Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2004-1625

    pGina 1.7.6 and possibly older versions, when the Restart or Shutdown options are enabled on the login screen, allows remote attackers to cause a denial of service by connecting via Remote Desktop and clicking restart or shutdown.... Read more

    Affected Products : pgina
    • EPSS Score: %0.74
    • Published: Oct. 22, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-1627

    Buffer overflow in Ability Server 2.25, 2.32, 2.34, and possibly other versions, allows remote attackers to execute arbitrary code via a long APPE command.... Read more

    Affected Products : ability_server
    • EPSS Score: %16.73
    • Published: Oct. 22, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-1626

    Buffer overflow in Ability Server 2.34, and possibly other versions, allows remote attackers to execute arbitrary code via a long STOR command.... Read more

    Affected Products : ability_server
    • EPSS Score: %73.36
    • Published: Oct. 22, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-1623

    The WAV file property handler in Windows XP SP1 allows remote attackers to cause a denial of service (infinite loop in Explorer) via a WAV file with an invalid file header whose fmt chunk length is set to 0xFFFFFFFF.... Read more

    Affected Products : windows_xp
    • EPSS Score: %38.70
    • Published: Oct. 22, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-1622

    SQL injection vulnerability in dosearch.php in UBB.threads 3.4.x allows remote attackers to execute arbitrary SQL statements via the Name parameter.... Read more

    Affected Products : ubb.threads
    • EPSS Score: %0.33
    • Published: Oct. 21, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-1620

    CRLF injection vulnerability in Serendipity before 0.7rc1 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the url parameter in (1) index.php and (2) exit.php, or (3) the HTTP Referer f... Read more

    Affected Products : serendipity
    • EPSS Score: %8.35
    • Published: Oct. 21, 2004
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2004-1624

    Carbon Copy 6.0.5257 does not drop system privileges when opening external programs through the help topic interface, which allows local users to gain privileges via (1) the help topic interface in CCW32.exe, which launches Notepad, or (2) the help button... Read more

    Affected Products : carbon_copy
    • EPSS Score: %0.05
    • Published: Oct. 21, 2004
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2004-0792

    Directory traversal vulnerability in the sanitize_path function in util.c for rsync 2.6.2 and earlier, when chroot is disabled, allows attackers to read or write certain files.... Read more

    Affected Products : rsync
    • EPSS Score: %0.84
    • Published: Oct. 20, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0754

    Integer overflow in Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the size variable in Groupware server messages.... Read more

    Affected Products : enterprise_linux gaim
    • EPSS Score: %5.60
    • Published: Oct. 20, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0688

    Multiple integer overflows in (1) the xpmParseColors function in parse.c, (2) XpmCreateImageFromXpmImage, (3) CreateXImage, (4) ParsePixels, and (5) ParseAndPutPixels for libXpm before 6.8.1 may allow remote attackers to execute arbitrary code via a malfo... Read more

    Affected Products : suse_linux openbsd x11r6 x11r6
    • EPSS Score: %16.03
    • Published: Oct. 20, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0753

    The BMP image processor for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted BMP file.... Read more

    Affected Products : gdkpixbuf gtk
    • EPSS Score: %12.04
    • Published: Oct. 20, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0783

    Stack-based buffer overflow in xpm_extract_color (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 (gtk2) and earlier, and gdk-pixbuf before 0.22, may allow remote attackers to execute arbitrary code via a certain color string. NOTE: this identifier is ... Read more

    Affected Products : gdkpixbuf gtk
    • EPSS Score: %30.60
    • Published: Oct. 20, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0785

    Multiple buffer overflows in Gaim before 0.82 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) Rich Text Format (RTF) messages, (2) a long hostname for the local system as obtained from DNS, or (3) a long URL... Read more

    Affected Products : enterprise_linux gaim
    • EPSS Score: %6.30
    • Published: Oct. 20, 2004
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2004-0787

    Cross-site scripting (XSS) vulnerability in the web frontend in OpenCA 0.9.1-8 and earlier, and 0.9.2 RC6 and earlier, allows remote attackers to inject arbitrary web script or HTML via the form input fields.... Read more

    Affected Products : openca
    • EPSS Score: %0.38
    • Published: Oct. 20, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0798

    Buffer overflow in the _maincfgret.cgi script for Ipswitch WhatsUp Gold before 8.03 Hotfix 1 allows remote attackers to execute arbitrary code via a long instancename parameter.... Read more

    Affected Products : whatsup_gold whatsup_gold
    • EPSS Score: %72.64
    • Published: Oct. 20, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0777

    Format string vulnerability in the auth_debug function in Courier-IMAP 1.6.0 through 2.2.1 and 3.x through 3.0.3, when login debugging (DEBUG_LOGIN) is enabled, allows remote attackers to execute arbitrary code.... Read more

    Affected Products : courier-imap
    • EPSS Score: %15.92
    • Published: Oct. 20, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-1380

    Firefox before 1.0 and Mozilla before 1.7.5 allows inactive (background) tabs to launch dialog boxes, which can allow remote attackers to spoof the dialog boxes from web sites in other windows and facilitate phishing attacks, aka the "Dialog Box Spoofing ... Read more

    Affected Products : firefox mozilla
    • EPSS Score: %14.50
    • Published: Oct. 20, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-1381

    Firefox before 1.0 and Mozilla before 1.7.5 allow inactive (background) tabs to focus on input being entered in the active tab, as originally reported using form fields, which allows remote attackers to steal sensitive data that is intended for other site... Read more

    Affected Products : firefox mozilla
    • EPSS Score: %13.49
    • Published: Oct. 20, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-1016

    Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use malformed quoting in MIME headers, parameters, and values, including (1) fields that should not be quoted, (2) duplic... Read more

    • EPSS Score: %0.34
    • Published: Oct. 20, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-1015

    Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use whitespace in an unusual fashion, which may be interpreted differently by mail clients.... Read more

    • EPSS Score: %0.34
    • Published: Oct. 20, 2004
    • Modified: Apr. 03, 2025
Showing 20 of 292275 Results