Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2003-0748

    Directory traversal vulnerability in wgate.dll for SAP Internet Transaction Server (ITS) 4620.2.0.323011 allows remote attackers to read arbitrary files via ..\ (dot-dot backslash) sequences in the ~theme parameter and a ~template parameter with a filenam... Read more

    Affected Products : internet_transaction_server
    • EPSS Score: %6.86
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2003-0740

    Stunnel 4.00, and 3.24 and earlier, leaks a privileged file descriptor returned by listen(), which allows local users to hijack the Stunnel server.... Read more

    Affected Products : stunnel
    • EPSS Score: %0.12
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0689

    The getgrouplist function in GNU libc (glibc) 2.2.4 and earlier allows attackers to cause a denial of service (segmentation fault) and execute arbitrary code when a user is a member of a large number of groups, which can cause a buffer overflow.... Read more

    Affected Products : enterprise_linux
    • EPSS Score: %0.89
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0661

    The NetBT Name Service (NBNS) for NetBIOS in Windows NT 4.0, 2000, XP, and Server 2003 may include random memory in a response to a NBNS query, which could allow remote attackers to obtain sensitive information.... Read more

    • EPSS Score: %23.80
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0730

    Multiple integer overflows in the font libraries for XFree86 4.3.0 allow local or remote attackers to cause a denial of service or execute arbitrary code via heap-based and stack-based buffer overflow attacks.... Read more

    Affected Products : netbsd x11r6
    • EPSS Score: %5.66
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0688

    The DNS map code in Sendmail 8.12.8 and earlier, when using the "enhdnsbl" feature, does not properly initialize certain data structures, which allows remote attackers to cause a denial of service (process crash) via an invalid DNS response that causes Se... Read more

    Affected Products : freebsd openbsd sendmail irix tru64 sendmail
    • EPSS Score: %1.71
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0750

    secure.php in PY-Membres 4.2 and earlier allows remote attackers to bypass authentication by setting the adminpy parameter.... Read more

    Affected Products : py-membres
    • EPSS Score: %0.34
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2003-0755

    Buffer overflow in sys_cmd.c for gtkftpd 1.0.4 and earlier allows remote attackers to execute arbitrary code by creating long directory names and listing them with a LIST command.... Read more

    Affected Products : gtkftp
    • EPSS Score: %4.46
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0752

    SQL injection vulnerability in global.php3 of AttilaPHP 3.0, and possibly earlier versions, allows remote attackers to bypass authentication via a modified cook_id parameter.... Read more

    Affected Products : attilaphp
    • EPSS Score: %0.68
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0747

    wgate.dll in SAP Internet Transaction Server (ITS) 4620.2.0.323011 allows remote attackers to obtain potentially sensitive information such as directory structure and operating system via incorrect parameters (1) ~service, (2) ~templatelanguage, (3) ~lang... Read more

    Affected Products : internet_transaction_server
    • EPSS Score: %6.86
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2003-0745

    SNMPc 6.0.8 and earlier performs authentication to the server on the client side, which allows remote attackers to gain privileges by decrypting the password that is returned by the server.... Read more

    Affected Products : snmpc
    • EPSS Score: %0.87
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2003-0739

    VMware Workstation 4.0.1 for Linux, build 5289 and earlier, allows local users to delete arbitrary files via a symlink attack.... Read more

    Affected Products : workstation
    • EPSS Score: %0.07
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0665

    Buffer overflow in the ActiveX control for Microsoft Access Snapshot Viewer for Access 97, 2000, and 2002 allows remote attackers to execute arbitrary code via long parameters to the control.... Read more

    Affected Products : access
    • EPSS Score: %35.65
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0729

    Buffer overflow in Tellurian TftpdNT 1.8 allows remote attackers to execute arbitrary code via a TFTP request with a long filename.... Read more

    Affected Products : tftpdnt
    • EPSS Score: %5.39
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0753

    nphpd.php in newsPHP 216 and earlier allows remote attackers to read arbitrary files via a full pathname to the target file in the nphp_config[LangFile] parameter.... Read more

    Affected Products : newsphp
    • EPSS Score: %0.59
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2003-0727

    Multiple buffer overflows in the XML Database (XDB) functionality for Oracle 9i Database Release 2 allow local users to cause a denial of service or hijack user sessions.... Read more

    Affected Products : database_server
    • EPSS Score: %85.76
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0735

    SQL injection vulnerability in the Calendar module of phpWebSite 0.9.x and earlier allows remote attackers to execute arbitrary SQL queries, as demonstrated using the year parameter.... Read more

    Affected Products : phpwebsite
    • EPSS Score: %1.05
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2003-1062

    Unknown vulnerability in the sysinfo system call for Solaris for SPARC 2.6 through 9, and Solaris for x86 2.6, 7, and 8, allows local users to read kernel memory.... Read more

    Affected Products : solaris sunos
    • EPSS Score: %0.06
    • Published: Oct. 15, 2003
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2003-1061

    Race condition in Solaris 2.6 through 9 allows local users to cause a denial of service (kernel panic), as demonstrated via the namefs function, pipe, and certain STREAMS routines.... Read more

    Affected Products : solaris sunos
    • EPSS Score: %0.06
    • Published: Oct. 14, 2003
    • Modified: Apr. 03, 2025

  • 9.8

    CRITICAL
    CVE-2003-0791

    The Script.prototype.freeze/thaw functionality in Mozilla 1.4 and earlier allows attackers to execute native methods by modifying the string used as input to the script.thaw JavaScript function, which is then deserialized and executed.... Read more

    Affected Products : mozilla openserver
    • EPSS Score: %1.15
    • Published: Oct. 07, 2003
    • Modified: Apr. 03, 2025
Showing 20 of 291641 Results