Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2004-1271

    Buffer overflow in the dxfin function in d.c for dxfscope 0.2 allows remote attackers to execute arbitrary code via a crafted DXF file.... Read more

    Affected Products : dxf_file_format_viewer
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-1256

    Multiple buffer overflows in the (1) event_text and (2) event_specific functions in abc2midi 2004.12.04 allow remote attackers to execute arbitrary code via crafted ABC files.... Read more

    Affected Products : abcmidi
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2004-1138

    VIM before 6.3 and gVim before 6.3 allow local users to execute arbitrary commands via a file containing a crafted modeline that is executed when the file is viewed using options such as (1) termcap, (2) printdevice, (3) titleold, (4) filetype, (5) syntax... Read more

    Affected Products : enterprise_linux vim
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-1199

    Safari 1.2.4 on Mac OS X 10.3.6 allows remote attackers to cause a denial of service (application crash from memory exhaustion), as demonstrated using Javascript code that continuously creates nested arrays and then sorts the newly created arrays.... Read more

    Affected Products : safari
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-1233

    Integer overflow in Gadu-Gadu allows remote attackers to cause a denial of service (disk consumption) via a user packet to the DCC file transfer capability with an invalid file length.... Read more

    Affected Products : gadu-gadu_instant_messenger
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 6.8

    MEDIUM
    CVE-2004-1106

    Cross-site scripting (XSS) vulnerability in Gallery 1.4.4-pl3 and earlier allows remote attackers to execute arbitrary web script or HTML via "specially formed URLs," possibly via the include parameter in index.php.... Read more

    Affected Products : gallery linux
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-1137

    Multiple vulnerabilities in the IGMP functionality for Linux kernel 2.4.22 to 2.4.28, and 2.6.x to 2.6.9, allow local and remote attackers to cause a denial of service or execute arbitrary code via (1) the ip_mc_source function, which decrements a counter... Read more

    Affected Products : linux_kernel ubuntu_linux
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-1022

    Kerio Winroute Firewall before 6.0.7, ServerFirewall before 1.0.1, and MailServer before 6.0.5 use symmetric encryption for user passwords, which allows attackers to decrypt the user database and obtain the passwords by extracting the secret key from with... Read more

    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-1314

    Safari 1.x allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window i... Read more

    Affected Products : safari
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-1295

    The slip_down function in slip.c for the uml_net program in uml-utilities 20030903, when uml_net is installed setuid root, does not verify whether the calling user has sufficient permission to disable an interface, which allows local users to cause a deni... Read more

    Affected Products : uml-utilities
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-1260

    Multiple buffer overflows in the (1) write_heading function in subs.cpp or (2) trim_title function in parse.cpp for abctab2ps 1.6.3 allow remote attackers to execute arbitrary code via crafted ABC files.... Read more

    Affected Products : abctab2ps
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-1283

    Buffer overflow in the Mesh::type method in mesh.c for the mview program in Mesh Viewer 0.2.2 allows remote attackers to execute arbitrary code via crafted mesh files.... Read more

    Affected Products : mesh_viewer
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-1276

    IglooFTP 0.6.1, when recursively uploading a directory, allows local users to overwrite the files that are being uploaded by creating temporary files with names generated by the tmpnam function, before the files are opened by IglooFTP.... Read more

    Affected Products : iglooftp
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-1273

    Buffer overflow in the DownloadLoop function in main.c for greed 0.81p allows remote attackers to execute arbitrary code via a GRX file containing a long filename.... Read more

    Affected Products : greed
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-1280

    The gui_popup_view_fly function in gui_tview_popup.c for junkie 0.3.1 allows remote malicious FTP servers to execute arbitrary commands via shell metacharacters in a filename.... Read more

    Affected Products : junkie_ftp_client
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-1268

    lppasswd in CUPS 1.1.22 ignores write errors when modifying the CUPS passwd file, which allows local users to corrupt the file by filling the associated file system and triggering the write errors.... Read more

    Affected Products : cups fedora_core
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-1265

    Buffer overflow in the readObjectChunk function in 3dsimp.cpp for the convex-tool program in Convex 3D 0.8pre1 allows remote attackers to execute arbitrary code via a crafted 3DS file.... Read more

    Affected Products : convex_3d
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2004-1263

    changepassword.cgi in ChangePassword 0.8, when installed setuid, allows local users to execute arbitrary code by modifying the PATH environment variable to point to a malicious "make" program.... Read more

    Affected Products : changepassword
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-1148

    phpMyAdmin before 2.6.1, when configured with UploadDir functionality, allows remote attackers to read arbitrary files via the sql_localfile parameter.... Read more

    Affected Products : phpmyadmin
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-1111

    Cisco IOS 2.2(18)EW, 12.2(18)EWA, 12.2(14)SZ, 12.2(18)S, 12.2(18)SE, 12.2(18)SV, 12.2(18)SW, and other versions without the "no service dhcp" command, keep undeliverable DHCP packets in the queue instead of dropping them, which allows remote attackers to ... Read more

    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025
Showing 20 of 293608 Results