Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.4

    MEDIUM
    CVE-2002-1425

    Directory traversal vulnerability in munpack in mpack 1.5 and earlier allows remote attackers to create new files in the parent directory via a ../ (dot-dot) sequence in the filename to be extracted.... Read more

    Affected Products : mpack
    • EPSS Score: %1.79
    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1424

    Buffer overflow in munpack in mpack 1.5 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code.... Read more

    Affected Products : mpack
    • EPSS Score: %2.17
    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-0690

    Format string vulnerability in McAfee Security ePolicy Orchestrator (ePO) 2.5.1 allows remote attackers to execute arbitrary code via an HTTP GET request with a URI containing format strings.... Read more

    Affected Products : epolicy_orchestrator
    • EPSS Score: %17.82
    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1438

    The web handler for Perl 5.003 on Novell NetWare 5.1 and NetWare 6 allows remote attackers to obtain Perl version information via the -v option.... Read more

    Affected Products : netware netware
    • EPSS Score: %0.86
    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025

  • 6.8

    MEDIUM
    CVE-2002-1434

    Multiple cross-site scripting (XSS) vulnerabilities in the Web mail module of Kerio MailServer 5.0 allow remote attackers to execute HTML script as other users via certain URLs.... Read more

    Affected Products : kerio_mailserver
    • EPSS Score: %0.88
    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1435

    class.atkdateattribute.js.php in Achievo 0.7.0 through 0.9.1, except 0.8.2, allows remote attackers to execute arbitrary PHP code when the 'allow_url_fopen' setting is enabled via a URL in the config_atkroot parameter that points to the code.... Read more

    Affected Products : achievo
    • EPSS Score: %5.77
    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1415

    Format string vulnerability in SMTP service for WebEasyMail 3.4.2.2 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format strings in SMTP requests.... Read more

    Affected Products : webeasymail
    • EPSS Score: %1.87
    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1427

    The print_html_to_file function in edit.cgi for Easy Homepage Creator 1.0 does not check user credentials, which allows remote attackers to modify home pages of other users.... Read more

    • EPSS Score: %3.06
    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1410

    Easy Guestbook CGI programs do not authenticate the administrator, which allows remote attackers to (1) delete entries via direct access of admin.cgi, or (2) reconfigure Guestbook via direct access of config.cgi.... Read more

    • EPSS Score: %11.51
    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025

  • 7.8

    HIGH
    CVE-2002-1426

    HP ProCurve Switch 4000M C.07.23 allows remote attackers to cause a denial of service (crash) via an SNMP write request containing 85 characters, possibly triggering a buffer overflow.... Read more

    Affected Products : procurve_switch_4000m
    • EPSS Score: %10.93
    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1430

    Unknown vulnerability in Sympoll 1.2 allows remote attackers to read arbitrary files when register_globals is enabled, possibly by modifying certain PHP variables through URL parameters.... Read more

    Affected Products : sympoll
    • EPSS Score: %0.52
    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1422

    admbrowse.php in FUDforum before 2.2.0 allows remote attackers to create or delete files via URL-encoded pathnames in the cur and dest parameters.... Read more

    Affected Products : fudforum
    • EPSS Score: %6.34
    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1411

    Directory traversal vulnerability in update.dpgs in Duma Photo Gallery System (DPGS) 0.99.4 allows remote attackers to read arbitrary files via .. (dot dot) sequences in the id parameter.... Read more

    Affected Products : photo_gallery_system
    • EPSS Score: %0.27
    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1443

    The Google toolbar 1.1.58 and earlier allows remote web sites to monitor a user's input into the toolbar via an "onkeydown" event handler.... Read more

    Affected Products : toolbar
    • EPSS Score: %0.38
    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1442

    The Google toolbar 1.1.58 and earlier allows remote web sites to perform unauthorized toolbar operations including script execution and file reading in other zones such as "My Computer" by opening a window to tools.google.com or the res: protocol, then us... Read more

    Affected Products : toolbar
    • EPSS Score: %0.68
    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1421

    SQL injection vulnerabilities in FUDforum before 2.2.0 allow remote attackers to perform unauthorized database operations via (1) report.php, (2) selmsg.php, and (3) showposts.php.... Read more

    Affected Products : fudforum
    • EPSS Score: %0.73
    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1416

    The POP3 service for WebEasyMail 3.4.2.2 and earlier generates diffferent error messages for valid and invalid usernames during authentication, which makes it easier for remote attackers to conduct brute force attacks.... Read more

    Affected Products : webeasymail
    • EPSS Score: %0.62
    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-1409

    ptrace on HP-UX 11.00 through 11.11 allows local users to cause a denial of service (data page fault panic) via "an incorrect reference to thread register state."... Read more

    Affected Products : hp-ux
    • EPSS Score: %0.10
    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-1406

    Unknown vulnerability in passwd for VVOS HP-UX 11.04, with unknown impact, related to "Unexpected behavior."... Read more

    Affected Products : hp-ux
    • EPSS Score: %0.06
    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1433

    Kerio MailServer 5.0 allows remote attackers to cause a denial of service (hang) via SYN packets to the supported network services.... Read more

    Affected Products : kerio_mailserver
    • EPSS Score: %0.74
    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025
Showing 20 of 291158 Results