Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2003-0988

    Buffer overflow in the VCF file information reader for KDE Personal Information Management (kdepim) suite in KDE 3.1.0 through 3.1.4 allows attackers to execute arbitrary code via a VCF file.... Read more

    Affected Products : linux kde
    • EPSS Score: %7.32
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0055

    The print_attr_string function in print-radius.c for tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (segmentation fault) via a RADIUS attribute with a large length value.... Read more

    Affected Products : tcpdump
    • EPSS Score: %31.32
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2003-0992

    Cross-site scripting (XSS) vulnerability in the create CGI script for Mailman before 2.1.3 allows remote attackers to steal cookies of other users.... Read more

    Affected Products : mailman
    • EPSS Score: %0.52
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0061

    WWW File Share Pro 2.42 and earlier allows remote attackers to bypass directory access restrictions via (1) a URL with a trailing . (dot), or (2) a URI with a leading slash or backslash character.... Read more

    Affected Products : www_file_share_pro
    • EPSS Score: %0.31
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0095

    McAfee ePolicy Orchestrator agent allows remote attackers to cause a denial of service (memory consumption and crash) and possibly execute arbitrary code via an HTTP POST request with an invalid Content-Length value, possibly triggering a buffer overflow.... Read more

    Affected Products : epolicy_orchestrator
    • EPSS Score: %5.80
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-1180

    Unknown vulnerability in the rwho daemon (rwhod) before 0.17, on little endian architectures, allows remote attackers to cause a denial of service (application crash).... Read more

    • EPSS Score: %0.76
    • Published: Feb. 16, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-2082

    The samiftp.dll library in Sami FTP Server 1.1.3 allows remote authenticated users to cause a denial of service (pmsystem.exe crash) via a GET request wit a large number of leading "/" (slash) characters.... Read more

    Affected Products : sami_ftp_server
    • EPSS Score: %5.88
    • Published: Feb. 13, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-2088

    Sophos Anti-Virus 3.78 allows remote attackers to bypass virus scanning by using a qmail generated Delivery Status Notification (DSN) where the original email is not included in the bounce message.... Read more

    Affected Products : sophos_anti-virus
    • EPSS Score: %5.69
    • Published: Feb. 12, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-1214

    Unknown vulnerability in the server login for VisualShapers ezContents 2.02 and earlier allows remote attackers to bypass access restrictions and gain access to restricted functions.... Read more

    Affected Products : ezcontents
    • EPSS Score: %0.42
    • Published: Feb. 11, 2004
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2004-2083

    Opera Web Browser 7.0 through 7.23 allows remote attackers to trick users into executing a malicious file by embedding a CLSID in the file name, which causes the malicious file to appear as a trusted file type, aka "File Download Extension Spoofing."... Read more

    Affected Products : opera_browser
    • EPSS Score: %1.14
    • Published: Feb. 11, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-2091

    Microsoft Baseline Security Analyzer (MBSA) 1.2 does not correctly identify systems that have been patched but remain vulnerable to exploit until the system is rebooted, possibly giving the administrator a false sense of security.... Read more

    Affected Products : baseline_security_analyzer
    • EPSS Score: %14.43
    • Published: Feb. 10, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-2080

    Red-M Red-Alert 2.7.5 with software 3.1 build 24 converts multiple spaces in a Service Set Identifier (SSID) to a single space, which prevents Red-Alert from correctly identifying the SSID.... Read more

    Affected Products : red-alert
    • EPSS Score: %0.79
    • Published: Feb. 09, 2004
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2004-2093

    Buffer overflow in the open_socket_out function in socket.c for rsync 2.5.7 and earlier allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long RSYNC_PROXY environment variable. NOTE: since rsync is not setu... Read more

    Affected Products : rsync
    • EPSS Score: %0.29
    • Published: Feb. 09, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-2078

    Red-M Red-Alert 2.7.5 with software 3.1 build 24 allows remote attackers to cause a denial of service (reboot and loss of logged events) via a long request to TCP port 80, possibly triggering a buffer overflow.... Read more

    Affected Products : red-alert
    • EPSS Score: %12.07
    • Published: Feb. 09, 2004
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2004-2092

    eTrust InoculateIT for Linux 6.0 uses insecure permissions for multiple files and directories, including the application's registry and tmp directories, which allows local users to delete, modify, or examine sensitive information.... Read more

    Affected Products : inoculateit
    • EPSS Score: %0.06
    • Published: Feb. 09, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-2079

    Red-M Red-Alert 2.7.5 with software 3.1 build 24 binds authentication to IP addresses, which allows remote attackers to bypass authentication by connecting from the same IP address as an active authenticated user.... Read more

    Affected Products : red-alert
    • EPSS Score: %1.22
    • Published: Feb. 09, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-2077

    Nadeo Game Engine for Nadeo TrackMania and Nadeo Virtual Skipper 3 allows remote attackers to cause a denial of service (server crash) via malformed data to TCP port 2350, possibly due to long values or incorrect size fields.... Read more

    Affected Products : game_engine trackmania virtual_skipper
    • EPSS Score: %11.67
    • Published: Feb. 08, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-2087

    Unknown vulnerability in SandSurfer before 1.7.0 allows remote attackers to gain access as a logged-in user.... Read more

    Affected Products : sandsurfer
    • EPSS Score: %1.41
    • Published: Feb. 08, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-1244

    Windows Media Player 9 allows remote attackers to execute arbitrary code via a PNG file containing large (1) width or (2) height values, aka the "PNG Processing Vulnerability."... Read more

    • EPSS Score: %42.54
    • Published: Feb. 08, 2004
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2004-2084

    Cross-site scripting (XSS) vulnerability in search.php in JShop E-Commerce Server allows remote attackers to inject arbitrary web script or HTML via the xSearch parameter.... Read more

    Affected Products : jshop_server jshop_professional
    • EPSS Score: %0.87
    • Published: Feb. 07, 2004
    • Modified: Apr. 03, 2025
Showing 20 of 291647 Results