Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2003-1548

    MyABraCaDaWeb 1.0.2 and earlier allows remote attackers to obtain sensitive information via an invalid IDAdmin or other parameter, which reveals the installation path in an error message.... Read more

    Affected Products : myabracadaweb
    • EPSS Score: %6.42
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2003-1554

    Cross-site scripting (XSS) vulnerability in scozbook/add.php in ScozNet ScozBook 1.1 BETA allows remote attackers to inject arbitrary web script or HTML via the (1) username, (2) useremail, (3) aim, (4) msn, (5) sitename and (6) siteaddy variables.... Read more

    Affected Products : scozbook
    • EPSS Score: %0.48
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2003-1536

    Multiple cross-site scripting (XSS) vulnerabilities in Codeworx Technologies DCP-Portal 5.3.1 allow remote attackers to inject arbitrary web script or HTML via (1) the q parameter to search.php and (2) the year parameter to calendar.php.... Read more

    Affected Products : dcp-portal
    • EPSS Score: %0.58
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2003-1418

    Apache HTTP Server 1.3.22 through 1.3.27 on OpenBSD allows remote attackers to obtain sensitive information via (1) the ETag header, which reveals the inode number, or (2) multipart MIME boundary, which reveals child process IDs (PID).... Read more

    Affected Products : http_server
    • EPSS Score: %0.30
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2003-1397

    The PluginContext object of Opera 6.05 and 7.0 allows remote attackers to cause a denial of service (crash) via an HTTP request containing a long string that gets passed to the ShowDocument method.... Read more

    Affected Products : opera_browser
    • EPSS Score: %5.16
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 4.0

    MEDIUM
    CVE-2003-1331

    Stack-based buffer overflow in the mysql_real_connect function in the MySql client library (libmysqlclient) 4.0.13 and earlier allows local users to execute arbitrary code via a long socket name, a different vulnerability than CVE-2001-1453.... Read more

    Affected Products : mysql
    • EPSS Score: %1.18
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 7.6

    HIGH
    CVE-2003-1319

    Multiple buffer overflows in SmartFTP 1.0.973, and other versions before 1.0.976, allow remote attackers to execute arbitrary code via (1) a long response to a PWD command, which triggers a stack-based overflow, and (2) a long line in a response to a file... Read more

    Affected Products : smartftp
    • EPSS Score: %27.15
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 3.6

    LOW
    CVE-2003-1460

    Worker Filemanager 1.0 through 2.7 sets the permissions on the destination directory to world-readable and executable while copying data, which could allow local users to obtain sensitive information.... Read more

    Affected Products : worker_filemanager
    • EPSS Score: %0.04
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-1383

    WEB-ERP 0.1.4 and earlier allows remote attackers to obtain sensitive information via an HTTP request for the logicworks.ini file, which contains the MySQL database username and password.... Read more

    Affected Products : web_erp
    • EPSS Score: %0.66
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-1274

    Winamp 3.0 allows remote attackers to cause a denial of service (crash) via .b4s file with a file: argument to the Playstring parameter that contains MS-DOS device names such as aux.... Read more

    Affected Products : winamp
    • EPSS Score: %0.66
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2003-1531

    Cross-site scripting (XSS) vulnerability in testcgi.exe in Lilikoi Software Ceilidh 2.70 and earlier allows remote attackers to inject arbitrary web script or HTML via the query string.... Read more

    Affected Products : ceilidh
    • EPSS Score: %0.52
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2003-1273

    Winamp 3.0 allows remote attackers to cause a denial of service (crash) via a .b4s file with a playlist name that contains some non-English characters, e.g. Cyrillic characters.... Read more

    Affected Products : winamp
    • EPSS Score: %0.23
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 6.8

    MEDIUM
    CVE-2003-1459

    Multiple PHP remote file inclusion vulnerabilities in ttCMS 2.2 and ttForum allow remote attackers to execute arbitrary PHP code via the (1) template parameter in News.php or (2) installdir parameter in install.php.... Read more

    Affected Products : ttforum ttcms
    • EPSS Score: %2.90
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-1435

    SQL injection vulnerability in PHP-Nuke 5.6 and 6.0 allows remote attackers to execute arbitrary SQL commands via the days parameter to the search module.... Read more

    Affected Products : php-nuke
    • EPSS Score: %0.02
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 7.8

    HIGH
    CVE-2003-1464

    Buffer overflow in Siemens 45 series mobile phones allows remote attackers to cause a denial of service (disconnect and unavailable inbox) via a Short Message Service (SMS) message with a long image name.... Read more

    Affected Products : m45 s45
    • EPSS Score: %0.72
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-1462

    mod_survey 3.0.0 through 3.0.15-pre6 does not check whether a survey exists before creating a subdirectory for it, which allows remote attackers to cause a denial of service (disk consumption and possible crash).... Read more

    Affected Products : mod_survey
    • EPSS Score: %0.73
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2003-1553

    Haakon Nilsen Simple Internet Publishing System (SIPS) 0.2.2 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain password and other user information via a direct request to a user-speci... Read more

    Affected Products : sips
    • EPSS Score: %2.96
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-1228

    Buffer overflow in the prepare_reply function in request.c for Mathopd 1.2 through 1.5b13, and possibly earlier versions, allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via an HTTP request with a lo... Read more

    Affected Products : mathopd
    • EPSS Score: %12.37
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-1341

    The default installation of Trend Micro OfficeScan 3.0 through 3.54 and 5.x allows remote attackers to bypass authentication from cgiChkMasterPasswd.exe and gain access to the web management console via a direct request to cgiMasterPwd.exe.... Read more

    Affected Products : officescan virus_buster
    • EPSS Score: %6.13
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-1125

    Unknown vulnerability in ns-ldapd for Sun ONE Directory Server 4.16, 5.0, and 5.1 allows LDAP clients to cause a denial of service (service halt).... Read more

    Affected Products : one_directory_server
    • EPSS Score: %0.56
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025
Showing 20 of 292212 Results