Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2003-0109

    Buffer overflow in ntdll.dll on Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute arbitrary code, as demonstrated via a WebDAV request to IIS 5.0.... Read more

    • EPSS Score: %88.72
    • Published: Mar. 31, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2003-0085

    Buffer overflow in the SMB/CIFS packet fragment re-assembly code for SMB daemon (smbd) in Samba before 2.2.8, and Samba-TNG before 0.3.1, allows remote attackers to execute arbitrary code.... Read more

    Affected Products : samba cifs-9000_server
    • EPSS Score: %86.07
    • Published: Mar. 31, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0145

    Unknown vulnerability in tcpdump before 3.7.2 related to an inability to "Handle unknown RADIUS attributes properly," allows remote attackers to cause a denial of service (infinite loop), a different vulnerability than CAN-2003-0093.... Read more

    Affected Products : tcpdump
    • EPSS Score: %1.27
    • Published: Mar. 31, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1532

    The administrative web interface (STEMWADM) for SurfControl SuperScout Email Filter allows remote attackers to cause a denial of service (resource exhaustion) via a GET request without the terminating /r/n/r/n (CRLF) sequence, which causes the interface t... Read more

    Affected Products : superscout_email_filter
    • EPSS Score: %0.78
    • Published: Mar. 31, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1536

    Molly IRC bot 0.5 allows remote attackers to execute arbitrary commands via shell metacharacters in (1) the $host variable for nslookup.pl, (2) the $to, $from, or $message variables in pop.pl, (3) the $words or $text variables in sms.pl, or (4) the $serve... Read more

    Affected Products : molly
    • EPSS Score: %1.46
    • Published: Mar. 31, 2003
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2002-1543

    Buffer overflow in trek on NetBSD 1.5 through 1.5.3 allows local users to gain privileges via long keyboard input.... Read more

    Affected Products : netbsd
    • EPSS Score: %0.09
    • Published: Mar. 31, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-1560

    index.php in gBook 1.4 allows remote attackers to bypass authentication and gain administrative privileges by setting the login parameter to true.... Read more

    Affected Products : gbook
    • EPSS Score: %2.36
    • Published: Mar. 31, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-1537

    admin_ug_auth.php in phpBB 2.0.0 allows local users to gain administrator privileges by directly calling admin_ug_auth.php with modifed form fields such as "u".... Read more

    Affected Products : phpbb
    • EPSS Score: %0.41
    • Published: Mar. 31, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1538

    Acuma Acusend 4, and possibly earlier versions, allows remote authenticated users to read the reports of other users by inferring the full URL, whose name is easily predictable.... Read more

    Affected Products : acusend
    • EPSS Score: %0.50
    • Published: Mar. 31, 2003
    • Modified: Apr. 03, 2025

  • 5.8

    MEDIUM
    CVE-2002-1533

    Cross-site scripting (XSS) vulnerability in Jetty JSP servlet engine allows remote attackers to insert arbitrary HTML or script via an HTTP request to a .jsp file whose name contains the malicious script and some encoded linefeed characters (%0a).... Read more

    Affected Products : jetty
    • EPSS Score: %2.91
    • Published: Mar. 31, 2003
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2002-1544

    Directory traversal vulnerability in CooolSoft Personal FTP Server 2.24 allows remote attackers to read or modify arbitrary files via .. (dot dot) sequences in the commands (1) LIST (ls), (2) mkdir, (3) put, or (4) get.... Read more

    Affected Products : personal_ftp_server
    • EPSS Score: %0.35
    • Published: Mar. 31, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1542

    SolarWinds TFTP server 5.0.55 and earlier allows remote attackers to cause a denial of service (crash) via a large UDP datagram, possibly triggering a buffer overflow.... Read more

    Affected Products : tftp_server
    • EPSS Score: %7.35
    • Published: Mar. 31, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-1540

    The client for Symantec Norton AntiVirus Corporate Edition 7.5.x before 7.5.1 Build 62 and 7.6.x before 7.6.1 Build 35a runs winhlp32 with raised privileges, which allows local users to gain privileges by using certain features of winhlp32.... Read more

    Affected Products : norton_antivirus
    • EPSS Score: %0.06
    • Published: Mar. 31, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1546

    BRS WebWeaver Web Server 1.01 allows remote attackers to bypass password protections for files and directories via an HTTP request containing a "/./" sequence.... Read more

    Affected Products : webweaver
    • EPSS Score: %0.43
    • Published: Mar. 31, 2003
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2002-1529

    Cross-site scripting (XSS) vulnerability in msgError.asp for the administrative web interface (STEMWADM) for SurfControl SuperScout Email Filter allows remote attackers to insert arbitrary script or HTML via the Reason parameter.... Read more

    Affected Products : superscout_email_filter
    • EPSS Score: %0.88
    • Published: Mar. 31, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1557

    Cisco ONS15454 and ONS15327 running ONS before 3.4 allows attackers to cause a denial of service (reset to TCC, TCC+, TCCi or XTC) via a malformed HTTP request that does not contain a leading / (slash) character.... Read more

    • EPSS Score: %0.49
    • Published: Mar. 31, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-0144

    Buffer overflow in the lprm command in the lprold lpr package on SuSE 7.1 through 7.3, OpenBSD 3.2 and earlier, and possibly other operating systems, allows local users to gain root privileges via long command line arguments such as (1) request ID or (2) ... Read more

    Affected Products : freebsd openbsd lprold lpr
    • EPSS Score: %0.25
    • Published: Mar. 31, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1559

    Directory traversal vulnerability in ion-p.exe (aka ion-p) allows remote attackers to read arbitrary files via (1) C: (drive letter) or (2) .. (dot-dot) sequences in the page parameter.... Read more

    Affected Products : ion_script
    • EPSS Score: %4.31
    • Published: Mar. 31, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1556

    Cisco ONS15454 and ONS15327 running ONS before 3.4 allows attackers to cause a denial of service (reset) via an HTTP request to the TCC, TCC+ or XTC, in which the request contains an invalid CORBA Interoperable Object Reference (IOR).... Read more

    • EPSS Score: %0.49
    • Published: Mar. 31, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1539

    Buffer overflow in MDaemon POP server 6.0.7 and earlier allows remote authenticated users to cause a denial of service via long (1) DELE or (2) UIDL arguments.... Read more

    Affected Products : mdaemon
    • EPSS Score: %4.30
    • Published: Mar. 31, 2003
    • Modified: Apr. 03, 2025
Showing 20 of 291193 Results