Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2004-1933

    Citadel/UX 5.00 through 6.14 installs the database directory and files with world-read permissions, which could allow local users to bypass access controls and read unauthorized messages.... Read more

    Affected Products : ux
    • EPSS Score: %0.07
    • Published: Apr. 12, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-1925

    Multiple SQL injection vulnerabilities in Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allow remote attackers to execute arbitrary SQL commands via the sort_mode parameter in (1) tiki-usermenu.php, (2) tiki-list_file_gallery.php, (3) tiki-directory_ran... Read more

    Affected Products : tikiwiki_cms\/groupware
    • EPSS Score: %0.42
    • Published: Apr. 12, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-1060

    Multiple TCP/IP and ICMP implementations, when using Path MTU (PMTU) discovery (PMTUD), allow remote attackers to cause a denial of service (network throughput reduction for TCP connections) via forged ICMP ("Fragmentation Needed and Don't Fragment was Se... Read more

    Affected Products : tcp icmp
    • EPSS Score: %59.91
    • Published: Apr. 12, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-1928

    The image upload feature in Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allows remote attackers to upload and possibly execute arbitrary files via the img/wiki_up URL.... Read more

    Affected Products : tikiwiki_cms\/groupware
    • EPSS Score: %6.84
    • Published: Apr. 12, 2004
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2004-1930

    Cross-site scripting (XSS) vulnerability in the cookiedecode function in mainfile.php for PHP-Nuke 6.x through 7.2, when themes are used, allows remote attackers to inject arbitrary web script or HTML via a base64-encoded user parameter or cookie.... Read more

    Affected Products : php-nuke
    • EPSS Score: %0.17
    • Published: Apr. 12, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-1932

    SQL injection vulnerability in (1) auth.php and (2) admin.php in PHP-Nuke 6.x through 7.2 allows remote attackers to execute arbitrary SQL code and create an administrator account via base64-encoded SQL in the admin parameter.... Read more

    Affected Products : php-nuke
    • EPSS Score: %0.02
    • Published: Apr. 12, 2004
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2004-1922

    Microsoft Internet Explorer 5.5 and 6.0 allocates memory based on the memory size written in the BMP file instead of the actual BMP file size, which allows remote attackers to cause a denial of service (memory consumption) via a small BMP file with has a ... Read more

    Affected Products : internet_explorer
    • EPSS Score: %5.10
    • Published: Apr. 11, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-1923

    Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allows remote attackers to gain sensitive information via a direct request to (1) banner_click.php, (2) categorize.php, (3) tiki-admin_include_directory.php, (4) tiki-directory_search.php, which reveal the w... Read more

    Affected Products : tikiwiki_cms\/groupware
    • EPSS Score: %6.16
    • Published: Apr. 11, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-1927

    Directory traversal vulnerability in the map feature (tiki-map.phtml) in Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allows remote attackers to determine the existence of arbitrary files via .. (dot dot) sequences in the mapfile parameter.... Read more

    Affected Products : tikiwiki_cms\/groupware
    • EPSS Score: %4.58
    • Published: Apr. 11, 2004
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2004-1924

    Multiple cross-site scripting (XSS) vulnerabilities in Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allow remote attackers to inject arbitrary web script or HTML via via the (1) theme parameter to tiki-switch_theme.php, (2) find and priority parameters... Read more

    Affected Products : tikiwiki_cms\/groupware
    • EPSS Score: %0.49
    • Published: Apr. 11, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-1926

    Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allows remote attackers to inject arbitrary code via the (1) Theme, (2) Country, (3) Real Name, or (4) Displayed time zone fields in a User Profile, or the (5) Name, (6) Description, (7) URL, or (8) Country ... Read more

    Affected Products : tikiwiki_cms\/groupware
    • EPSS Score: %3.83
    • Published: Apr. 11, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-1921

    X-Micro WLAN 11b Broadband Router 1.6.0.1 has a hardcoded "1502" username and password, which could allow remote attackers to gain access.... Read more

    • EPSS Score: %1.09
    • Published: Apr. 10, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-1920

    X-Micro WLAN 11b Broadband Router 1.2.2, 1.2.2.3, 1.2.2.4, and 1.6.0.0 has a hardcoded "super" username and password, which could allow remote attackers to gain access.... Read more

    • EPSS Score: %0.90
    • Published: Apr. 10, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-1918

    RSniff 1.0 allows remote attackers to cause a denial of service (connection exhaustion) via a large number of connections with a command other than AUTHENTICATE, or without any data, which prevents the socket from being closed properly.... Read more

    Affected Products : rsniff
    • EPSS Score: %0.91
    • Published: Apr. 09, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-1919

    The hash_strcmp function in hasch.c in Crackalaka 1.0.8 allows remote attackers to cause a denial of service (crash) via large malformed strings.... Read more

    Affected Products : crackalaka
    • EPSS Score: %4.89
    • Published: Apr. 09, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-1917

    Format string vulnerability in test_func_func in LCDProc 0.4.1 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the str variable.... Read more

    Affected Products : lcdproc
    • EPSS Score: %4.94
    • Published: Apr. 08, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-1915

    Buffer overflow in the parse_all_client_messages function in LCDproc 0.4.x up to 0.4.4 allows remote attackers to execute arbitrary code via a large number of arguments.... Read more

    Affected Products : lcdproc
    • EPSS Score: %27.82
    • Published: Apr. 08, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-1916

    Multiple buffer overflows in LCDProc 0.4.1, and possibly other 0.4.x versions up to 0.4.4, allows remote attackers to execute arbitrary code via (1) a long invalid command to parse_all_client_messages function, or (2) long argv command to test_func_func f... Read more

    Affected Products : lcdproc
    • EPSS Score: %8.03
    • Published: Apr. 08, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-1357

    The Secure Shell (SSH) Daemon (SSHD) in Sun Solaris 9 does not properly log IP addresses when SSHD is configured with the ListenAddress as 0.0.0.0, which makes it easier for remote attackers to hide the source of their activities.... Read more

    Affected Products : solaris
    • EPSS Score: %4.98
    • Published: Apr. 07, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-1986

    Directory traversal vulnerability in modules.php in Coppermine Photo Gallery 1.2.2b and 1.2.0 RC4 allows remote attackers with administrative privileges to read arbitrary files via a .. (dot dot) in the startdir parameter.... Read more

    Affected Products : php-nuke coppermine_photo_gallery
    • EPSS Score: %0.11
    • Published: Apr. 04, 2004
    • Modified: Apr. 03, 2025
Showing 20 of 291269 Results