Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2003-0972

    Integer signedness error in ansi.c for GNU screen 4.0.1 and earlier, and 3.9.15 and earlier, allows local users to execute arbitrary code via a large number of ";" (semicolon) characters in escape sequences, which leads to a buffer overflow.... Read more

    Affected Products : screen
    • EPSS Score: %1.21
    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0940

    Directory traversal vulnerability in sqlfopenc for web-tools in SAP DB before 7.4.03.30 allows remote attackers to read arbitrary files via .. (dot dot) sequences in a URL.... Read more

    Affected Products : sap_db
    • EPSS Score: %0.90
    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0945

    The Web Database Manager in web-tools for SAP DB before 7.4.03.30 generates predictable session IDs, which allows remote attackers to conduct unauthorized activities.... Read more

    Affected Products : sap_db
    • EPSS Score: %0.90
    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-0948

    Buffer overflow in iwconfig allows local users to execute arbitrary code via a long HOME environment variable.... Read more

    Affected Products : wireless_tools
    • EPSS Score: %0.12
    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-0089

    Buffer overflow in the Software Distributor utilities for HP-UX B.11.00 and B.11.11 allows local users to execute arbitrary code via a long LANG environment variable to setuid programs such as (1) swinstall and (2) swmodify.... Read more

    Affected Products : hp-ux
    • EPSS Score: %0.28
    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0943

    web-tools in SAP DB before 7.4.03.30 installs several services that are enabled by default, which could allow remote attackers to obtain potentially sensitive information or redirect attacks against internal databases via (1) waecho, (2) Web SQL Interface... Read more

    Affected Products : sap_db
    • EPSS Score: %0.90
    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2003-0955

    OpenBSD kernel 3.3 and 3.4 allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code in 3.4 via a program with an invalid header that is not properly handled by (1) ibcs2_exec.c in the iBCS2 emulation (compat_ibcs2... Read more

    Affected Products : openbsd
    • EPSS Score: %0.44
    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0946

    Format string vulnerability in clamav-milter for Clam AntiVirus 0.60 through 0.60p, and other versions before 0.65, allows remote attackers to cause a denial of service and possibly execute arbitrary code via format string specifiers in the email address ... Read more

    Affected Products : clamav
    • EPSS Score: %1.96
    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2003-0629

    Cross-site scripting (XSS) vulnerability in PeopleSoft IScript environment for PeopleTools 8.43 and earlier allows remote attackers to insert arbitrary web script via a certain HTTP request to IScript.... Read more

    Affected Products : peopletools
    • EPSS Score: %0.31
    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0939

    eo420_GetStringFromVarPart in veo420.c for SAP database server (SAP DB) 7.4.03.27 and earlier may allow remote attackers to execute arbitrary code via a connect packet with a 256 byte segment to the niserver (aka serv.exe) process on TCP port 7269, which ... Read more

    Affected Products : sap_db
    • EPSS Score: %4.56
    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0975

    Apple Safari 1.0 through 1.1 on Mac OS X 10.3.1 and Mac OS X 10.2.8 allows remote attackers to steal user cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain.... Read more

    Affected Products : mac_os_x mac_os_x_server safari
    • EPSS Score: %0.58
    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0942

    Buffer overflow in Web Agent Administration service in web-tools for SAP DB before 7.4.03.30 allows remote attackers to execute arbitrary code via a long Name parameter to waadmin.wa.... Read more

    Affected Products : sap_db
    • EPSS Score: %3.22
    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0962

    Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail.... Read more

    • EPSS Score: %41.86
    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0812

    Stack-based buffer overflow in a logging function for Windows Workstation Service (WKSSVC.DLL) allows remote attackers to execute arbitrary code via RPC calls that cause long entries to be written to a debug log file ("NetSetup.LOG"), as demonstrated usin... Read more

    Affected Products : windows_2000 windows_xp
    • EPSS Score: %81.92
    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0795

    The vty layer in Quagga before 0.96.4, and Zebra 0.93b and earlier, does not verify that sub-negotiation is taking place when processing the SE marker, which allows remote attackers to cause a denial of service (crash) via a malformed telnet command to th... Read more

    Affected Products : quagga linux propack zebra
    • EPSS Score: %8.01
    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0941

    web-tools in SAP DB before 7.4.03.30 allows remote attackers to access the Web Agent Administration pages and modify configuration via a direct request to waadmin.wa.... Read more

    Affected Products : sap_db
    • EPSS Score: %1.30
    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0976

    NFS Server (XNFS.NLM) for Novell NetWare 6.5 does not properly enforce sys:\etc\exports when hostname aliases from sys:etc\hosts file are used, which could allow users to mount file systems when XNFS should deny the host.... Read more

    Affected Products : netware
    • EPSS Score: %0.26
    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-0947

    Buffer overflow in iwconfig, when installed setuid, allows local users to execute arbitrary code via a long OUT environment variable.... Read more

    Affected Products : wireless_tools
    • EPSS Score: %0.09
    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0951

    Partition Manager (parmgr) in HP-UX B.11.23 does not properly validate certificates that are provided by the cimserver, which allows attackers to obtain sensitive data or gain privileges.... Read more

    Affected Products : hp-ux
    • EPSS Score: %0.36
    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-0936

    Symantec PCAnywhere 10.x and 11, when started as a service, allows attackers to gain SYSTEM privileges via the help interface using AWHOST32.exe.... Read more

    Affected Products : pcanywhere
    • EPSS Score: %0.07
    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025
Showing 20 of 291589 Results