Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2005-1242

    Directory traversal vulnerability in the third party tool from Bsafe, as used to secure the iSeries AS/400 FTP server, allows remote attackers to access arbitrary files, including those from qsys.lib, via ".." sequences in a GET request.... Read more

    Affected Products : global_security
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-0704

    Buffer overflow in the Etheric dissector in Ethereal 0.10.7 through 0.10.9 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code.... Read more

    Affected Products : enterprise_linux ethereal
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2005-0707

    Buffer overflow in the IMAP daemon (IMAP4d32.exe) for Ipswitch Collaboration Suite (ICS) before 8.15 Hotfix 1 allows remote authenticated users to execute arbitrary code via a long EXAMINE command.... Read more

    Affected Products : ipswitch_collaboration_suite
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-0459

    phpMyAdmin 2.6.2-dev, and possibly earlier versions, allows remote attackers to determine the full path of the web root via a direct request to select_lang.lib.php, which reveals the path in a PHP error message.... Read more

    Affected Products : phpmyadmin
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1302

    SQL injection vulnerability in Confixx 3.08 and earlier allows remote attackers to execute arbitrary SQL commands via the "change user" field.... Read more

    Affected Products : confixx
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2005-1286

    Unquoted Windows search path vulnerability in BitDefender 8 allows local users to prevent BitDefender from starting by creating a malicious C:\program.exe, possibly due to the lack of quoting of the full pathname when executing a process.... Read more

    Affected Products : bitdefender_antivirus
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-2005-1187

    Heap-based buffer overflow in WinHex 12.05 SR-14, and possibly other versions, may allow attackers to execute arbitrary code via a long file name argument. NOTE: since this overflow is in the command line of an unprivileged program, it is highly likely t... Read more

    Affected Products : winhex
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-1132

    LG U8120 mobile phone allows remote attackers to cause a denial of service (device crash) via a malformed MIDI file.... Read more

    Affected Products : lg_mobile_phone
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-1183

    Cross-site scripting (XSS) vulnerability in mvnForum 1.0 RC4 allows remote attackers to inject arbitrary web script or HTML via the Search parameter.... Read more

    Affected Products : mvnforum
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-1129

    eGroupWare 1.0.6 and earlier, when an e-mail is composed with an attachment but not sent, will send that attachment in the next e-mail, which may cause sensitive information to be sent to the wrong recipient.... Read more

    Affected Products : egroupware
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1237

    SQL injection vulnerability in news.php in FlexPHPNews 0.0.3 allows remote attackers to execute arbitrary SQL commands via the newsid parameter.... Read more

    Affected Products : flexphpnews
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1226

    Coppermine Photo Gallery 1.3.2 stores passwords in plaintext, which allows remote attackers to obtain sensitive information.... Read more

    Affected Products : coppermine_photo_gallery
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-1133

    The POP3 server in IBM iSeries AS/400 returns different error messages when the user exists or not, which allows remote attackers to determine valid user IDs on the server.... Read more

    Affected Products : iseries_as_400
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-1353

    The forum.pl script allows remote attackers to read arbitrary files via a full pathname in the argument.... Read more

    Affected Products : forum.pl
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2005-1131

    Unknown vulnerability in Veritas i3 Focalpoint Server 7.1 and earlier has unknown attack vectors and unknown but "critical" impact.... Read more

    Affected Products : i3_focalpoint_server
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-1116

    Cross-site scripting (XSS) vulnerability in the Calendar module for phpBB allow remote attackers to inject arbitrary web script or HTML via the start parameter to calendar_scheduler.php.... Read more

    Affected Products : phpbb
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-1080

    Directory traversal vulnerability in the Java Archive Tool (Jar) utility in J2SE SDK 1.4.2 and 1.5, and OpenJDK, allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in filenames in a .jar file.... Read more

    Affected Products : sdk
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1232

    Buffer overflow in Sun Java System Web Proxy Server (aka Sun ONE Proxy Server) 3.6 SP6 allows remote attackers to execute arbitrary code via unknown vectors.... Read more

    Affected Products : java_system_web_proxy_server
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-1191

    The Web View DLL (webvw.dll), as used in Windows Explorer on Windows 2000 systems, does not properly filter an apostrophe ("'") in the author name in a document, which allows attackers to execute arbitrary script via extra attributes when Web View constru... Read more

    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-1068

    Cross-site scripting (XSS) vulnerability in sCssBoard 1.11 and earlier allows remote attackers to execute arbitrary Javascript via [url] tags.... Read more

    Affected Products : scssboard
    • Published: May. 02, 2005
    • Modified: Apr. 03, 2025
Showing 20 of 294421 Results