Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2005-0800

    PHP remote file inclusion vulnerability in install.php in mcNews 1.3 and earlier allows remote attackers to execute arbitrary PHP code by modifying the l parameter to reference a URL on a remote web server that contains the code, a different vulnerability... Read more

    Affected Products : mcnews
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-0383

    Trend Micro Control Manager 3.0 Enterprise Edition allows remote attackers to gain privileges via a replay attack of the encrypted username and password.... Read more

    Affected Products : control_manager
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-0554

    Buffer overflow in the URL processor of Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a URL with a long hostname, aka "URL Parsing Memory Corruption Vulner... Read more

    Affected Products : internet_explorer
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-0523

    Format string vulnerability in ProZilla 1.3.7.3 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the Location header.... Read more

    Affected Products : prozilla_download_accelerator
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-0541

    consoleConnect.jsp in Cyclades AlterPath Manager (APM) Console Server 1.2.1 allows remote attackers to connect to arbitrary consoles by modifying the consolename parameter.... Read more

    Affected Products : alterpath_manager
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-0532

    The reiserfs_copy_from_user_to_file_region function in reiserfs/file.c for Linux kernel 2.6.10 and 2.6.11 before 2.6.11-rc4, when running on 64-bit architectures, may allow local users to trigger a buffer overflow as a result of casting discrepancies betw... Read more

    Affected Products : linux_kernel
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-0597

    Cisco devices running Application and Content Networking System (ACNS) 5.0 before 5.0.17.6 and 5.1 before 5.1.11.6 allow remote attackers to cause a denial of service (process restart) via a "crafted TCP connection."... Read more

    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-0856

    CoolForum 0.8.1 beta and earlier allows remote attackers to manipulate SQL commands via certain requests to (1) alert.php or (2) viewip.php, possibly due to a SQL injection vulnerability.... Read more

    Affected Products : coolforum
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-0388

    Unknown vulnerability in the remoteping service in remstats 1.0.13 and earlier allows remote attackers to execute arbitrary commands "due to missing input sanitising."... Read more

    Affected Products : remstats
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2005-0522

    Chat Anywhere 2.72a stores sensitive information such as passwords in plaintext in the .INI file for a chatroom, which allows local users to gain privileges.... Read more

    Affected Products : chat_anywhere
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-0569

    Multiple SQL injection vulnerabilities in PunBB 1.2.1 allow remote attackers to execute arbitrary SQL commands via the (1) language parameter to register.php, (2) change email feature in profile.php, (3) posts or (4) topics parameter to moderate.php.... Read more

    Affected Products : punbb
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-0530

    Signedness error in the copy_from_read_buf function in n_tty.c for Linux kernel 2.6.10 and 2.6.11rc1 allows local users to read kernel memory via a negative argument.... Read more

    Affected Products : linux_kernel
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-0378

    Multiple cross-site scripting (XSS) vulnerabilities in Horde 3.0 allow remote attackers to inject arbitrary web script or HTML via the (1) group parameter to prefs.php or (2) url parameter to index.php.... Read more

    Affected Products : horde
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-0425

    Unknown vulnerability in IBM Websphere Application Server 5.0, 5.1, and 6.0 when running on Windows, allows remote attackers to obtain the source code for Java Server Pages (.jsp) via a crafted URL that causes the page to be processed by the file serving ... Read more

    Affected Products : websphere_application_server
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-0526

    Multiple cross-site scripting (XSS) vulnerabilities in PBLang 4.65 allow remote attackers to inject arbitrary web script or HTML via (1) the search string to search.php, (2) the subject of a PM, which is processed by pm.php, or (3) the body of a PM, which... Read more

    Affected Products : pblang
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-0568

    Soldier of Fortune II 1.03 gold allows remote attackers to cause a denial of service (application crash) via a large cl_guid value, which results in an invalid pointer dereference.... Read more

    Affected Products : soldier_of_fortune_2
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-0817

    Unknown vulnerability in the DNSd proxy, as used in Symantec Gateway Security 5400 2.x and 5300 1.x, Enterprise Firewall 7.0.x and 8.x, and VelociRaptor 1100/1200/1300 1.5, allows remote attackers to poison the DNS cache and redirect users to malicious si... Read more

    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-0390

    Buffer overflow in the HTTP redirection capability in conn.c for Axel before 1.0b may allow remote attackers to execute arbitrary code.... Read more

    Affected Products : axel axel
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-0533

    Heap-based buffer overflow in Trend Micro AntiVirus Library VSAPI before 7.510, as used in multiple Trend Micro products, allows remote attackers to execute arbitrary code via a crafted ARJ file with long header file names that modify pointers within a st... Read more

    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-0660

    Multiple cross-site scripting (XSS) vulnerabilities in D-Forum 1.11 allows remote attackers to inject arbitrary web script or HTML via certain fields, as demonstrated using the page parameter in nav.php3.... Read more

    Affected Products : d-forum
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025
Showing 20 of 294289 Results