Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.0

    MEDIUM
    CVE-2003-0904

    Microsoft Exchange 2003 and Outlook Web Access (OWA), when configured to use NTLM authentication, does not properly reuse HTTP connections, which can cause OWA users to view mailboxes of other users when Kerberos has been disabled as an authentication met... Read more

    • EPSS Score: %26.15
    • Published: Jan. 20, 2004
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2003-1025

    Internet Explorer 5.01 through 6 SP1 allows remote attackers to spoof the domain of a URL via a "%01" character before an @ sign in the user@domain portion of the URL, which hides the rest of the URL, including the real site, in the address bar, aka the "... Read more

    Affected Products : internet_explorer
    • EPSS Score: %67.17
    • Published: Jan. 20, 2004
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-0985

    The mremap system call (do_mremap) in Linux kernel 2.4.x before 2.4.21, and possibly other versions before 2.4.24, does not properly perform bounds checks, which allows local users to cause a denial of service and possibly gain privileges by causing a rem... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.66
    • Published: Jan. 20, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-1247

    webadmin.exe in Novell Nsure Audit 1.0.1 allows remote attackers to cause a denial of service via malformed ASN.1 packets in corrupt client certificates to an SSL server, as demonstrated using an exploit for the OpenSSL ASN.1 parsing vulnerability.... Read more

    Affected Products : nsure_audit
    • EPSS Score: %0.30
    • Published: Jan. 15, 2004
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2004-1764

    Buffer overflow in CDE libDtSvc on HP-UX B.11.00, B.11.04, B.11.11, and B.11.22 allows local users to gain root privileges via unknown vectors.... Read more

    Affected Products : hp-ux
    • EPSS Score: %0.08
    • Published: Jan. 14, 2004
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2004-1124

    Unknown vulnerability in chroot on SCO UnixWare 7.1.1 through 7.1.4 allows local users to escape the chroot jail and conduct unauthorized activities.... Read more

    Affected Products : unixware openserver
    • EPSS Score: %0.10
    • Published: Jan. 14, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-1000

    lintian 1.23 and earlier removes the working directory even if it was not created by lintian, which may allow local users to delete arbitrary files or directories via a symlink attack.... Read more

    Affected Products : lintian
    • EPSS Score: %0.06
    • Published: Jan. 10, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0963

    Buffer overflows in (1) try_netscape_proxy and (2) try_squid_eplf for lftp 2.6.9 and earlier allow remote HTTP servers to execute arbitrary code via long directory names that are processed by the ls or rels commands.... Read more

    Affected Products : lftp
    • EPSS Score: %15.43
    • Published: Jan. 05, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-1020

    The format_send_to_gui function in formats.c for irssi before 0.8.9 allows remote IRC users to cause a denial of service (crash).... Read more

    Affected Products : irssi mandrake_linux
    • EPSS Score: %0.54
    • Published: Jan. 05, 2004
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2003-0980

    Cross-site scripting (XSS) vulnerability in FreeScripts VisitorBook LE (visitorbook.pl) allows remote attackers to inject arbitrary HTML or web script via (1) the "do" parameter, (2) via the "user" parameter from a host with a malicious reverse DNS name, ... Read more

    Affected Products : visitorbook
    • EPSS Score: %0.31
    • Published: Jan. 05, 2004
    • Modified: Apr. 03, 2025

  • 7.8

    HIGH
    CVE-2003-1003

    Cisco PIX firewall 5.x.x, and 6.3.1 and earlier, allows remote attackers to cause a denial of service (crash and reload) via an SNMPv3 message when snmp-server is set.... Read more

    • EPSS Score: %0.59
    • Published: Jan. 05, 2004
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2003-0996

    Unknown "System Security Vulnerability" in Computer Associates (CA) Unicenter Remote Control (URC) 6.0 allows attackers to gain privileges via the help interface.... Read more

    Affected Products : unicenter_remote_control_host
    • EPSS Score: %0.06
    • Published: Jan. 05, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-1000

    xchat 2.0.6 allows remote attackers to cause a denial of service (crash) via a passive DCC request with an invalid ID number, which causes a null dereference.... Read more

    Affected Products : xchat
    • EPSS Score: %1.11
    • Published: Jan. 05, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0997

    Unknown "Denial of Service Attack" vulnerability in Computer Associates (CA) Unicenter Remote Control (URC) 6.0 allows attackers to cause a denial of service (CPU consumption in URC host service).... Read more

    Affected Products : unicenter_remote_control_host
    • EPSS Score: %0.42
    • Published: Jan. 05, 2004
    • Modified: Apr. 03, 2025

  • 6.1

    MEDIUM
    CVE-2003-0981

    FreeScripts VisitorBook LE (visitorbook.pl) logs the reverse DNS name of a visiting host, which allows remote attackers to spoof the origin of their incoming requests and facilitate cross-site scripting (XSS) attacks.... Read more

    Affected Products : visitorbook_le
    • EPSS Score: %0.25
    • Published: Jan. 05, 2004
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2003-0998

    Unknown "potential system security vulnerability" in Computer Associates (CA) Unicenter Remote Control 5.0 through 5.2, and ControlIT 5.0 and 5.1, may allow attackers to gain privileges to the local system account.... Read more

    • EPSS Score: %0.06
    • Published: Jan. 05, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-1012

    The SMB dissector in Ethereal before 0.10.0 allows remote attackers to cause a denial of service via a malformed SMB packet that triggers a segmentation fault during processing of Selected packets.... Read more

    Affected Products : linux ethereal
    • EPSS Score: %3.01
    • Published: Jan. 05, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0977

    CVS server before 1.11.10 may allow attackers to cause the CVS server to create directories and files in the file system root directory via malformed module requests.... Read more

    Affected Products : slackware_linux cvs
    • EPSS Score: %1.90
    • Published: Jan. 05, 2004
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2003-0984

    Real time clock (RTC) routines in Linux kernel 2.4.23 and earlier do not properly initialize their structures, which could leak kernel data to user space.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.11
    • Published: Jan. 05, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-1013

    The Q.931 dissector in Ethereal before 0.10.0, and Tethereal, allows remote attackers to cause a denial of service (crash) via a malformed Q.931, which triggers a null dereference.... Read more

    Affected Products : enterprise_linux ethereal
    • EPSS Score: %4.46
    • Published: Jan. 05, 2004
    • Modified: Apr. 03, 2025
Showing 20 of 292504 Results