Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2004-0543

    Multiple SQL injection vulnerabilities in Oracle Applications 11.0 and Oracle E-Business Suite 11.5.1 through 11.5.8 allow remote attackers to execute arbitrary SQL procedures and queries.... Read more

    Affected Products : e-business_suite applications
    • EPSS Score: %6.03
    • Published: Aug. 06, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0215

    Microsoft Outlook Express 5.5 and 6 allows attackers to cause a denial of service (application crash) via a malformed e-mail header.... Read more

    • EPSS Score: %44.46
    • Published: Aug. 06, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0580

    DHCP on Linksys BEFSR11, BEFSR41, BEFSR81, and BEFSRU31 Cable/DSL Routers, firmware version 1.45.7, does not properly clear previously used buffer contents in a BOOTP reply packet, which allows remote attackers to obtain sensitive information.... Read more

    • EPSS Score: %7.65
    • Published: Aug. 06, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-0201

    Heap-based buffer overflow in the HtmlHelp program (hh.exe) in HTML Help for Microsoft Windows 98, Me, NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary commands via a .CHM file with a large length field, a different vulnerabi... Read more

    • EPSS Score: %45.13
    • Published: Aug. 06, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0661

    Integer signedness error in D-Link AirPlus DI-614+ running firmware 2.30 and earlier allows remote attackers to cause a denial of service (IP lease depletion) via a DHCP request with the LEASETIME option set to -1, which makes the DHCP lease valid for thi... Read more

    Affected Products : di-604 di-614\+ di-624
    • EPSS Score: %1.41
    • Published: Aug. 06, 2004
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2004-0530

    The PHP package in Slackware 8.1, 9.0, and 9.1, when linked against a static library, includes /tmp in the search path, which allows local users to execute arbitrary code as the PHP user by inserting shared libraries into the appropriate path.... Read more

    Affected Products : slackware_linux
    • EPSS Score: %0.06
    • Published: Aug. 06, 2004
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2004-0658

    Integer overflow in the hpsb_alloc_packet function (incorrectly reported as alloc_hpsb_packet) in IEEE 1394 (Firewire) driver 2.4 and 2.6 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via the functions (1) raw... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.07
    • Published: Aug. 06, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-0654

    Unknown vulnerability in the Basic Security Module (BSM), when configured to audit either the Administrative (ad) or the System-Wide Administration (as) audit class in Solaris 7, 8, and 9, allows local users to cause a denial of service (kernel panic).... Read more

    Affected Products : solaris sunos
    • EPSS Score: %0.13
    • Published: Aug. 06, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0664

    Directory traversal vulnerability in modules.php in PowerPortal 1.x allows remote attackers to list arbitrary directories via a .. (dot dot) in the files parameter.... Read more

    Affected Products : powerportal
    • EPSS Score: %4.31
    • Published: Aug. 06, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0525

    HP Integrated Lights-Out (iLO) 1.10 and other versions before 1.55 allows remote attackers to cause a denial of service (hang) by accessing iLO using the TCP/IP reserved port zero.... Read more

    Affected Products : integrated_lights-out_firmware
    • EPSS Score: %0.80
    • Published: Aug. 06, 2004
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2004-0453

    Format string vulnerability in the monitor "memory dump" command in VICE 1.6 to 1.14 allows local users to cause a denial of service (emulator crash) and possibly execute arbitrary code via format string specifiers in an output string.... Read more

    Affected Products : vice
    • EPSS Score: %0.07
    • Published: Aug. 06, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0651

    Unknown vulnerability in Sun Java Runtime Environment (JRE) 1.4.2 through 1.4.2_03 allows remote attackers to cause a denial of service (virtual machine hang).... Read more

    Affected Products : jre sdk
    • EPSS Score: %4.62
    • Published: Aug. 06, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-0648

    Mozilla (Suite) before 1.7.1, Firefox before 0.9.2, and Thunderbird before 0.7.2 allow remote attackers to launch arbitrary programs via a URI referencing the shell: protocol.... Read more

    Affected Products : firefox thunderbird mozilla
    • EPSS Score: %22.51
    • Published: Aug. 06, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-0450

    Format string vulnerability in the printlog function in log2mail before 0.2.5.2 allows local users or remote attackers to execute arbitrary code via format string specifiers in a logfile monitored by log2mail.... Read more

    Affected Products : log2mail
    • EPSS Score: %8.98
    • Published: Aug. 06, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-0524

    Buffer overflow in the chpasswd command in the Change_passwd plugin before 4.0, as used in SquirrelMail, allows local users to gain root privileges via a long user name.... Read more

    Affected Products : change_passwd
    • EPSS Score: %3.73
    • Published: Aug. 06, 2004
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2004-0667

    Rule Set Based Access Control (RSBAC) 1.2.2 through 1.2.3 allows access to sys_creat, sys_open, and sys_mknod inside jails, which could allow local users to gain elevated privileges.... Read more

    Affected Products : linux rule_set_based_access_control
    • EPSS Score: %0.15
    • Published: Aug. 06, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0674

    Enterasys XSR-1800 series Security Routers, when running firmware 7.0.0.0 and using Policy-Based Routing, allow remote attackers to cause a denial of service (crash) via a packet with the IP record route option set.... Read more

    Affected Products : xsr-1805 xsr-1850 xsr-3000
    • EPSS Score: %0.76
    • Published: Aug. 06, 2004
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2004-0652

    BEA WebLogic Server and WebLogic Express 7.0 through 7.0 Service Pack 4, and 8.1 through 8.1 Service Pack 2, allows attackers to obtain the username and password for booting the server by directly accessing certain internal methods.... Read more

    Affected Products : weblogic_server
    • EPSS Score: %0.10
    • Published: Aug. 06, 2004
    • Modified: Apr. 03, 2025

  • 6.8

    MEDIUM
    CVE-2004-0673

    Cross-site scripting (XSS) vulnerability in SCI Photo Chat Server 3.4.9 allows remote attackers to execute arbitrary web script as other users via an invalid request that is echoed in the resulting error message.... Read more

    Affected Products : sci_photo_chat
    • EPSS Score: %0.40
    • Published: Aug. 06, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0668

    Web Access in Lotus Domino 6.5.1 allows remote attackers to cause a denial of service (server crash) via a large e-mail message, as demonstrated using a large image attachment.... Read more

    Affected Products : lotus_domino
    • EPSS Score: %4.72
    • Published: Aug. 06, 2004
    • Modified: Apr. 03, 2025
Showing 20 of 291890 Results