Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2004-1870

    Multiple SQL injection vulnerabilities in PhotoPost PHP Pro 4.6.x and earlier allow remote attackers to gain users' passwords via the (1) photo parameter to addfav.php, (2) photo parameter to comments.php, (3) credit parameter to comments.php, (4) cat par... Read more

    Affected Products : photopost_php_pro
    • EPSS Score: %0.78
    • Published: Mar. 29, 2004
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2004-1872

    Cross-site scripting (XSS) vulnerability in WebCT Campus Edition 4.1.1.5 allows remote attackers to inject arbitrary web script or HTML via the @import URL function in a CSS style tag.... Read more

    Affected Products : webct
    • EPSS Score: %0.42
    • Published: Mar. 29, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0993

    mod_access in Apache 1.3 before 1.3.30, when running big-endian 64-bit platforms, does not properly parse Allow/Deny rules using IP addresses without a netmask, which could allow remote attackers to bypass intended access restrictions.... Read more

    Affected Products : http_server
    • EPSS Score: %13.90
    • Published: Mar. 29, 2004
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2004-0126

    The jail_attach system call in FreeBSD 5.1 and 5.2 changes the directory of a calling process even if the process doesn't have permission to change directory, which allows local users to gain read/write privileges to files and directories within another j... Read more

    Affected Products : freebsd
    • EPSS Score: %0.07
    • Published: Mar. 29, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2003-1009

    Directory Services in Apple Mac OS X 10.0.2, 10.0.3, 10.2.8, 10.3.2 and Apple Mac OS X Server 10.2 through 10.3.2 accepts authentication server information from unknown LDAP or NetInfo sources as provided by a malicious DHCP server, which allows remote at... Read more

    Affected Products : mac_os_x mac_os_x_server
    • EPSS Score: %1.08
    • Published: Mar. 29, 2004
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2003-1010

    Unknown vulnerability in fs_usage in Mac OS X 10.2.8 and 10.3.2 and Mac OS X Server 10.2.8 and 10.3.2 allows local users to gain privileges via unknown attack vectors.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • EPSS Score: %0.07
    • Published: Mar. 29, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0444

    Heap-based buffer overflow in GTKSee 0.5 and 0.5.1 allows remote attackers to execute arbitrary code via a PNG image of certain color depths.... Read more

    Affected Products : gtksee
    • EPSS Score: %3.42
    • Published: Mar. 29, 2004
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2004-0160

    Synaesthesia 2.2 and earlier allows local users to execute arbitrary code via a symlink attack on the configuration file.... Read more

    Affected Products : synaesthesia
    • EPSS Score: %0.05
    • Published: Mar. 29, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0194

    Stack-based buffer overflow in the OutputDebugString function for Adobe Acrobat Reader 5.1 allows remote attackers to execute arbitrary code via a PDF document with XML Forms Data Format (XFDF) data.... Read more

    Affected Products : acrobat_reader
    • EPSS Score: %18.00
    • Published: Mar. 29, 2004
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2003-1008

    Unknown vulnerability in Mac OS X 10.2.8 and 10.3.2 allows local users to bypass the screen saver login window and write a text clipping to the desktop or another application.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • EPSS Score: %0.07
    • Published: Mar. 29, 2004
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2003-0607

    Buffer overflow in xconq 7.4.1 allows local users to become part of the "games" group via the (1) USER or (2) DISPLAY environment variables.... Read more

    Affected Products : xconq
    • EPSS Score: %0.08
    • Published: Mar. 29, 2004
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-1006

    Buffer overflow in cd9660.util in Apple Mac OS X 10.0 through 10.3.2 and Apple Mac OS X Server 10.0 through 10.3.2 may allow local users to execute arbitrary code via a long command line parameter.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • EPSS Score: %0.35
    • Published: Mar. 29, 2004
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2003-0828

    Buffer overflow in freesweep in Debian GNU/Linux 3.0 allows local users to gain "games" group privileges when processing environment variables.... Read more

    Affected Products : freesweep
    • EPSS Score: %0.08
    • Published: Mar. 29, 2004
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2004-0158

    Buffer overflow in lbreakout2 allows local users to gain 'games' group privileges via a large HOME environment variable to (1) editor.c, (2) theme.c, (3) manager.c, (4) config.c, (5) game.c, (6) levels.c, or (7) main.c.... Read more

    Affected Products : lbreakout2
    • EPSS Score: %0.26
    • Published: Mar. 29, 2004
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2004-1871

    Multiple cross-site scripting (XSS) vulnerabilities in PhotoPost PHP Pro 4.6.x and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) ppuser, (2) password, (3) stype, (4) perpage, (5) sort, (6) page, (7) si, or (8) cat param... Read more

    Affected Products : photopost_php_pro
    • EPSS Score: %10.68
    • Published: Mar. 29, 2004
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2004-1862

    Multiple cross-site scripting (XSS) vulnerabilities in Extreme Messageboard (XMB) 1.8 SP3 and 1.9 beta allow remote attackers to inject arbitrary web script or HTML via the (1) xmbuser parameter to xmb.php, (2) folder parameter to u2u.php, (3) viewmost, r... Read more

    Affected Products : xmb
    • EPSS Score: %1.56
    • Published: Mar. 26, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-1864

    SQL injection vulnerability in Extreme Messageboard (XMB) 1.9 beta allows remote attackers to execute arbitrary SQL commands via the restrict parameter to (1) member.php, (2) misc.php, or (3) today.php.... Read more

    Affected Products : xmb
    • EPSS Score: %1.24
    • Published: Mar. 26, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-1866

    nstxd in Nstx 1.1 beta3 and earlier allows remote attackers to cause a denial of service (crash) via a large packet, which triggers a null dereference.... Read more

    Affected Products : ip_over_dns_utility
    • EPSS Score: %7.05
    • Published: Mar. 26, 2004
    • Modified: Apr. 03, 2025

  • 4.8

    MEDIUM
    CVE-2004-1865

    Cross-site scripting (XSS) vulnerability in the administration panel in bBlog 0.7.2 allows remote authenticated users with superuser privileges to inject arbitrary web script or HTML via a blog name ($blogname). NOTE: if administrators are normally allow... Read more

    Affected Products : bblog
    • EPSS Score: %0.42
    • Published: Mar. 26, 2004
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2004-1861

    Invision NetSupport School Pro uses a weak encryption algorithm to encrypt passwords, which allows local users to obtain passwords.... Read more

    Affected Products : netsupport_school
    • EPSS Score: %0.08
    • Published: Mar. 25, 2004
    • Modified: Apr. 03, 2025
Showing 20 of 291274 Results