Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2003-1196

    SQL injection vulnerability in viewtopic.asp in VieBoard 2.6 allows remote attackers to execute arbitrary SQL commands via the forumid parameter.... Read more

    Affected Products : vieboard
    • EPSS Score: %1.24
    • Published: Nov. 03, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-1185

    Multiple SQL injection vulnerabilities in ThWboard before Beta 2.8.2 allow remote attackers to inject arbitrary SQL commands via various vectors including (1) Admin-Center, (2) Announcements, (3) admin/calendar.php, and (4) showevent.php.... Read more

    Affected Products : thwboard
    • EPSS Score: %1.14
    • Published: Nov. 03, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-1188

    Unichat allows remote attackers to cause a denial of service (crash) by adding extra chat characters (avatars) and logging in to a chat room, as demonstrated using duplicate ACTOR entries in u2res000.rit.... Read more

    Affected Products : unichat
    • EPSS Score: %1.13
    • Published: Nov. 02, 2003
    • Modified: Apr. 03, 2025

  • 6.8

    MEDIUM
    CVE-2003-1187

    Cross-site scripting (XSS) vulnerability in include.php in PHPKIT 1.6.02 and 1.6.03 allows remote attackers to inject arbitrary web script or HTML via the contact_email parameter.... Read more

    Affected Products : phpkit
    • EPSS Score: %0.66
    • Published: Nov. 02, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-1159

    Plug and Play Web Server Proxy 1.0002c allows remote attackers to cause a denial of service (server crash) via an invalid URI in an HTTP GET request to TCP port 8080.... Read more

    Affected Products : plug_and_play_web_server_proxy
    • EPSS Score: %1.00
    • Published: Oct. 31, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2003-1160

    FlexWATCH Network video server 132 allows remote attackers to bypass authentication and gain administrative privileges via an HTTP request to aindex.htm that contains double leading slashes (//).... Read more

    Affected Products : flexwatch_network_video_server
    • EPSS Score: %7.42
    • Published: Oct. 30, 2003
    • Modified: Apr. 03, 2025

  • 6.8

    MEDIUM
    CVE-2003-1194

    Cross-site scripting (XSS) vulnerability in Booby .1 through 0.2.3 allows remote attackers to inject arbitrary web script or HTML via the error message.... Read more

    Affected Products : booby
    • EPSS Score: %1.24
    • Published: Oct. 30, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-1143

    Croteam Serious Sam demo test 2 2.1a, Serious Sam: the First Encounter 1.05, and Serious Sam: the Second Encounter 1.05 allow remote attackers to cause a denial of service (crash or freeze) via a TCP packet with an invalid first parameter.... Read more

    Affected Products : serioussam
    • EPSS Score: %8.10
    • Published: Oct. 30, 2003
    • Modified: Apr. 03, 2025

  • 6.8

    MEDIUM
    CVE-2003-1197

    Cross-site scripting (XSS) vulnerability in index.php for Ledscripts.com LedForums Beta 1 allows remote attackers to inject arbitrary web script or HTML via the (1) top_message parameter or (2) topic field of a new thread.... Read more

    Affected Products : ledforums
    • EPSS Score: %0.83
    • Published: Oct. 30, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-1191

    chatbox.php in e107 0.554 and 0.603 allows remote attackers to cause a denial of service (pages fail to load) via HTML in the Name field, which prevents the main.php form from being loaded.... Read more

    Affected Products : e107
    • EPSS Score: %5.22
    • Published: Oct. 29, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-1186

    Buffer overflow in TelCondex SimpleWebServer 2.12.30210 Build3285 allows remote attackers to execute arbitrary code via a long HTTP Referer header.... Read more

    Affected Products : simplewebserver
    • EPSS Score: %5.51
    • Published: Oct. 29, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-1189

    Unknown vulnerability in Nokia IPSO 3.7, configured as IP Clusters, allows remote attackers to cause a denial of service via unknown attack vectors.... Read more

    Affected Products : ipso
    • EPSS Score: %0.91
    • Published: Oct. 29, 2003
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2003-1183

    The WebCache component in Oracle Files 9.0.3.1.0, 9.0.3.2.0, and 9.0.3.3.0 of Oracle Collaboration Suite Release 1 caches files despite the cacheability rules imposed by Oracle Files, which allows local users to gain access.... Read more

    Affected Products : oracle_files
    • EPSS Score: %0.27
    • Published: Oct. 28, 2003
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2003-1151

    Cross-site scripting (XSS) vulnerability in Fastream NETFile Server 6.0.3.588 allows remote attackers to inject arbitrary web script or HTML via the URL, which is displayed on a "404 Not Found" error page.... Read more

    Affected Products : netfile_ftp_web_server
    • EPSS Score: %1.12
    • Published: Oct. 28, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2003-1140

    Buffer overflow in Musicqueue 1.2.0 allows local users to execute arbitrary code via a long language variable in the configuration file.... Read more

    Affected Products : musicqueue
    • EPSS Score: %1.44
    • Published: Oct. 27, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-1138

    The default configuration of Apache 2.0.40, as shipped with Red Hat Linux 9.0, allows remote attackers to list directory contents, even if auto indexing is turned off and there is a default web page configured, via a GET request containing a double slash ... Read more

    Affected Products : linux interchange
    • EPSS Score: %3.18
    • Published: Oct. 27, 2003
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2003-1149

    Cross-site scripting (XSS) vulnerability in Symantec Norton Internet Security 2003 6.0.4.34 allows remote attackers to inject arbitrary web script or HTML via a URL to a blocked site, which is displayed on the blocked sites error page.... Read more

    Affected Products : norton_internet_security
    • EPSS Score: %2.00
    • Published: Oct. 27, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-1139

    Musicqueue 1.2.0 allows local users to overwrite arbitrary files by triggering a segmentation fault and using a symlink attack on the resulting musicqueue.crash file.... Read more

    Affected Products : musicqueue
    • EPSS Score: %2.46
    • Published: Oct. 27, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-1150

    Buffer overflow in the portmapper service (PMAP.NLM) in Novell NetWare 6 SP3 and ZenWorks for Desktops 3.2 SP2 through 4.0.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via unknown attack vectors.... Read more

    Affected Products : netware zenworks_desktops
    • EPSS Score: %2.28
    • Published: Oct. 27, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-1060

    The NFS Server for Solaris 7, 8, and 9 allows remote attackers to cause a denial of service (UFS panic) via certain invalid UFS requests, which triggers a null dereference.... Read more

    Affected Products : solaris sunos
    • EPSS Score: %0.74
    • Published: Oct. 27, 2003
    • Modified: Apr. 03, 2025
Showing 20 of 291255 Results