Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.6

    MEDIUM
    CVE-2004-1365

    Extproc in Oracle 9i and 10g does not require authentication to load a library or execute a function, which allows local users to execute arbitrary commands as the Oracle user.... Read more

    • EPSS Score: %0.40
    • Published: Aug. 04, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-1706

    The U.S. Robotics USR808054 wireless access point allows remote attackers to cause a denial of service (device crash) and possibly execute arbitrary code via an HTTP GET request with a long version string.... Read more

    Affected Products : usr808054
    • EPSS Score: %2.96
    • Published: Aug. 02, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-1708

    Webbsyte Chat 0.9.0 allows remote attackers to cause a denial of service (crash) via a large number of connections.... Read more

    Affected Products : webbsyte_chat
    • EPSS Score: %0.65
    • Published: Aug. 02, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-1704

    WpQuiz 2.60b1 through 2.60b8 allows remote attackers to gain privileges via a direct request to adminrestore.php in the extras directory.... Read more

    Affected Products : wpquiz
    • EPSS Score: %0.72
    • Published: Jul. 30, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-1705

    Buffer overflow in Citadel/UX 6.23 and earlier allows remote attackers to cause a denial of service via a long username.... Read more

    Affected Products : ux
    • EPSS Score: %24.08
    • Published: Jul. 30, 2004
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2004-1707

    The (1) dbsnmp and (2) nmo programs in Oracle 8i, Oracle 9i, and Oracle IAS 9.0.2.0.1, on Unix systems, use a default path to find and execute library files while operating at raised privileges, which allows certain Oracle user accounts to gain root privi... Read more

    • EPSS Score: %12.30
    • Published: Jul. 30, 2004
    • Modified: Apr. 03, 2025

  • 8.8

    HIGH
    CVE-2004-1703

    Fusion News 3.6.1 allows remote attackers to add user accounts, if the administrator is logged in, via a comment that contains an img bbcode tag that calls index.php with the signup action, which is executed when the administrator's browser loads the page... Read more

    Affected Products : fusion_news
    • EPSS Score: %0.57
    • Published: Jul. 30, 2004
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2004-2064

    Cross-site scripting (XSS) vulnerability in lostBook 1.1 and earlier allows remote attackers to inject arbitrary web script via the (1) Email or (2) Website fields.... Read more

    Affected Products : lostbook
    • EPSS Score: %0.68
    • Published: Jul. 29, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-2066

    SQL injection vulnerability in session.php in LinPHA 0.9.4 allows remote attackers to execute arbitrary SQL code and bypass authentication via the (1) linpha_userid or (2) linpha_password cookies.... Read more

    Affected Products : linpha
    • EPSS Score: %0.97
    • Published: Jul. 29, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-2067

    SQL injection vulnerability in controlpanel.php in Jaws Framework and Content Management System 0.4 allows remote attackers to execute arbitrary SQL and bypass authentication via the (1) user, (2) password, or (3) crypted_password parameters.... Read more

    Affected Products : jaws
    • EPSS Score: %1.91
    • Published: Jul. 29, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0736

    The search module in Php-Nuke allows remote attackers to gain sensitive information via the (1) "**" or (2) "+" search patterns, which reveals the path in an error message.... Read more

    Affected Products : php-nuke
    • EPSS Score: %0.02
    • Published: Jul. 27, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0718

    The (1) Mozilla 1.6, (2) Firebird 0.7, (3) Firefox 0.8, and (4) Netscape 7.1 web browsers do not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attac... Read more

    Affected Products : mozilla navigator firebird
    • EPSS Score: %1.91
    • Published: Jul. 27, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-0600

    Buffer overflow in the Samba Web Administration Tool (SWAT) in Samba 3.0.2 to 3.0.4 allows remote attackers to execute arbitrary code via an invalid base-64 character during HTTP basic authentication.... Read more

    Affected Products : samba secure_linux
    • EPSS Score: %59.61
    • Published: Jul. 27, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0702

    DBI in Bugzilla 2.17.1 through 2.17.7 displays the database password in an error message when the SQL server is not running, which could allow remote attackers to gain sensitive information.... Read more

    Affected Products : bugzilla
    • EPSS Score: %0.39
    • Published: Jul. 27, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0720

    Safari 1.2.2 does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability.... Read more

    Affected Products : safari
    • EPSS Score: %0.53
    • Published: Jul. 27, 2004
    • Modified: Apr. 03, 2025

  • 6.8

    MEDIUM
    CVE-2004-0730

    Multiple cross-site scripting (XSS) vulnerabilities in PhpBB 2.0.8 allow remote attackers to inject arbitrary web script or HTML via (1) the cat_title parameter in index.php, (2) the faq[0][0] parameter in lang_faq.php as accessible from faq.php, or (3) t... Read more

    Affected Products : phpbb
    • EPSS Score: %1.63
    • Published: Jul. 27, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0735

    Buffer overflow in Medal of Honor (1) Allied Assault 1.11v9 and earlier, (2) Breakthrough 2.40b and earlier, and (3) Spearhead 2.15 and earlier, when playing on a Local Area Network (LAN), allows remote attackers to execute arbitrary code via vectors such... Read more

    Affected Products : medal_of_honor_allied_assault
    • EPSS Score: %74.36
    • Published: Jul. 27, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0707

    SQL injection vulnerability in editusers.cgi in Bugzilla 2.16.x before 2.16.6, and 2.18 before 2.18rc1, allows remote attackers with privileges to grant membership to any group to execute arbitrary SQL.... Read more

    Affected Products : bugzilla
    • EPSS Score: %0.50
    • Published: Jul. 27, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0734

    Web_Store.cgi allows remote attackers to execute arbitrary commands via shell metacharacters in the page parameter.... Read more

    Affected Products : extropia_webstore
    • EPSS Score: %10.25
    • Published: Jul. 27, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0717

    Opera 7.51 for Windows and 7.50 for Linux does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability.... Read more

    Affected Products : linux_kernel opera_browser windows
    • EPSS Score: %0.62
    • Published: Jul. 27, 2004
    • Modified: Apr. 03, 2025
Showing 20 of 291659 Results