Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.3

    MEDIUM
    CVE-2004-1827

    Cross-site scripting (XSS) vulnerability in YaBB 1 Gold(SP1.3) and YaBB SE 1.5.1 Final allows remote attackers to inject arbitrary web script via the background:url property in (1) glow or (2) shadow tags.... Read more

    Affected Products : yabb simple_machines_smf
    • EPSS Score: %0.87
    • Published: Mar. 15, 2004
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2004-1822

    Multiple cross-site scripting (XSS) vulnerabilities in Phorum 3.1 through 5.0.3 beta allow remote attackers to inject arbitrary web script or HTML via the (1) HTTP_REFERER parameter to login.php, (2) HTTP_REFERER parameter to register.php, or (3) target p... Read more

    Affected Products : phorum
    • EPSS Score: %1.30
    • Published: Mar. 15, 2004
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2004-0172

    Heap-based buffer overflow in the search_for_command function of ltrace 0.3.10, if it is installed setuid, could allow local users to execute arbitrary code via a long filename. NOTE: It is unclear whether there are any packages that install ltrace as a ... Read more

    Affected Products : ltrace
    • EPSS Score: %0.05
    • Published: Mar. 15, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-1816

    Unknown vulnerability in Sun Java System Application Server 7.0 Update 2 and earlier, when a SOAP web service expects an array of objects as an argument, allows remote attackers to cause a denial of service (memory consumption).... Read more

    Affected Products : one_application_server coldfusion jrun
    • EPSS Score: %1.73
    • Published: Mar. 15, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-0168

    Unknown vulnerability in CoreFoundation for Mac OS X 10.3.2, related to "notification logging."... Read more

    Affected Products : mac_os_x mac_os_x_server
    • EPSS Score: %1.22
    • Published: Mar. 15, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0190

    Symantec FireWall/VPN Appliance model 200 records a cleartext password for the password administration page, which may be cached on the administrator's local system or in a proxy, which allows attackers to steal the password and gain privileges.... Read more

    • EPSS Score: %0.75
    • Published: Mar. 15, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-1358

    The patches (1) 114332-08 and (2) 114929-06 for Sun Solaris 9 disable the auditing functionality of the Basic Security Module (BSM), which allows attackers to avoid having their activity logged.... Read more

    Affected Products : solaris
    • EPSS Score: %0.54
    • Published: Mar. 12, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-1769

    The "Allow cPanel users to reset their password via email" feature in cPanel 9.1.0 build 34 and earlier, including 8.x, allows remote attackers to execute arbitrary code via the user parameter to resetpass.... Read more

    Affected Products : cpanel
    • EPSS Score: %4.39
    • Published: Mar. 11, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-1770

    The login page for cPanel 9.1.0, and possibly other versions, allows remote attackers to execute arbitrary code via shell metacharacters in the user parameter.... Read more

    Affected Products : cpanel
    • EPSS Score: %11.89
    • Published: Mar. 11, 2004
    • Modified: Apr. 03, 2025

  • 6.8

    MEDIUM
    CVE-2003-1199

    Cross-site scripting (XSS) vulnerability in MyProxy 20030629 allows remote attackers to inject arbitrary web script or HTML via the URL.... Read more

    Affected Products : myproxy
    • EPSS Score: %1.16
    • Published: Mar. 11, 2004
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2004-1359

    Multiple buffer overflows in uucp for Sun Solaris 2.6, 7, 8, and 9 allow local users to execute arbitrary code as the uucp user.... Read more

    Affected Products : solaris sunos
    • EPSS Score: %0.09
    • Published: Mar. 04, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0008

    Integer overflow in Gaim 0.74 and earlier, and Ultramagnetic before 0.81, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a directIM packet that triggers a heap-based buffer overflow.... Read more

    Affected Products : linux gaim ultramagnetic
    • EPSS Score: %19.18
    • Published: Mar. 03, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-0002

    The TCP MSS (maximum segment size) functionality in netinet allows remote attackers to cause a denial of service (resource exhaustion) via (1) a low MTU, which causes a large number of small packets to be produced, or (2) via a large number of packets wit... Read more

    Affected Products : freebsd
    • EPSS Score: %1.27
    • Published: Mar. 03, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0132

    Multiple PHP remote file inclusion vulnerabilities in ezContents 2.0.2 and earlier allow remote attackers to execute arbitrary PHP code from a remote web server, as demonstrated using (1) the GLOBALS[rootdp] parameter to db.php, or (2) the GLOBALS[languag... Read more

    Affected Products : ezcontents
    • EPSS Score: %1.44
    • Published: Mar. 03, 2004
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2004-0106

    Multiple unknown vulnerabilities in XFree86 4.1.0 to 4.3.0, related to improper handling of font files, a different set of vulnerabilities than CVE-2004-0083 and CVE-2004-0084.... Read more

    Affected Products : openbsd x11r6
    • EPSS Score: %0.05
    • Published: Mar. 03, 2004
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2004-0077

    The do_mremap function for the mremap system call in Linux 2.2 to 2.2.25, 2.4 to 2.4.24, and 2.6 to 2.6.2, does not properly check the return value from the do_munmap function when the maximum number of VMA descriptors is exceeded, which allows local user... Read more

    • EPSS Score: %0.11
    • Published: Mar. 03, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0006

    Multiple buffer overflows in Gaim 0.75 and earlier, and Ultramagnetic before 0.81, allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) cookies in a Yahoo web connection, (2) a long name parameter in the Yahoo lo... Read more

    Affected Products : linux gaim ultramagnetic
    • EPSS Score: %16.55
    • Published: Mar. 03, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0818

    Multiple integer overflows in Microsoft ASN.1 library (MSASN1.DLL), as used in LSASS.EXE, CRYPT32.DLL, and other Microsoft executables and libraries on Windows NT 4.0, 2000, and XP, allow remote attackers to execute arbitrary code via ASN.1 BER encodings ... Read more

    • EPSS Score: %89.65
    • Published: Mar. 03, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0104

    Multiple format string vulnerabilities in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code.... Read more

    • EPSS Score: %49.81
    • Published: Mar. 03, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0078

    Buffer overflow in the index menu code (menu_pad_string of menu.c) for Mutt 1.4.1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain mail messages.... Read more

    Affected Products : mutt
    • EPSS Score: %5.66
    • Published: Mar. 03, 2004
    • Modified: Apr. 03, 2025
Showing 20 of 291526 Results