Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.8

    MEDIUM
    CVE-2004-0271

    Multiple cross-site scripting vulnerabilities (XSS) in MaxWebPortal allow remote attackers to execute arbitrary web script as other users via (1) the sub_name parameter of dl_showall.asp, (2) the SendTo parameter in Personal Messages, (3) the HTTP_REFERER... Read more

    Affected Products : maxwebportal
    • Published: Nov. 23, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0245

    Web Crossing 4.x and 5.x allows remote attackers to cause a denial of service (crash) by sending a HTTP POST request with a large or negative Content-Length, which causes an integer divide-by-zero.... Read more

    Affected Products : web_crossing
    • Published: Nov. 23, 2004
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2004-0312

    Linksys WAP55AG 1.07 allows remote attackers with access to an SNMP read only community string to gain access to read/write communtiy strings via a query for OID 1.3.6.1.4.1.3955.2.1.13.1.2.... Read more

    Affected Products : wap55ag
    • Published: Nov. 23, 2004
    • Modified: Apr. 03, 2025

  • 6.8

    MEDIUM
    CVE-2004-0251

    Cross-site scripting (XSS) vulnerability in rxgoogle.cgi allows remote attackers to execute arbitrary script as other users via the query parameter.... Read more

    Affected Products : rxgoogle.cgi
    • Published: Nov. 23, 2004
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2004-0344

    Directory traversal vulnerability in ModifyMessage.php in YaBB SE 1.5.4 through 1.5.5b allows remote attackers to delete arbitrary files via a .. (dot dot) in the attachOld parameter.... Read more

    Affected Products : yabb
    • Published: Nov. 23, 2004
    • Modified: Apr. 03, 2025

  • 6.8

    MEDIUM
    CVE-2004-0339

    Cross-site scripting (XSS) vulnerability in ViewTopic.php in phpBB, possibly 2.0.6c and earlier, allows remote attackers to execute arbitrary script or HTML as other users via the postorder parameter.... Read more

    Affected Products : phpbb
    • Published: Nov. 23, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0335

    LAN SUITE Web Mail 602Pro, when configured to use the "Directory browsing" feature, allows remote attackers to obtain a directory listing via an HTTP request to (1) index.html, (2) cgi-bin/, or (3) users/.... Read more

    Affected Products : 602pro_lan_suite
    • Published: Nov. 23, 2004
    • Modified: Apr. 03, 2025

  • 6.8

    MEDIUM
    CVE-2004-0359

    Cross-site scripting (XSS) vulnerability in index.php for Invision Power Board 1.3 final allows remote attackers to execute arbitrary script as other users via the (1) c, (2) f, (3) showtopic, (4) showuser, or (5) username parameters.... Read more

    Affected Products : invision_board
    • Published: Nov. 23, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-0343

    Multiple SQL injection vulnerabilities in YaBB SE 1.5.4 through 1.5.5b allow remote attackers to execute arbitrary SQL via (1) the msg parameter in ModifyMessage.php or (2) the postid parameter in ModifyMessage.php.... Read more

    Affected Products : yabb
    • Published: Nov. 23, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0355

    Invision Power Board 1.3 Final allows remote attackers to gain sensitive information by selecting a file for "Personal Photo" that is not an image file, which displays the installation path in an error message.... Read more

    Affected Products : invision_board
    • Published: Nov. 23, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-0330

    Buffer overflow in Serv-U ftp before 5.0.0.4 allows remote authenticated users to execute arbitrary code via a long time zone argument to the MDTM command.... Read more

    Affected Products : serv-u_file_server
    • Published: Nov. 23, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-0356

    Stack-based buffer overflow in Supervisor Report Center in SL Mail Pro 2.0.9 and earlier allows remote attackers to execute arbitrary code via an HTTP request with a long HTTP sub-version.... Read more

    Affected Products : slmail_pro
    • Published: Nov. 23, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0316

    Buffer overflow in Avirt Soho 4.3 allows remote attackers to cause a denial of service (crash) via (1) a large GET request to port 1080 or (2) a large GET request of % characters to port 8080.... Read more

    Affected Products : avirt_soho
    • Published: Nov. 23, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-0350

    SpiderSales shopping cart does not enforce a minimum length for the private key, which can make it easier for local users to obtain the private key by factoring.... Read more

    Affected Products : spidersales
    • Published: Nov. 23, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-0338

    SQL injection vulnerability in search.php for Invision Board Forum allows remote attackers to execute arbitrary SQL queries via the st parameter.... Read more

    Affected Products : invision_board
    • Published: Nov. 23, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-0326

    Buffer overflow in the web proxy for GateKeeper Pro 4.7 allows remote attackers to execute arbitrary code via a long GET request.... Read more

    Affected Products : professional_gatekeeper
    • Published: Nov. 23, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-0315

    Buffer overflow in Avirt Voice 4.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long GET request on port 1080.... Read more

    Affected Products : voice
    • Published: Nov. 23, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-0320

    Unknown vulnerability in nCipher Hardware Security Modules (HSM) 1.67.x through 1.99.x allows local users to access secrets stored in the module's run-time memory via certain sequences of commands.... Read more

    Affected Products : nshield
    • Published: Nov. 23, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0296

    TsFtpSrv.exe in Broker FTP 6.1.0.0 allows remote attackers to cause a TsFtpSrv.exe to exit with an exception by opening and immediately closing a connection.... Read more

    Affected Products : broker_ftp_server
    • Published: Nov. 23, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-0357

    Stack-based buffer overflows in SL Mail Pro 2.0.9 allow remote attackers to execute arbitrary code via (1) user.dll, (2) loadpageadmin.dll or (3) loadpageuser.dll.... Read more

    Affected Products : slmail_pro
    • Published: Nov. 23, 2004
    • Modified: Apr. 03, 2025
Showing 20 of 293545 Results