Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.6

    MEDIUM
    CVE-2003-0641

    WatchGuard ServerLock for Windows 2000 before SL 2.0.3 allows local users to load arbitrary modules via the OpenProcess() function, as demonstrated using (1) a DLL injection attack, (2) ZwSetSystemInformation, and (3) API hooking in OpenProcess.... Read more

    Affected Products : serverlock
    • EPSS Score: %0.08
    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0647

    Buffer overflow in the HTTP server for Cisco IOS 12.2 and earlier allows remote attackers to execute arbitrary code via an extremely long (2GB) HTTP GET request.... Read more

    Affected Products : ios
    • EPSS Score: %12.36
    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2003-0645

    man-db 2.3.12 and 2.3.18 to 2.4.1 uses certain user-controlled DEFINE directives from the ~/.manpath file, even when running setuid, which could allow local users to gain privileges.... Read more

    Affected Products : man
    • EPSS Score: %0.16
    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2003-0617

    mindi 0.58 and earlier does not properly create temporary files, which allows local users to overwrite arbitrary files.... Read more

    Affected Products : mindi
    • EPSS Score: %0.06
    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0616

    Format string vulnerability in ePO service for McAfee ePolicy Orchestrator 2.0, 2.5, and 2.5.1 allows remote attackers to execute arbitrary code via a POST request with format strings in the computerlist parameter, which are used when logging a failed nam... Read more

    Affected Products : epolicy_orchestrator
    • EPSS Score: %1.96
    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2003-0615

    Cross-site scripting (XSS) vulnerability in start_form() of CGI.pm allows remote attackers to insert web script via a URL that is fed into the form's action parameter.... Read more

    Affected Products : debian_linux openpkg cgi.pm
    • EPSS Score: %7.25
    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2003-0611

    Multiple buffer overflows in xtokkaetama 1.0 allow local users to gain privileges via a long (1) -display command line argument or (2) XTOKKAETAMADIR environment variable.... Read more

    Affected Products : xtokkaetama
    • EPSS Score: %0.19
    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2003-0652

    Buffer overflow in xtokkaetama allows local users to gain privileges via a long -nickname command line argument, a different vulnerability than CVE-2003-0611.... Read more

    Affected Products : xtokkaetama
    • EPSS Score: %0.08
    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2003-0599

    Unknown vulnerability in the Virtual File System (VFS) capability for phpGroupWare 0.9.16preRC and versions before 0.9.14.004 with unknown implications, related to the VFS path being under the web document root.... Read more

    Affected Products : phpgroupware
    • EPSS Score: %0.46
    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 3.6

    LOW
    CVE-2003-0596

    FDclone 2.00a, and other versions before 2.02a, creates temporary directories with predictable names and uses them if they already exist, which allows local users to read or modify files of other fdclone users by creating the directory ahead of time.... Read more

    Affected Products : fdclone
    • EPSS Score: %0.11
    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0562

    Buffer overflow in the CGI2PERL.NLM PERL handler in Novell Netware 5.1 and 6.0 allows remote attackers to cause a denial of service (ABEND) via a long input string.... Read more

    Affected Products : netware
    • EPSS Score: %9.90
    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0549

    The X Display Manager Control Protocol (XDMCP) support for GDM before 2.4.1.6 allows attackers to cause a denial of service (daemon crash) via a short authorization key name.... Read more

    • EPSS Score: %0.60
    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2003-0547

    GDM before 2.4.1.6, when using the "examine session errors" feature, allows local users to read arbitrary files via a symlink attack on the ~/.xsession-errors file.... Read more

    Affected Products : gdm kdebase
    • EPSS Score: %0.11
    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0632

    Buffer overflow in the Oracle Applications Web Report Review (FNDWRR) CGI program (FNDWRR.exe) of Oracle E-Business Suite 11.0 and 11.5.1 through 11.5.8 may allow remote attackers to execute arbitrary code via a long URL.... Read more

    Affected Products : e-business_suite applications
    • EPSS Score: %2.82
    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0187

    The connection tracking core of Netfilter for Linux 2.4.20, with CONFIG_IP_NF_CONNTRACK enabled or the ip_conntrack module loaded, allows remote attackers to cause a denial of service (resource consumption) due to an inconsistency with Linux 2.4.20's supp... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.66
    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0525

    The getCanonicalPath function in Windows NT 4.0 may free memory that it does not own and cause heap corruption, which allows attackers to cause a denial of service (crash) via requests that cause a long file name to be passed to getCanonicalPath, as demon... Read more

    Affected Products : windows_nt
    • EPSS Score: %4.45
    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2003-0670

    Sustworks IPNetSentryX and IPNetMonitorX allow local users to sniff network packets via the setuid helper applications (1) RunTCPDump, which calls tcpdump, and (2) RunTCPFlow, which calls tcpflow.... Read more

    Affected Products : ipnetmonitorx ipnetsentryx
    • EPSS Score: %0.09
    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0512

    Cisco IOS 12.2 and earlier generates a "% Login invalid" message instead of prompting for a password when an invalid username is provided, which allows remote attackers to identify valid usernames on the system and conduct brute force password guessing, a... Read more

    Affected Products : ios
    • EPSS Score: %1.67
    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0650

    Directory traversal vulnerability in GSAPAK.EXE for GameSpy Arcade, possibly versions before 1.3e, allows remote attackers to overwrite arbitrary files and execute arbitrary code via .. (dot dot) sequences in filenames in a .APK (Zip) file.... Read more

    Affected Products : arcade
    • EPSS Score: %6.03
    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0634

    Stack-based buffer overflow in the PL/SQL EXTPROC functionality for Oracle9i Database Release 2 and 1, and Oracle 8i, allows authenticated database users, and arbitrary database users in some cases, to execute arbitrary code via a long library name.... Read more

    Affected Products : oracle8i oracle9i
    • EPSS Score: %2.65
    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025
Showing 20 of 291255 Results