Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2003-0802

    Nokia Electronic Documentation (NED) 5.0 allows remote attackers to obtain a directory listing of the WebLogic web root, and the physical path of the NED server, via a "retrieve" action with a location parameter of . (dot).... Read more

    Affected Products : electronic_documentation
    • EPSS Score: %2.27
    • Published: Oct. 06, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2003-0784

    Format string vulnerability in tsm for the bos.rte.security fileset on AIX 5.2 allows remote attackers to gain root privileges via login, and local users to gain privileges via login, su, or passwd, with a username that contains format string specifiers.... Read more

    Affected Products : aix
    • EPSS Score: %1.20
    • Published: Oct. 06, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-0742

    SCO Internet Manager (mana) allows local users to execute arbitrary programs by setting the REMOTE_ADDR environment variable to cause menu.mana to run as if it were called from ncsa_httpd, then modifying the PATH environment variable to point to a malicio... Read more

    Affected Products : openserver
    • EPSS Score: %0.08
    • Published: Oct. 06, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-0758

    Buffer overflow in db2dart in IBM DB2 Universal Data Base 7.2 before Fixpak 10 allows local users to gain root privileges via a long command line argument.... Read more

    Affected Products : db2_universal_database
    • EPSS Score: %0.15
    • Published: Oct. 06, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0803

    Nokia Electronic Documentation (NED) 5.0 allows remote attackers to use NED as an open HTTP proxy via a URL in the location parameter, which NED accesses and returns to the user.... Read more

    Affected Products : electronic_documentation
    • EPSS Score: %2.01
    • Published: Oct. 06, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-0759

    Buffer overflow in db2licm in IBM DB2 Universal Data Base 7.2 before Fixpak 10a allows local users to gain root privileges via a long command line argument.... Read more

    Affected Products : db2_universal_database
    • EPSS Score: %0.16
    • Published: Oct. 06, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2003-0694

    The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c.... Read more

    Affected Products : aix solaris hp-ux sunos freebsd mac_os_x mac_os_x_server netbsd sendmail linux +8 more products
    • EPSS Score: %76.08
    • Published: Oct. 06, 2003
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2003-0801

    Cross-site scripting (XSS) vulnerability in Nokia Electronic Documentation (NED) 5.0 allows remote attackers to execute arbitrary web script and steal cookies via a URL to the docs/ directory that contains the script.... Read more

    Affected Products : electronic_documentation
    • EPSS Score: %0.31
    • Published: Oct. 06, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0680

    Unknown vulnerability in NFS for SGI IRIX 6.5.21 and earlier may allow an NFS client to bypass read-only restrictions.... Read more

    Affected Products : irix
    • EPSS Score: %0.49
    • Published: Oct. 06, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-0697

    Format string vulnerability in lpd in the bos.rte.printers fileset for AIX 4.3 through 5.2, with debug enabled, allows local users to cause a denial of service (crash) or gain root privileges.... Read more

    Affected Products : aix
    • EPSS Score: %0.05
    • Published: Oct. 06, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0826

    lsh daemon (lshd) does not properly return from certain functions in (1) read_line.c, (2) channel_commands.c, or (3) client_keyexchange.c when long input is provided, which could allow remote attackers to execute arbitrary code via a heap-based buffer ove... Read more

    Affected Products : lsh
    • EPSS Score: %27.29
    • Published: Oct. 06, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0695

    Multiple "buffer management errors" in OpenSSH before 3.7.1 may allow attackers to cause a denial of service or execute arbitrary code using (1) buffer_init in buffer.c, (2) buffer_free in buffer.c, or (3) a separate function in channels.c, a different vu... Read more

    Affected Products : openssh
    • EPSS Score: %1.17
    • Published: Oct. 06, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0681

    A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences.... Read more

    • EPSS Score: %12.88
    • Published: Oct. 06, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0682

    "Memory bugs" in OpenSSH 3.7.1 and earlier, with unknown impact, a different set of vulnerabilities than CVE-2003-0693 and CVE-2003-0695.... Read more

    Affected Products : openssh
    • EPSS Score: %0.42
    • Published: Oct. 06, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0805

    Multiple buffer overflows in UMN gopher daemon (gopherd) 2.x and 3.x before 3.0.6 allows attackers to execute arbitrary code via (1) a long filename as a result of a LIST command, and (2) the GSisText function, which calculates the view-type.... Read more

    Affected Products : gopherd
    • EPSS Score: %5.56
    • Published: Oct. 06, 2003
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2003-1053

    Multiple buffer overflows in XShisen allow attackers to execute arbitrary code via a long (1) -KCONV command line option or (2) XSHISENLIB environment variable.... Read more

    Affected Products : xshisen
    • EPSS Score: %0.24
    • Published: Oct. 03, 2003
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2003-0771

    Gallery.pm in Apache::Gallery (aka A::G) uses predictable temporary filenames when running Inline::C, which allows local users to execute arbitrary code by creating and modifying the files before Apache::Gallery does.... Read more

    Affected Products : apache_gallery
    • EPSS Score: %0.09
    • Published: Sep. 22, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0770

    FUNC.pm in IkonBoard 3.1.2a and earlier, including 3.1.1, does not properly cleanse the "lang" cookie when it contains illegal characters, which allows remote attackers to execute arbitrary code when the cookie is inserted into a Perl "eval" statement.... Read more

    Affected Products : ikonboard
    • EPSS Score: %10.91
    • Published: Sep. 22, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0777

    saned in sane-backends 1.0.7 and earlier, when debug messages are enabled, does not properly handle dropped connections, which can prevent strings from being null terminated and cause a denial of service (segmentation fault).... Read more

    Affected Products : sane sane-backend
    • EPSS Score: %0.83
    • Published: Sep. 22, 2003
    • Modified: Apr. 03, 2025

  • 6.8

    MEDIUM
    CVE-2003-0768

    Microsoft ASP.Net 1.1 allows remote attackers to bypass the Cross-Site Scripting (XSS) and Script Injection protection feature via a null character in the beginning of a tag name.... Read more

    Affected Products : asp.net
    • EPSS Score: %17.17
    • Published: Sep. 22, 2003
    • Modified: Apr. 03, 2025
Showing 20 of 291255 Results