Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2004-0479

    Internet Explorer 6 allows remote attackers to cause a denial of service (crash) via Javascript that creates a new popup window and disables the imagetoolbar functionality with a META tag, which triggers a null dereference.... Read more

    Affected Products : ie
    • EPSS Score: %21.83
    • Published: Jul. 07, 2004
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-2004-0475

    The showHelp function in Internet Explorer 6 on Windows XP Pro allows remote attackers to execute arbitrary local .CHM files via a double backward slash ("\\") before the target CHM file, as demonstrated using an "ms-its" URL to ntshared.chm. NOTE: this ... Read more

    Affected Products : ie
    • EPSS Score: %9.90
    • Published: Jul. 07, 2004
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2004-0478

    Unknown versions of Mozilla allow remote attackers to cause a denial of service (high CPU/RAM consumption) using Javascript with an infinite loop that continues to add input to a form, possibly as the result of inserting control characters, as demonstrat... Read more

    Affected Products : mozilla
    • EPSS Score: %0.74
    • Published: Jul. 07, 2004
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-2004-0474

    Help Center (HelpCtr.exe) may allow remote attackers to read or execute arbitrary files via an "http://" or "file://" argument to the topic parameter in an hcp:// URL. NOTE: since the initial report of this problem, several researchers have been unable t... Read more

    Affected Products : windows_xp
    • EPSS Score: %23.37
    • Published: Jul. 07, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0483

    Unknown vulnerability in rpc.mountd for SGI IRIX 6.5.24 allows remote attackers to cause a denial of service (infinite loop) via certain RPC requests.... Read more

    Affected Products : irix
    • EPSS Score: %1.27
    • Published: Jul. 07, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-0427

    The do_fork function in Linux 2.4.x before 2.4.26, and 2.6.x before 2.6.6, does not properly decrement the mm_count counter when an error occurs after the mm_struct for a child process has been activated, which triggers a memory leak that allows local use... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.16
    • Published: Jul. 07, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0485

    The default protocol helper for the disk: URI on Mac OS X 10.3.3 and 10.2.8 allows remote attackers to write arbitrary files by causing a disk image file (.dmg) to be mounted as a disk volume.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %1.76
    • Published: Jul. 07, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0399

    Stack-based buffer overflow in Exim 3.35, and other versions before 4, when the sender_verify option is true, allows remote attackers to cause a denial of service and possibly execute arbitrary code during sender verification.... Read more

    Affected Products : exim
    • EPSS Score: %42.08
    • Published: Jul. 07, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-0401

    Unknown vulnerability in libtasn1 0.1.x before 0.1.2, and 0.2.x before 0.2.7, related to the DER parsing functions.... Read more

    Affected Products : libtasn1
    • EPSS Score: %0.86
    • Published: Jul. 07, 2004
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2004-0445

    The SYMDNS.SYS driver in Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allows remote attackers to... Read more

    • EPSS Score: %35.05
    • Published: Jul. 07, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-0444

    Multiple vulnerabilities in SYMDNS.SYS for Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allow re... Read more

    • EPSS Score: %58.00
    • Published: Jul. 07, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0470

    BEA WebLogic Server and WebLogic Express 7.0 through SP5 and 8.1 through SP2, when editing weblogic.xml using WebLogic Builder or the SecurityRoleAssignmentMBean.toXML method, inadvertently removes security-role-assignment tags when weblogic.xml does not ... Read more

    Affected Products : weblogic_server
    • EPSS Score: %2.33
    • Published: Jul. 07, 2004
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2004-1345

    Unknown vulnerability in Sun StorEdge Enterprise Storage Manager (ESM) 2.1 for Solaris 8 and Solaris 9 allows local users with the "ESMUser" role to gain root access.... Read more

    • EPSS Score: %0.06
    • Published: Jun. 21, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-1346

    The Sun Solaris Volume Manager (SVM) on Solaris 9 allows local users to cause a denial of service (kernel panic) via a malformed probe request to the SVM.... Read more

    Affected Products : solaris
    • EPSS Score: %0.09
    • Published: Jun. 19, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-1754

    The DNS proxy (DNSd) for multiple Symantec Gateway Security products allows remote attackers to poison the DNS cache via a malicious DNS server query response that contains authoritative or additional records.... Read more

    • EPSS Score: %5.10
    • Published: Jun. 15, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0392

    racoon before 20040407b allows remote attackers to cause a denial of service (infinite loop and dropped connections) via an IKE message with a malformed Generic Payload Header containing invalid (1) "Security Association Next Payload" and (2) "RESERVED" f... Read more

    Affected Products : racoon
    • EPSS Score: %0.93
    • Published: Jun. 14, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0038

    McAfee ePolicy Orchestrator (ePO) 2.5.1 Patch 13 and 3.0 SP2a Patch 3 allows remote attackers to execute arbitrary commands via certain HTTP POST requests to the spipe/file handler on ePO TCP port 81.... Read more

    Affected Products : epolicy_orchestrator
    • EPSS Score: %1.78
    • Published: Jun. 14, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0396

    Heap-based buffer overflow in CVS 1.11.x up to 1.11.15, and 1.12.x up to 1.12.7, when using the pserver mechanism allows remote attackers to execute arbitrary code via Entry lines.... Read more

    Affected Products : cvs
    • EPSS Score: %86.79
    • Published: Jun. 14, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-1041

    Internet Explorer 5.x and 6.0 allows remote attackers to execute arbitrary programs via a modified directory traversal attack using a URL containing ".." (dot dot) sequences and a filename that ends in "::" which is treated as a .chm file even if it does ... Read more

    Affected Products : internet_explorer ie
    • EPSS Score: %70.95
    • Published: Jun. 14, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0050

    Verity Ultraseek before 5.2.2 allows remote attackers to obtain the full pathname of the document root via an MS-DOS device name in the web search option, such as (1) NUL, (2) CON, (3) AUX, (4) COM1, (5) COM2, and others.... Read more

    Affected Products : ultraseek
    • EPSS Score: %0.36
    • Published: Jun. 14, 2004
    • Modified: Apr. 03, 2025
Showing 20 of 292247 Results