Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.6

    MEDIUM
    CVE-2004-1861

    Invision NetSupport School Pro uses a weak encryption algorithm to encrypt passwords, which allows local users to obtain passwords.... Read more

    Affected Products : netsupport_school
    • EPSS Score: %0.08
    • Published: Mar. 25, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-1868

    Stack-based buffer overflow in WinSig.exe in eSignal 7.5 and 7.6 allows remote attackers to execute arbitrary code via a long STREAMQUOTE tag.... Read more

    Affected Products : esignal
    • EPSS Score: %23.30
    • Published: Mar. 25, 2004
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2004-1849

    Multiple cross-site scripting (XSS) vulnerabilities in cPanel 9.1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) email parameter to dodelautores.html or (2) handle parameter to addhandle.html.... Read more

    Affected Products : cpanel
    • EPSS Score: %0.68
    • Published: Mar. 24, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-1854

    Buffer overflow in the logging function in Picophone 1.63 and earlier allows remote attackers to execute arbitrary code via a large packet.... Read more

    Affected Products : internet_telephone
    • EPSS Score: %22.73
    • Published: Mar. 24, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-1859

    Directory traversal vulnerability in Trend Micro Interscan Web Viruswall in InterScan VirusWall 3.5x allows remote attackers to read arbitrary files via a .. (dot dot) in the URL.... Read more

    • EPSS Score: %14.67
    • Published: Mar. 24, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-1856

    devices_update_printer_fw_upload.hts in HP Web JetAdmin 7.5.2546, when no password is set, allows remote attackers to upload arbitrary files to the printer directory.... Read more

    Affected Products : web_jetadmin
    • EPSS Score: %21.67
    • Published: Mar. 24, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-2037

    Buffer overflow in Mollensoft Lightweight FTP Server 3.6 allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a long CWD command, as demonstrated in one example by using the "cd" command in an inte... Read more

    Affected Products : lightweight_ftp_server
    • EPSS Score: %22.70
    • Published: Mar. 24, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-1857

    Directory traversal vulnerability in setinfo.hts in HP Web Jetadmin 7.5.2546 allows remote authenticated attackers to read arbitrary files via a .. (dot dot) in the setinclude parameter.... Read more

    Affected Products : web_jetadmin
    • EPSS Score: %78.04
    • Published: Mar. 24, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-1851

    Dameware Mini Remote Control 4.1.0.0 uses insufficiently random data to create the encryption key, which makes it easier for remote attackers to obtain sensitive information via brute force guessing.... Read more

    Affected Products : mini_remote_control_server
    • EPSS Score: %0.77
    • Published: Mar. 24, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-1850

    The Rage 1.01 and earlier allows remote attackers to cause a denial of service (infinite loop) via a TCP packet with the port and IP address set to zero.... Read more

    Affected Products : the_rage
    • EPSS Score: %1.13
    • Published: Mar. 23, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-1855

    Dark Age of Camelot before 1.68 live patch does not sign the RSA public key, which could allow remote malicious servers to gain sensitive information via a man-in-the-middle attack.... Read more

    Affected Products : dark_age_of_camelot
    • EPSS Score: %3.79
    • Published: Mar. 23, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-1852

    DameWare Mini Remote Control 3.x before 3.74 and 4.x before 4.2 transmits the Blowfish encryption key in plaintext, which allows remote attackers to gain sensitive information.... Read more

    Affected Products : dameware_mini_remote_control
    • EPSS Score: %0.26
    • Published: Mar. 23, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-1884

    Ipswitch WS_FTP Server 4.0.2 has a backdoor XXSESS_MGRYY username with a default password, which allows remote attackers to gain access.... Read more

    Affected Products : ws_ftp_pro ws_ftp_server ws_ftp_server
    • EPSS Score: %0.30
    • Published: Mar. 23, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-1838

    Directory traversal vulnerability in xweb 1.0 allows remote attackers to download arbitrary files via a .. (dot dot) in the URL.... Read more

    Affected Products : xweb
    • EPSS Score: %12.87
    • Published: Mar. 22, 2004
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2004-1840

    Multiple cross-site scripting (XSS) vulnerabilities in MS Analysis module 2.0 for PHP-Nuke allows remote attackers to inject arbitrary web script or HTML via the (1) screen parameter to modules.php, (2) module_name parameter to title.php, (3) sortby param... Read more

    Affected Products : php-nuke
    • EPSS Score: %0.02
    • Published: Mar. 22, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-1839

    MS Analysis module 2.0 for PHP-Nuke allows remote attackers to obtain sensitive information via a direct request to (1) browsers.php, (2) mstrack.php, or (3) title.php, which reveal the full path in a PHP error message.... Read more

    Affected Products : php-nuke
    • EPSS Score: %0.02
    • Published: Mar. 22, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-1847

    News Manager Lite 2.5 allows remote attackers to bypass authentication and gain administrator privileges by setting the ADMIN parameter in the NEWS_LOGIN cookie.... Read more

    Affected Products : news_manager_lite
    • EPSS Score: %5.35
    • Published: Mar. 20, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-1843

    SQL injection vulnerability in Member Management System 2.1 allows remote attackers to execute arbitrary SQL via the ID parameter to (1) resend.asp or (2) news_view.asp.... Read more

    Affected Products : member_management_system
    • EPSS Score: %0.67
    • Published: Mar. 20, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-1833

    The admin.ib file in Borland Interbase 7.1 for Linux has default world writable permissions, which allows local users to gain database administrative privileges.... Read more

    Affected Products : interbase
    • EPSS Score: %0.43
    • Published: Mar. 20, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-1846

    Multiple SQL injection vulnerabilities in News Manager Lite 2.5 allow remote attackers to execute arbitrary SQL code via the (1) ID parameter to more.asp, (2) ID parameter to category_news.asp, or (3) filter parameter to news_sort.asp.... Read more

    Affected Products : news_manager_lite
    • EPSS Score: %1.78
    • Published: Mar. 20, 2004
    • Modified: Apr. 03, 2025
Showing 20 of 291275 Results