Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2004-0393

    Format string vulnerability in the msg function for rlpr daemon (rlprd) 2.0.4 allows remote attackers to execute arbitrary code via format string specifiers in a buffer that can not be resolved, which is provided to the syslog function.... Read more

    Affected Products : rlpr
    • Published: Dec. 06, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-0628

    Stack-based buffer overflow in MySQL 4.1.x before 4.1.3, and 5.0, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long scramble string.... Read more

    Affected Products : mysql
    • Published: Dec. 06, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-0622

    Apple Mac OS X 10.3.4, 10.4, 10.5, and possibly other versions does not properly clear memory for login (aka Loginwindow.app), Keychain, or FileVault passwords, which could allow the root user or an attacker with physical access to obtain sensitive inform... Read more

    Affected Products : mac_os_x
    • Published: Dec. 06, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-1083

    Apache for Apple Mac OS X 10.2.8 and 10.3.6 restricts access to files in a case sensitive manner, but the Apple HFS+ filesystem accesses files in a case insensitive manner, which allows remote attackers to read .DS_Store files and files beginning with ".h... Read more

    • Published: Dec. 03, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2003-1208

    Multiple buffer overflows in Oracle 9i 9 before 9.2.0.3 allow local users to execute arbitrary code by (1) setting the TIME_ZONE session parameter to a long value, or providing long parameters to the (2) NUMTOYMINTERVAL, (3) NUMTODSINTERVAL or (4) FROM_TZ... Read more

    Affected Products : oracle9i
    • Published: Dec. 03, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-1084

    Apache for Apple Mac OS X 10.2.8 and 10.3.6 allows remote attackers to read files and resource fork content via HTTP requests to certain special file names related to multiple data streams in HFS+, which bypass Apache file handles.... Read more

    • Published: Dec. 02, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-1086

    Buffer overflow in PSNormalizer for Apple Mac OS X 10.3.6 allows remote attackers to execute arbitrary code via a crafted PostScript input file.... Read more

    • Published: Dec. 02, 2004
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2004-1089

    Unknown vulnerability in Apple Mac OS X 10.3.6 server, when using Kerberos authentication and Cyrus IMAP allows local users to access mailboxes of other users.... Read more

    • Published: Dec. 02, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-1087

    Terminal for Apple Mac OS X 10.3.6 may indicate that "Secure Keyboard Entry" is enabled even when it is not, which could result in a false sense of security for the user.... Read more

    • Published: Dec. 02, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-1085

    Human Interface Toolbox (HIToolBox) for Apple Mac 0S X 10.3.6 allows local users to exit applications via the force-quit key combination, even when the system is running in kiosk mode.... Read more

    • Published: Dec. 02, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-1088

    Postfix server for Apple Mac OS X 10.3.6, when using CRAM-MD5, allows remote attackers to send mail without authentication by replaying authentication information.... Read more

    • Published: Dec. 02, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-1081

    The Application Framework (AppKit) for Apple Mac OS X 10.2.8 and 10.3.6 does not properly restrict access to a secure text input field, which allows local users to read keyboard input from other applications within the same window session.... Read more

    • Published: Dec. 02, 2004
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2004-1352

    Buffer overflow in the ping daemon of Sun Solaris 7 through 9 may allow local users to execute arbitrary code.... Read more

    Affected Products : solaris sunos
    • Published: Dec. 01, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-1771

    Scalable OGo (SOGo) 1.0 allows remote authenticated users to bypass intended permissions and view private appointments of other users.... Read more

    Affected Products : scalable_ogo
    • Published: Nov. 30, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-0308

    Unknown vulnerability in Cisco ONS 15327 before 4.1(3), ONS 15454 before 4.6(1), ONS 15454 SD before 4.1(3), and Cisco ONS15600 before 1.3(0) allows a superuser whose account is locked out, disabled, or suspended to gain unauthorized access via a Telnet c... Read more

    • Published: Nov. 24, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-0253

    IBM Cloudscape 5.1 running jdk 1.4.2_03 allows remote attackers to execute arbitrary programs or cause a denial of service via certain SQL code, possibly due to a SQL injection vulnerability.... Read more

    Affected Products : cloudscape
    • Published: Nov. 23, 2004
    • Modified: Apr. 03, 2025

  • 6.8

    MEDIUM
    CVE-2004-0254

    Cross-site scripting (XSS) vulnerability in Discuz! Board 2.x and 3.x allows remote attackers to execute arbitrary script as other users via an img tag.... Read more

    Affected Products : discuz
    • Published: Nov. 23, 2004
    • Modified: Apr. 03, 2025

  • 6.8

    MEDIUM
    CVE-2004-0248

    Cross-site scripting vulnerability (XSS) in PHPX 3.2.3 allows remote attackers to execute arbitrary script as other users by injecting arbitrary HTML or script into (1) keywords argument of main.inc.php, (2) body argument of help.inc.php, or (3) the subje... Read more

    Affected Products : phpx
    • Published: Nov. 23, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-0290

    Buffer overflow in Purge Jihad 2.0.1 and earlier allows remote game servers to execute arbitrary code via an information packet that contains large (1) battle type and (2) map name fields.... Read more

    Affected Products : purge purge_jihad
    • Published: Nov. 23, 2004
    • Modified: Apr. 03, 2025

  • 6.8

    MEDIUM
    CVE-2004-0301

    Cross-site scripting (XSS) vulnerability in more.php for Online Store Kit 3.0 allows remote attackers to inject arbitrary HTML via the id parameter.... Read more

    Affected Products : store_kit
    • Published: Nov. 23, 2004
    • Modified: Apr. 03, 2025
Showing 20 of 293612 Results