Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2002-1545

    CooolSoft Personal FTP Server 2.24 allows remote attackers to obtain the absolute pathname of the FTP root via a PWD command, which includes the full path in the response.... Read more

    Affected Products : personal_ftp_server
    • EPSS Score: %0.50
    • Published: Mar. 31, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-1548

    Unknown vulnerability in autofs on AIX 4.3.0, when using executable maps, allows attackers to execute arbitrary commands as root, possibly related to "string handling around how the executable map is called."... Read more

    Affected Products : aix
    • EPSS Score: %0.06
    • Published: Mar. 31, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1541

    BadBlue 1.7 allows remote attackers to bypass password protections for directories and files via an HTTP request containing an extra / (slash).... Read more

    Affected Products : badblue
    • EPSS Score: %0.42
    • Published: Mar. 31, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1547

    Netscreen running ScreenOS 4.0.0r6 and earlier allows remote attackers to cause a denial of service via a malformed SSH packet to the Secure Command Shell (SCS) management interface, as demonstrated via certain CRC32 exploits, a different vulnerability th... Read more

    Affected Products : netscreen_screenos
    • EPSS Score: %1.72
    • Published: Mar. 31, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0145

    Unknown vulnerability in tcpdump before 3.7.2 related to an inability to "Handle unknown RADIUS attributes properly," allows remote attackers to cause a denial of service (infinite loop), a different vulnerability than CAN-2003-0093.... Read more

    Affected Products : tcpdump
    • EPSS Score: %1.27
    • Published: Mar. 31, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1530

    The administrative web interface (STEMWADM) for SurfControl SuperScout Email Filter allows users to obtain usernames and plaintext passwords via a request to the userlist.asp program, which includes the passwords in a user editing form.... Read more

    Affected Products : superscout_email_filter
    • EPSS Score: %7.13
    • Published: Mar. 31, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1534

    Macromedia Flash Player allows remote attackers to read arbitrary files via XML script in a .swf file that is hosted on a remote SMB share.... Read more

    Affected Products : flash_player
    • EPSS Score: %0.57
    • Published: Mar. 31, 2003
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2002-1551

    Buffer overflow in nslookup in IBM AIX may allow attackers to cause a denial of service or execute arbitrary code.... Read more

    Affected Products : aix
    • EPSS Score: %0.10
    • Published: Mar. 31, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1552

    Novell eDirectory (eDir) 8.6.2 and Netware 5.1 eDir 85.x allows users with expired passwords to gain inappropriate permissions when logging in from Remote Manager.... Read more

    Affected Products : edirectory
    • EPSS Score: %0.21
    • Published: Mar. 31, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-1537

    admin_ug_auth.php in phpBB 2.0.0 allows local users to gain administrator privileges by directly calling admin_ug_auth.php with modifed form fields such as "u".... Read more

    Affected Products : phpbb
    • EPSS Score: %0.41
    • Published: Mar. 31, 2003
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2002-1543

    Buffer overflow in trek on NetBSD 1.5 through 1.5.3 allows local users to gain privileges via long keyboard input.... Read more

    Affected Products : netbsd
    • EPSS Score: %0.09
    • Published: Mar. 31, 2003
    • Modified: Apr. 03, 2025

  • 5.8

    MEDIUM
    CVE-2002-1533

    Cross-site scripting (XSS) vulnerability in Jetty JSP servlet engine allows remote attackers to insert arbitrary HTML or script via an HTTP request to a .jsp file whose name contains the malicious script and some encoded linefeed characters (%0a).... Read more

    Affected Products : jetty
    • EPSS Score: %2.91
    • Published: Mar. 31, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-1560

    index.php in gBook 1.4 allows remote attackers to bypass authentication and gain administrative privileges by setting the login parameter to true.... Read more

    Affected Products : gbook
    • EPSS Score: %2.36
    • Published: Mar. 31, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1536

    Molly IRC bot 0.5 allows remote attackers to execute arbitrary commands via shell metacharacters in (1) the $host variable for nslookup.pl, (2) the $to, $from, or $message variables in pop.pl, (3) the $words or $text variables in sms.pl, or (4) the $serve... Read more

    Affected Products : molly
    • EPSS Score: %1.46
    • Published: Mar. 31, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1538

    Acuma Acusend 4, and possibly earlier versions, allows remote authenticated users to read the reports of other users by inferring the full URL, whose name is easily predictable.... Read more

    Affected Products : acusend
    • EPSS Score: %0.50
    • Published: Mar. 31, 2003
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2002-1550

    dump_smutil.sh in IBM AIX allows local users to overwrite arbitrary files via a symlink attack on temporary files.... Read more

    Affected Products : aix
    • EPSS Score: %0.06
    • Published: Mar. 31, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1531

    The administrative web interface (STEMWADM) for SurfControl SuperScout Email Filter allows remote attackers to cause a denial of service (crash) via an HTTP request without a Content-Length parameter.... Read more

    Affected Products : superscout_email_filter
    • EPSS Score: %0.78
    • Published: Mar. 31, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1549

    Buffer overflow in Light HTTPd (lhttpd) 0.1 allows remote attackers to execute arbitrary code via a long HTTP GET request.... Read more

    Affected Products : light_httpd
    • EPSS Score: %7.10
    • Published: Mar. 31, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0147

    OpenSSL does not use RSA blinding by default, which allows local and remote attackers to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of ... Read more

    Affected Products : openssl openpkg stunnel
    • EPSS Score: %21.35
    • Published: Mar. 31, 2003
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2003-0086

    The code for writing reg files in Samba before 2.2.8 allows local users to overwrite arbitrary files via a race condition involving chown.... Read more

    Affected Products : samba
    • EPSS Score: %0.32
    • Published: Mar. 31, 2003
    • Modified: Apr. 03, 2025
Showing 20 of 291162 Results