Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2003-1027

    Internet Explorer 5.01 through 6 SP1 allows remote attackers to direct drag and drop behaviors and other mouse click actions to other windows by using method caching (SaveRef) to access the window.moveBy method, which is otherwise inaccessible, as demonst... Read more

    Affected Products : internet_explorer ie
    • EPSS Score: %60.93
    • Published: Jan. 20, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-2127

    Directory traversal vulnerability in Web Blog 1.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the file variable.... Read more

    Affected Products : web_blog
    • EPSS Score: %8.56
    • Published: Jan. 20, 2004
    • Modified: Apr. 03, 2025

  • 6.8

    MEDIUM
    CVE-2004-0032

    Cross-site scripting (XSS) vulnerability in search.php in PHPGEDVIEW 2.61 allows remote attackers to inject arbitrary HTML and web script via the firstname parameter.... Read more

    Affected Products : phpgedview
    • EPSS Score: %0.74
    • Published: Jan. 20, 2004
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-1024

    Unknown vulnerability in the ls-F builtin function in tcsh on Solaris 8 allows local users to create or delete files as other users, and gain privileges.... Read more

    Affected Products : solaris sunos
    • EPSS Score: %0.07
    • Published: Jan. 20, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-1028

    The download function of Internet Explorer 6 SP1 allows remote attackers to obtain the cache directory name via an HTTP response with an invalid ContentType and a .htm file, which could allow remote attackers to bypass security mechanisms that rely on ran... Read more

    Affected Products : internet_explorer ie
    • EPSS Score: %14.92
    • Published: Jan. 20, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0031

    PHPGEDVIEW 2.61 allows remote attackers to reinstall the software and change the administrator password via a direct HTTP request to editconfig.php.... Read more

    Affected Products : phpgedview
    • EPSS Score: %0.74
    • Published: Jan. 20, 2004
    • Modified: Apr. 03, 2025

  • 9.3

    HIGH
    CVE-2003-1026

    Internet Explorer 5.01 through 6 SP1 allows remote attackers to bypass zone restrictions via a javascript protocol URL in a sub-frame, which is added to the history list and executed in the top window's zone when the history.back (back) function is called... Read more

    Affected Products : internet_explorer ie
    • EPSS Score: %59.28
    • Published: Jan. 20, 2004
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2004-0029

    Lotus Notes Domino 6.0.2 on Linux installs the notes.ini configuration file with world-writable permissions, which allows local users to modify the Notes configuration and gain privileges.... Read more

    Affected Products : lotus_domino
    • EPSS Score: %0.05
    • Published: Jan. 20, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0035

    SQL injection vulnerability in register.php for Phorum 3.4.5 and earlier allows remote attackers to execute arbitrary SQL commands via the hide_email parameter.... Read more

    Affected Products : phorum
    • EPSS Score: %0.62
    • Published: Jan. 20, 2004
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-0985

    The mremap system call (do_mremap) in Linux kernel 2.4.x before 2.4.21, and possibly other versions before 2.4.24, does not properly perform bounds checks, which allows local users to cause a denial of service and possibly gain privileges by causing a rem... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.66
    • Published: Jan. 20, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0011

    Buffer overflow in fsp before 2.81.b18 allows remote users to execute arbitrary code.... Read more

    Affected Products : fsp
    • EPSS Score: %4.26
    • Published: Jan. 20, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-1023

    Stack-based buffer overflow in vfs_s_resolve_symlink of vfs/direntry.c for Midnight Commander (mc) 4.6.0 and earlier, and possibly later versions, allows remote attackers to execute arbitrary code during symlink conversion.... Read more

    Affected Products : midnight_commander
    • EPSS Score: %8.28
    • Published: Jan. 20, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0969

    mpg321 0.2.10 allows remote attackers to overwrite memory and possibly execute arbitrary code via an mp3 file that passes certain strings to the printf function, possibly triggering a format string vulnerability.... Read more

    Affected Products : mpg321
    • EPSS Score: %2.47
    • Published: Jan. 20, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-1022

    Directory traversal vulnerability in fsp before 2.81.b18 allows remote users to access files outside the FSP root directory.... Read more

    Affected Products : fsp
    • EPSS Score: %1.27
    • Published: Jan. 20, 2004
    • Modified: Apr. 03, 2025

  • 6.0

    MEDIUM
    CVE-2003-0904

    Microsoft Exchange 2003 and Outlook Web Access (OWA), when configured to use NTLM authentication, does not properly reuse HTTP connections, which can cause OWA users to view mailboxes of other users when Kerberos has been disabled as an authentication met... Read more

    • EPSS Score: %26.15
    • Published: Jan. 20, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0033

    admin.php in PHPGEDVIEW 2.61 allows remote attackers to obtain sensitive information via an action parameter with a phpinfo command.... Read more

    Affected Products : phpgedview
    • EPSS Score: %7.07
    • Published: Jan. 20, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-1247

    webadmin.exe in Novell Nsure Audit 1.0.1 allows remote attackers to cause a denial of service via malformed ASN.1 packets in corrupt client certificates to an SSL server, as demonstrated using an exploit for the OpenSSL ASN.1 parsing vulnerability.... Read more

    Affected Products : nsure_audit
    • EPSS Score: %0.30
    • Published: Jan. 15, 2004
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2004-1764

    Buffer overflow in CDE libDtSvc on HP-UX B.11.00, B.11.04, B.11.11, and B.11.22 allows local users to gain root privileges via unknown vectors.... Read more

    Affected Products : hp-ux
    • EPSS Score: %0.08
    • Published: Jan. 14, 2004
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2004-1124

    Unknown vulnerability in chroot on SCO UnixWare 7.1.1 through 7.1.4 allows local users to escape the chroot jail and conduct unauthorized activities.... Read more

    Affected Products : unixware openserver
    • EPSS Score: %0.10
    • Published: Jan. 14, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-1000

    lintian 1.23 and earlier removes the working directory even if it was not created by lintian, which may allow local users to delete arbitrary files or directories via a symlink attack.... Read more

    Affected Products : lintian
    • EPSS Score: %0.06
    • Published: Jan. 10, 2004
    • Modified: Apr. 03, 2025
Showing 20 of 291737 Results