Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2003-0662

    Buffer overflow in Troubleshooter ActiveX Control (Tshoot.ocx) in Microsoft Windows 2000 SP4 and earlier allows remote attackers to execute arbitrary code via an HTML document with a long argument to the RunQuery2 method.... Read more

    Affected Products : windows_2000
    • EPSS Score: %54.78
    • Published: Nov. 17, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0660

    The Authenticode capability in Microsoft Windows NT through Server 2003 does not prompt the user to download and install ActiveX controls when the system is low on memory, which could allow remote attackers to execute arbitrary code without user approval.... Read more

    • EPSS Score: %29.44
    • Published: Nov. 17, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-0659

    Buffer overflow in a function in User32.dll on Windows NT through Server 2003 allows local users to execute arbitrary code via long (1) LB_DIR messages to ListBox or (2) CB_DIR messages to ComboBox controls in a privileged application.... Read more

    • EPSS Score: %3.66
    • Published: Nov. 17, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0850

    The TCP reassembly functionality in libnids before 1.18 allows remote attackers to cause "memory corruption" and possibly execute arbitrary code via "overlarge TCP packets."... Read more

    Affected Products : dsniff libnids
    • EPSS Score: %2.76
    • Published: Nov. 17, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0843

    Format string vulnerability in mod_gzip_printf for mod_gzip 1.3.26.1a and earlier, and possibly later official versions, when running in debug mode and using the Apache log, allows remote attackers to execute arbitrary code via format string characters in... Read more

    Affected Products : mod_gzip
    • EPSS Score: %1.73
    • Published: Nov. 17, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0870

    Heap-based buffer overflow in Opera 7.11 and 7.20 allows remote attackers to execute arbitrary code via an HREF with a large number of escaped characters in the server name.... Read more

    Affected Products : opera_browser
    • EPSS Score: %11.66
    • Published: Nov. 17, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0845

    Unknown vulnerability in the HSQLDB component in JBoss 3.2.1 and 3.0.8 on Java 1.4.x platforms, when running in the default configuration, allows remote attackers to conduct unauthorized activities and possibly execute arbitrary code via certain SQL state... Read more

    Affected Products : jboss
    • EPSS Score: %16.70
    • Published: Nov. 17, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0863

    The php_check_safe_mode_include_dir function in fopen_wrappers.c of PHP 4.3.x returns a success value (0) when the safe_mode_include_dir variable is not specified in configuration, which differs from the previous failure value and may allow remote attacke... Read more

    Affected Products : php
    • EPSS Score: %2.75
    • Published: Nov. 17, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1568

    OpenSSL 0.9.6e uses assertions when detecting buffer overflow attacks instead of less severe mechanisms, which allows remote attackers to cause a denial of service (crash) via certain messages that cause OpenSSL to abort from a failed assertion, as demons... Read more

    Affected Products : openssl
    • EPSS Score: %0.88
    • Published: Nov. 17, 2003
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2003-0875

    Symbolic link vulnerability in the slpd script slpd.all_init for OpenSLP before 1.0.11 allows local users to overwrite arbitrary files via the route.check temporary file.... Read more

    Affected Products : openslp
    • EPSS Score: %0.24
    • Published: Nov. 17, 2003
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2003-0830

    Buffer overflow in marbles 1.0.2 and earlier allows local users to gain privileges via a long HOME environment variable.... Read more

    Affected Products : marbles
    • EPSS Score: %0.18
    • Published: Nov. 17, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2003-0861

    Integer overflows in (1) base64_encode and (2) the GD library for PHP before 4.3.3 have unknown impact and unknown attack vectors.... Read more

    Affected Products : php
    • EPSS Score: %0.60
    • Published: Nov. 17, 2003
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2003-0848

    Heap-based buffer overflow in main.c of slocate 2.6, and possibly other versions, may allow local users to gain privileges via a modified slocate database that causes a negative "pathlen" value to be used.... Read more

    Affected Products : slocate
    • EPSS Score: %0.29
    • Published: Nov. 17, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0865

    Heap-based buffer overflow in readstring of httpget.c for mpg123 0.59r and 0.59s allows remote attackers to execute arbitrary code via a long request.... Read more

    Affected Products : mpg123
    • EPSS Score: %19.50
    • Published: Nov. 17, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0836

    Stack-based buffer overflow in IBM DB2 Universal Data Base 7.2 before Fixpak 10 and 10a, and 8.1 before Fixpak 2, allows attackers with "Connect" privileges to execute arbitrary code via a LOAD command.... Read more

    Affected Products : db2_universal_database
    • EPSS Score: %1.04
    • Published: Nov. 17, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0809

    Internet Explorer 5.01 through 6.0 does not properly handle object tags returned from a Web server during XML data binding, which allows remote attackers to execute arbitrary code via an HTML e-mail message or web page.... Read more

    Affected Products : internet_explorer ie
    • EPSS Score: %45.45
    • Published: Nov. 17, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1569

    gv 3.5.8, and possibly earlier versions, allows remote attackers to execute arbitrary commands via shell metacharacters in the filename for (1) a PDF file or (2) a gzip file.... Read more

    Affected Products : ghostview gv
    • EPSS Score: %2.51
    • Published: Nov. 17, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0711

    Stack-based buffer overflow in the PCHealth system in the Help and Support Center function in Windows XP and Windows Server 2003 allows remote attackers to execute arbitrary code via a long query in an HCP URL.... Read more

    • EPSS Score: %47.79
    • Published: Nov. 17, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2003-0545

    Double free vulnerability in OpenSSL 0.9.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an SSL client certificate with a certain invalid ASN.1 encoding.... Read more

    Affected Products : openssl
    • EPSS Score: %71.74
    • Published: Nov. 17, 2003
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-1412

    nidump on MacOS X before 10.3 allows local users to read the encrypted passwords from the password file by specifying passwd as a command line argument.... Read more

    Affected Products : mac_os_x
    • EPSS Score: %0.23
    • Published: Nov. 17, 2003
    • Modified: Apr. 03, 2025
Showing 20 of 291741 Results