Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.3

    MEDIUM
    CVE-2004-0175

    Directory traversal vulnerability in scp for OpenSSH before 3.4p1 allows remote malicious servers to overwrite arbitrary files. NOTE: this may be a rediscovery of CVE-2000-0992.... Read more

    Affected Products : openssh
    • Published: Aug. 18, 2004
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2004-0134

    cpr (libcpr) in SGI IRIX before 6.5.25 allows local users to gain privileges by loading a user provided library while restarting the checkpointed process.... Read more

    Affected Products : irix
    • Published: Aug. 18, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-1724

    The ReadMe First.txt file in PHP-Fusion 4.0 instructs users to set the permissions on the fusion_admin/db_backups directory to world read/write/execute (777), which allows remote attackers to download or view database backups, which have easily guessable ... Read more

    Affected Products : php_fusion
    • Published: Aug. 18, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-0523

    Multiple buffer overflows in krb5_aname_to_localname for MIT Kerberos 5 (krb5) 1.3.3 and earlier allow remote attackers to execute arbitrary code as root.... Read more

    • Published: Aug. 18, 2004
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2004-0517

    Unknown vulnerability in Mac OS X 10.3.4, related to "handling of process IDs during package installation," a different vulnerability than CVE-2004-0516.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • Published: Aug. 18, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0518

    Unknown vulnerability in AppleFileServer for Mac OS X 10.3.4, related to "the use of SSH and reporting errors," has unknown impact and attack vectors.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • Published: Aug. 18, 2004
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2004-0516

    Unknown vulnerability in Mac OS X 10.3.4, related to "package installation scripts," a different vulnerability than CVE-2004-0517.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • Published: Aug. 18, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0232

    Multiple format string vulnerabilities in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code.... Read more

    • Published: Aug. 18, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0230

    TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use lo... Read more

    • Published: Aug. 18, 2004
    • Modified: May. 02, 2025

  • 3.6

    LOW
    CVE-2004-0435

    Certain "programming errors" in the msync system call for FreeBSD 5.2.1 and earlier, and 4.10 and earlier, do not properly handle the MS_INVALIDATE operation, which leads to cache consistency problems that allow a local user to prevent certain changes to ... Read more

    Affected Products : freebsd
    • Published: Aug. 18, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-0630

    The uudecoding feature in Adobe Acrobat Reader 5.0.5 and 5.0.6 for Unix and Linux, and possibly other versions including those before 5.0.9, allows remote attackers to execute arbitrary code via shell metacharacters ("`" or backtick) in the filename of th... Read more

    Affected Products : acrobat_reader
    • Published: Aug. 18, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-0757

    Heap-based buffer overflow in the SendUidl in the POP3 capability for Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, may allow remote POP3 mail servers to execute arbitrary code.... Read more

    Affected Products : firefox thunderbird mozilla
    • Published: Aug. 18, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-1718

    The ZwOpenSection function in Integrity Protection Driver (IPD) 1.4 and earlier allows local users to cause a denial of service (crash) via an invalid pointer in the "oa" argument.... Read more

    Affected Products : integrity_protection_driver
    • Published: Aug. 17, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-1721

    The (1) function.php or (2) function.view.php scripts in Merak Mail Server 5.2.7 allow remote attackers to read arbitrary PHP files via a direct HTTP request to port 32000.... Read more

    Affected Products : mail_server
    • Published: Aug. 17, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-1722

    SQL injection vulnerability in calendar.html in Merak Mail Server 5.2.7 allows remote attackers to execute arbitrary SQL statements via the schedule parameter.... Read more

    Affected Products : mail_server
    • Published: Aug. 17, 2004
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2004-1719

    Multiple cross-site scripting (XSS) vulnerabilities in Merak Webmail Server 5.2.7 allow remote attackers to inject arbitrary web script or HTML via the (1) category, (2) cserver, (3) ext, (4) global, (5) showgroups, (6) or showlite parameters to address.h... Read more

    Affected Products : mail_server
    • Published: Aug. 17, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-1720

    The (1) address.html and possibly (2) calendar.html pages in Merak Mail Server 5.2.7 allow remote attackers to gain sensitive information via an invalid HTTP request, which reveals the installation path. NOTE: it is unclear whether the calendar.html is an... Read more

    Affected Products : mail_server
    • Published: Aug. 17, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-1737

    SQL injection vulnerability in auth_login.php in Cacti 0.8.5a allows remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username or (2) password parameters.... Read more

    Affected Products : linux cacti
    • Published: Aug. 16, 2004
    • Modified: Apr. 03, 2025

  • 6.8

    MEDIUM
    CVE-2004-1716

    Cross-site scripting (XSS) vulnerability in PForum before 1.26 allows remote attackers to inject arbitrary web script or HTML via the (1) IRC Server or (2) AIM ID fields in the user profile.... Read more

    Affected Products : pforum
    • Published: Aug. 16, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-1717

    Multiple buffer overflows in the psscan function in ps.c for gv (ghostview) allow remote attackers to execute arbitrary code via a Postscript file with a long (1) BoundingBox, (2) comment, (3) Orientation, (4) PageOrder, or (5) Pages value.... Read more

    Affected Products : gv
    • Published: Aug. 16, 2004
    • Modified: Apr. 03, 2025
Showing 20 of 293186 Results