Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2004-0224

    Multiple buffer overflows in (1) iso2022jp.c or (2) shiftjis.c for Courier-IMAP before 3.0.0, Courier before 0.45, and SqWebMail before 4.0.0 may allow remote attackers to execute arbitrary code "when Unicode character is out of BMP range."... Read more

    Affected Products : linux courier_mta courier-imap sqwebmail
    • EPSS Score: %3.68
    • Published: Apr. 15, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0121

    Argument injection vulnerability in Microsoft Outlook 2002 does not sufficiently filter parameters of mailto: URLs when using them as arguments when calling OUTLOOK.EXE, which allows remote attackers to use script code in the Local Machine zone and execut... Read more

    Affected Products : office outlook
    • EPSS Score: %51.47
    • Published: Apr. 15, 2004
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2004-0107

    The (1) post and (2) trigger scripts in sysstat 4.0.7 and earlier allow local users to overwrite arbitrary files via symlink attacks on temporary files, a different vulnerability than CVE-2004-0108.... Read more

    Affected Products : propack sysstat sysstat
    • EPSS Score: %0.07
    • Published: Apr. 15, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0592

    Konqueror in KDE 3.1.3 and earlier (kdelibs) allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Konqueror to send the cookie outsid... Read more

    Affected Products : konqueror konqueror_embedded
    • EPSS Score: %0.83
    • Published: Apr. 15, 2004
    • Modified: Apr. 03, 2025

  • 7.0

    HIGH
    CVE-2004-0217

    The LiveUpdate capability (liveupdate.sh) in Symantec AntiVirus Scan Engine 4.0 and 4.3 for Red Hat Linux allows local users to create or append to arbitrary files via a symlink attack on /tmp/LiveUpdate.log.... Read more

    Affected Products : linux antivirus_scan_engine
    • EPSS Score: %0.13
    • Published: Apr. 15, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0362

    Multiple stack-based buffer overflows in the ICQ parsing routines of the ISS Protocol Analysis Module (PAM) component, as used in various RealSecure, Proventia, and BlackICE products, allow remote attackers to execute arbitrary code via a SRV_MULTI respon... Read more

    • EPSS Score: %83.40
    • Published: Apr. 15, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0363

    Stack-based buffer overflow in the SymSpamHelper ActiveX component (symspam.dll) in Norton AntiSpam 2004, as used in Norton Internet Security 2004, allows remote attackers to execute arbitrary code via a long parameter to the LaunchCustomRuleWizard method... Read more

    Affected Products : norton_antispam
    • EPSS Score: %72.68
    • Published: Apr. 15, 2004
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-1033

    The (1) instdbmsrv and (2) instlserver programs in SAP DB Development Tools 7.x trust the user-provided INSTROOT environment variable as a path when assigning setuid permissions to the lserver program, which allows local users to gain root privileges via ... Read more

    Affected Products : sap_db
    • EPSS Score: %0.04
    • Published: Apr. 15, 2004
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2004-0108

    The isag utility, which processes sysstat data, allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CAN-2004-0107.... Read more

    Affected Products : propack sysstat sysstat
    • EPSS Score: %0.08
    • Published: Apr. 15, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0150

    Buffer overflow in the getaddrinfo function in Python 2.2 before 2.2.2, when IPv6 support is disabled, allows remote attackers to execute arbitrary code via an IPv6 address that is obtained using DNS.... Read more

    Affected Products : python
    • EPSS Score: %8.89
    • Published: Apr. 15, 2004
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2004-0151

    Unknown vulnerability in xitalk 1.1.11 and earlier allows local users to execute arbitrary commands.... Read more

    Affected Products : xitalk
    • EPSS Score: %0.06
    • Published: Apr. 15, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-0372

    xine allows local users to overwrite arbitrary files via a symlink attack on a bug report email that is generated by the (1) xine-bugreport or (2) xine-check scripts.... Read more

    Affected Products : xine
    • EPSS Score: %0.10
    • Published: Apr. 15, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2003-1040

    kmod in the Linux kernel does not set its uid, suid, gid, or sgid to 0, which allows local users to cause a denial of service (crash) by sending certain signals to kmod.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.08
    • Published: Apr. 15, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-1936

    ZoneAlarm Pro 4.5.538.001 and possibly other versions allows remote attackers to bypass e-mail protection via attachments whose names contain certain non-English characters.... Read more

    Affected Products : zonealarm
    • EPSS Score: %0.36
    • Published: Apr. 14, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-1944

    Eudora 6.1 and 6.0.3 for Windows allows remote attackers to cause a denial of service (crash) via a deeply nested multipart MIME message.... Read more

    Affected Products : eudora
    • EPSS Score: %3.92
    • Published: Apr. 14, 2004
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2004-1939

    Cross-site scripting (XSS) vulnerability in Zaep AntiSpam 2.0 allows remote attackers to inject arbitrary web script or HTML via double encoded slashes (%252F) in the key parameter.... Read more

    Affected Products : zaep_antispam
    • EPSS Score: %0.88
    • Published: Apr. 14, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-1756

    BEA WebLogic Server and WebLogic Express 8.1 SP2 and earlier, and 7.0 SP4 and earlier, when using 2-way SSL with a custom trust manager, may accept a certificate chain even if the trust manager rejects it, which allows remote attackers to spoof other user... Read more

    Affected Products : weblogic_server
    • EPSS Score: %1.80
    • Published: Apr. 13, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-1929

    SQL injection vulnerability in the bblogin function in functions.php in PHP-Nuke 6.x through 7.2 allows remote attackers to bypass authentication and gain access by injecting base64-encoded SQL code into the user parameter.... Read more

    Affected Products : php-nuke
    • EPSS Score: %0.13
    • Published: Apr. 13, 2004
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2004-1758

    BEA WebLogic Server and WebLogic Express version 8.1 up to SP2, 7.0 up to SP4, and 6.1 up to SP6 may store the database username and password for an untargeted JDBC connection pool in plaintext in config.xml, which allows local users to gain privileges.... Read more

    Affected Products : weblogic_server
    • EPSS Score: %0.12
    • Published: Apr. 13, 2004
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2004-1930

    Cross-site scripting (XSS) vulnerability in the cookiedecode function in mainfile.php for PHP-Nuke 6.x through 7.2, when themes are used, allows remote attackers to inject arbitrary web script or HTML via a base64-encoded user parameter or cookie.... Read more

    Affected Products : php-nuke
    • EPSS Score: %0.17
    • Published: Apr. 12, 2004
    • Modified: Apr. 03, 2025
Showing 20 of 291728 Results