Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.6

    MEDIUM
    CVE-2003-1279

    S-PLUS 6.0 allows local users to overwrite arbitrary files and possibly elevate privileges via a symlink attack on (1) /tmp/__F8499 by Sqpe, (2) /tmp/PRINT.$$.out by PRINT, (3) /tmp/SUBST$PID.TXT and /tmp/ed.cmds$PID by mustfix.hlinks, (4) /tmp/file.1 and... Read more

    Affected Products : s-plus
    • EPSS Score: %0.16
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-2003-1107

    The DHTML capability in Microsoft Windows Media Player (WMP) 6.4, 7.0, 7.1, and 9 may run certain URL commands from a security zone that is less trusted than the current zone, which allows attackers to bypass intended access restrictions.... Read more

    Affected Products : windows_media_player
    • EPSS Score: %8.43
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-1126

    Unknown vulnerability in SunOne/iPlanet Web Server SP3 through SP5 on Windows platforms allows remote attackers to cause a denial of service.... Read more

    Affected Products : one_web_server
    • EPSS Score: %1.50
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-1128

    XMMS.pm in X2 XMMS Remote, as obtained from the vendor server between 4 AM 11 AM PST on May 7, 2003, allows remote attackers to execute arbitrary commands via shell metacharacters in a request to TCP port 8086.... Read more

    Affected Products : xmms_remote
    • EPSS Score: %3.36
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-1212

    MaxWebPortal 1.30 allows remote attackers to perform unauthorized actions by modifying hidden form fields, such as the (1) news, (2) lock, or (3) allmem fields in the 'start new topic' HTML page.... Read more

    Affected Products : maxwebportal
    • EPSS Score: %1.29
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-1247

    Multiple buffer overflows in H-Sphere WebShell 2.3 allow remote attackers to execute arbitrary code via (1) a long URL content type in CGI::readFile, (2) a long path in diskusage, and (3) a long fname in flist.... Read more

    Affected Products : h-sphere
    • EPSS Score: %52.93
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-1269

    AN HTTP 1.41e allows remote attackers to obtain the root web server path via an HTTP request with a long argument to a script, which leaks the path in an error message.... Read more

    Affected Products : an-http
    • EPSS Score: %0.35
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-1375

    Buffer overflow in wall for HP-UX 10.20 through 11.11 may allow local users to execute arbitrary code by calling wall with a large file as an argument.... Read more

    Affected Products : hp-ux
    • EPSS Score: %0.20
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2003-1287

    Sambar Server before 6.0 beta 3 allows attackers with physical access to execute arbitrary code via a request with an MS-DOS device name such as com1.pl, con.pl, or aux.pl, which causes Perl to read the code from the associated device.... Read more

    Affected Products : sambar_server
    • EPSS Score: %0.14
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-1005

    The PKI functionality in Mac OS X 10.2.8 and 10.3.2 allows remote attackers to cause a denial of service (service crash) via malformed ASN.1 sequences.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • EPSS Score: %0.76
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 6.8

    MEDIUM
    CVE-2003-1373

    Directory traversal vulnerability in auth.php for PhpBB 1.4.0 through 1.4.4 allows remote attackers to read and include arbitrary files via .. (dot dot) sequences followed by NULL (%00) characters in CGI parameters, as demonstrated using the lang paramete... Read more

    Affected Products : phpbb
    • EPSS Score: %0.14
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-1291

    VMware ESX Server 1.5.2 before Patch 4 allows local users to execute arbitrary programs as root via certain modified VMware ESX Server environment variables.... Read more

    Affected Products : esx
    • EPSS Score: %0.04
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-1359

    Buffer overflow in stmkfont utility of HP-UX 10.0 through 11.22 allows local users to gain privileges via a long command line argument.... Read more

    Affected Products : hp-ux predictive_dialer_system
    • EPSS Score: %0.14
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-1300

    Baby FTP Server (BabyFTP) 1.2, and possibly other versions before May 31, 2003, allows remote attackers to cause a denial of service via a large number of connections from the same IP address, which triggers an access violation.... Read more

    Affected Products : baby_ftp_server
    • EPSS Score: %0.89
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2003-1306

    Microsoft URLScan 2.5, with the RemoveServerHeader option enabled, allows remote attackers to obtain sensitive information (server name and version) via an HTTP request that generates certain errors such as 400 "Bad Request," which leak the Server header ... Read more

    Affected Products : urlscan
    • EPSS Score: %0.38
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-1316

    mod.php in eNdonesia 8.2 allows remote attackers to obtain sensitive information via a ' (quote) value in the lng parameter, which reveals the path in an error message. NOTE: The provenance of this information is unknown; the details are obtained solely ... Read more

    Affected Products : endonesia
    • EPSS Score: %0.50
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-2003-1320

    SonicWALL firmware before 6.4.0.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted Internet Key Exchange (IKE) response packets, possibly including (1) a large Security Parameter Index (SPI) field, (2) a... Read more

    Affected Products : firmware
    • EPSS Score: %1.11
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2003-1169

    DATEV Nutzungskontrolle 2.1 and 2.2 has insecure write permissions for critical registry keys, which allows local users to bypass access restrictions by importing NukoInfo values in certain DATEV keys, which disables Nutzungskontrolle.... Read more

    Affected Products : nutzungskontrolle
    • EPSS Score: %0.30
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2003-1339

    Stack-based buffer overflow in eZnet.exe, as used in eZ (a) eZphotoshare, (b) eZmeeting, (c) eZnetwork, and (d) eZshare allows remote attackers to cause a denial of service (crash) or execute arbitrary code, as demonstrated via (1) a long GET request and ... Read more

    Affected Products : ezmeeting
    • EPSS Score: %25.25
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2003-1357

    ProxyView has a default administrator password of Administrator for Embedded Windows NT, which allows remote attackers to gain access.... Read more

    Affected Products : windows_nt proxyview
    • EPSS Score: %0.84
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025
Showing 20 of 291647 Results