Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2005-0333

    LANChat Pro Revival 1.666c allows remote attackers to cause a denial of service (application crash) via a malformed UDP packet.... Read more

    Affected Products : lanchat_pro_revival
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-0377

    SQL injection vulnerability in imageview.php for SGallery 1.01 allows remote attackers to execute arbitrary SQL commands via the (1) idalbum or (2) idimage parameters.... Read more

    Affected Products : sgallery
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-0334

    Linksys PSUS4 running firmware 6032 allows remote attackers to cause a denial of service (device crash) via an HTTP POST request containing an unknown parameter without a value.... Read more

    Affected Products : psus4_printserver
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-0895

    Netcomm 1300NB DSL Modem allows remote attackers to cause a denial of service (device hang) via a large number of ping packets.... Read more

    Affected Products : nb1300
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-0864

    The Boa web server, as used in Samsung ADSL Modem SMDK8947v1.2 and possibly other products, allows remote attackers to read arbitrary files via a full pathname in the HTTP request.... Read more

    Affected Products : samsung_adsl_modem
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-1076

    Cross-site scripting (XSS) vulnerability in the discussion board functionality for WebCT Campus Edition 4.1 allows remote attackers to inject arbitrary web script or HTML via the message field.... Read more

    Affected Products : webct
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-0909

    PHP remote file inclusion vulnerability in shoutact.php for TKai's Shoutbox allows remote attackers to execute arbitrary PHP code via the query parameter.... Read more

    Affected Products : tkais_shoutbox
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-0463

    Unknown "major security flaws" in Ulog-php before 1.0, related to input validation, have unknown impact and attack vectors, probably related to SQL injection vulnerabilities in (1) host.php, (2) port.php, and (3) index.php.... Read more

    Affected Products : ulog-php
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1197

    SQL injection vulnerability in the SYS.DBMS_CDC_IPUBLISH.CREATE_SCN_CHANGE_SET procedure in Oracle Database Server 10g allows remote attackers to execute arbitrary SQL commands via the CHANGE_SET_NAME parameter.... Read more

    Affected Products : database_server
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-0979

    Multiple buffer overflows in RUMBA 7.3 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via crafted values in a profile file, as demonstrated using a long SysName field.... Read more

    Affected Products : rumba
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-1165

    Yager 5.24 and earlier allows remote attackers to cause a denial of service (application crash) via certain malformed data.... Read more

    Affected Products : yager_game
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-1352

    Cross-site scripting (XSS) vulnerability in the ad.cgi script allows remote attackers to inject arbitrary web script or HTML via the argument.... Read more

    Affected Products : ad.cgi
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1084

    SQL injection vulnerability in sdating.php in aeDating 3.2 allows remote attackers to execute arbitrary SQL commands files via the event parameter.... Read more

    Affected Products : aedating
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1048

    SQL injection vulnerability in modules.php in PostNuke 0.760 RC3 allows remote attackers to execute arbitrary SQL statements via the sid parameter. NOTE: the vendor reports that they could not reproduce the issues for 760 RC3, or for .750.... Read more

    Affected Products : postnuke
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1358

    text.cgi script allows remote attackers to execute arbitrary commands via shell metacharacters in the argument.... Read more

    Affected Products : text.cgi
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-1063

    The administration protocol for Kerio WinRoute Firewall 6.x up to 6.0.10, Personal Firewall 4.x up to 4.1.2, and MailServer up to 6.0.8 allows remote attackers to cause a denial of service (CPU consumption) via certain attacks that force the product to "c... Read more

    • Published: Apr. 29, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-0415

    Multiple memory leaks in the MQL parser in Emdros before 1.1.22 allow remote attackers to cause a denial of service (memory consumption) via malformed MQL statements.... Read more

    Affected Products : emdros_database_engine
    • Published: Apr. 27, 2005
    • Modified: Apr. 03, 2025

  • 5.8

    MEDIUM
    CVE-2005-0420

    Microsoft Outlook Web Access (OWA), when used with Exchange, allows remote attackers to redirect users to arbitrary URLs for login via a link to the owalogon.asp application.... Read more

    Affected Products : exchange_server
    • Published: Apr. 27, 2005
    • Modified: Apr. 03, 2025

  • 6.8

    MEDIUM
    CVE-2005-0085

    Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message.... Read more

    • Published: Apr. 27, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-1488

    wget 1.8.x and 1.9.x does not filter or quote control characters when displaying HTTP responses to the terminal, which may allow remote malicious web servers to inject terminal escape sequences and execute arbitrary code.... Read more

    Affected Products : wget
    • Published: Apr. 27, 2005
    • Modified: Apr. 03, 2025
Showing 20 of 294071 Results