products : invision_power_board
    • Published: May. 03, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1825

    Multiple stack-based buffer overflows in the nvd_exec function in HP Radia Notify Daemon 3.1.2.0 (formerly by Novadigm), and other versions including 2.x, 3.x, and 4.x, allows remote attackers to execute arbitrary code via a command with crafted parameter... Read more

    Affected Products : radia_client
    • Published: May. 03, 2005
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2005-1343

    Stack-based buffer overflow in the VPN daemon (vpnd) for Mac OS X before 10.3.9 allows local users to execute arbitrary code via a long -i (Server_id) argument.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • Published: May. 03, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1370

    Unknown vulnerability in Radia Management Agent (RMA) in HP OpenView Radia Management Portal (RMP) 1.x and 2.x allows remote attackers to execute arbitrary commands via unknown vectors.... Read more

    Affected Products : openview_radia_management_portal
    • Published: May. 03, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1378

    SQL injection vulnerability in posting_notes.php in the notes module for phpBB allows remote attackers to execute arbitrary SQL commands via the p parameter, which is used in the $post_id variable, and other attack vectors.... Read more

    Affected Products : phpbb_personal_notes_module
    • Published: May. 03, 2005
    • Modified: Apr. 03, 2025
Showing 20 of 294842 Results