Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2004-0714

    Cisco Internetwork Operating System (IOS) 12.0S through 12.3T attempts to process SNMP solicited operations on improper ports (UDP 162 and a randomly chosen UDP port), which allows remote attackers to cause a denial of service (device reload and memory co... Read more

    • EPSS Score: %2.86
    • Published: Jul. 27, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0719

    Internet Explorer for Mac 5.2.3, Internet Explorer 6 on Windows XP, and possibly other versions, does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and ot... Read more

    Affected Products : internet_explorer ie
    • EPSS Score: %15.58
    • Published: Jul. 27, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0566

    Integer overflow in imgbmp.cxx for Windows 2000 allows remote attackers to execute arbitrary code via a BMP image with a large bfOffBits value.... Read more

    Affected Products : internet_explorer
    • EPSS Score: %57.43
    • Published: Jul. 27, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0729

    PhpBB 2.0.8 allows remote attackers to gain sensitive information via an invalid (1) category_rows parameter to index.php, (2) faq parameter to faq.php, or (3) ranksrow parameter to profile.php, which reveal the full path in an error message.... Read more

    Affected Products : phpbb
    • EPSS Score: %0.48
    • Published: Jul. 27, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0741

    LionMax Software WWW File Share Pro 2.60 allows remote attackers to cause a denial of service (crash or hang) via a long URL, possibly triggering a buffer overflow.... Read more

    Affected Products : www_file_share_pro
    • EPSS Score: %0.71
    • Published: Jul. 27, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0738

    Multiple SQL injection vulnerabilities in the Search module in Php-Nuke allow remote attackers to execute arbitrary SQL via the (1) min or (2) categ parameters.... Read more

    Affected Products : php-nuke
    • EPSS Score: %0.02
    • Published: Jul. 27, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0737

    Multiple cross-site scripting vulnerabilities in index.php in the Search module for Php-Nuke allows remote attackers to inject arbitrary web script or HTML via the (1) sid, (2) max, (3) sel1, (4) sel2, (5) sel3, (6) sel4, (7) sel5, (8) match, (9) mod1, (1... Read more

    Affected Products : php-nuke
    • EPSS Score: %0.04
    • Published: Jul. 27, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0726

    The Windows Media Player control in Microsoft Windows 2000 allows remote attackers to execute arbitrary script in the local computer zone via an ASX filename that contains javascript, which is executed in the local context in a preview panel.... Read more

    Affected Products : windows_2000
    • EPSS Score: %11.70
    • Published: Jul. 27, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-2053

    PHP remote file inclusion vulnerability in index.php in EasyIns Stadtportal 4 allows remote attackers to execute arbitrary PHP code via the site parameter.... Read more

    Affected Products : easyins
    • EPSS Score: %2.47
    • Published: Jul. 24, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-2051

    The Phoenix browser in eSeSIX Thintune thin clients running firmware 2.4.38 and earlier allows local users to read arbitrary files via a file:/// URL.... Read more

    • EPSS Score: %0.51
    • Published: Jul. 24, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-2047

    Directory traversal vulnerability in EasyWeb FileManager 1.0 RC-1 for PostNuke allows remote attackers to retrieve arbitrary files via a .. (dot dot) in the pathext parameter.... Read more

    Affected Products : easyweb_filemanager
    • EPSS Score: %7.54
    • Published: Jul. 23, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-1749

    Attack Mitigator IPS 5500 3.11.008, and possibly other versions, when configured in a one-armed routing configuration, allows remote attackers to cause a denial of service (CPU consumption) via a large number of HTTP requests.... Read more

    Affected Products : attack_mitigator
    • EPSS Score: %0.76
    • Published: Jul. 22, 2004
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2004-2055

    Cross-site scripting (XSS) vulnerability in search.php for PhpBB 2.0.4 and 2.0.9 allows remote attackers to inject arbitrary HTMl or web script via the search_author parameter.... Read more

    Affected Products : phpbb
    • EPSS Score: %0.44
    • Published: Jul. 19, 2004
    • Modified: Apr. 03, 2025

  • 7.6

    HIGH
    CVE-2004-0486

    HelpViewer in Mac OS X 10.3.3 and 10.2.8 processes scripts that it did not initiate, which can allow attackers to execute arbitrary code, an issue that was originally reported as a directory traversal vulnerability in the Safari web browser using the runs... Read more

    Affected Products : mac_os_x mac_os_x_server
    • EPSS Score: %8.88
    • Published: Jul. 07, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-0420

    The Windows Shell application in Windows 98, Windows ME, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code by spoofing the type of a file via a CLSID specifier in the filename, as demonstra... Read more

    Affected Products : internet_explorer ie
    • EPSS Score: %55.06
    • Published: Jul. 07, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-0422

    flim before 1.14.3 creates temporary files insecurely, which allows local users to overwrite arbitrary files of the Emacs user via a symlink attack.... Read more

    Affected Products : enterprise_linux flim
    • EPSS Score: %0.08
    • Published: Jul. 07, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-0434

    k5admind (kadmind) for Heimdal allows remote attackers to execute arbitrary code via a Kerberos 4 compatibility administration request whose framing length is less than 2, which leads to a heap-based buffer overflow.... Read more

    Affected Products : debian_linux heimdal
    • EPSS Score: %22.37
    • Published: Jul. 07, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0411

    The URI handlers in Konqueror for KDE 3.2.2 and earlier do not properly filter "-" characters that begin a hostname in a (1) telnet, (2) rlogin, (3) ssh, or (4) mailto URI, which allows remote attackers to manipulate the options that are passed to the ass... Read more

    Affected Products : konqueror
    • EPSS Score: %6.49
    • Published: Jul. 07, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0400

    Stack-based buffer overflow in Exim 4 before 4.33, when the headers_check_syntax option is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code during the header check.... Read more

    Affected Products : exim
    • EPSS Score: %6.39
    • Published: Jul. 07, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0426

    rsync before 2.6.1 does not properly sanitize paths when running a read/write daemon without using chroot, which allows remote attackers to write files outside of the module's path.... Read more

    Affected Products : rsync
    • EPSS Score: %2.43
    • Published: Jul. 07, 2004
    • Modified: Apr. 03, 2025
Showing 20 of 291384 Results