Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2002-1556

    Cisco ONS15454 and ONS15327 running ONS before 3.4 allows attackers to cause a denial of service (reset) via an HTTP request to the TCC, TCC+ or XTC, in which the request contains an invalid CORBA Interoperable Object Reference (IOR).... Read more

    • EPSS Score: %0.49
    • Published: Mar. 31, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-1558

    Cisco ONS15454 and ONS15327 running ONS before 3.4 have an account for the VxWorks Operating System in the TCC, TCC+ and XTC that cannot be changed or disabled, which allows remote attackers to gain privileges by connecting to the account via Telnet.... Read more

    • EPSS Score: %0.92
    • Published: Mar. 31, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1559

    Directory traversal vulnerability in ion-p.exe (aka ion-p) allows remote attackers to read arbitrary files via (1) C: (drive letter) or (2) .. (dot-dot) sequences in the page parameter.... Read more

    Affected Products : ion_script
    • EPSS Score: %4.31
    • Published: Mar. 31, 2003
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2002-1551

    Buffer overflow in nslookup in IBM AIX may allow attackers to cause a denial of service or execute arbitrary code.... Read more

    Affected Products : aix
    • EPSS Score: %0.10
    • Published: Mar. 31, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1545

    CooolSoft Personal FTP Server 2.24 allows remote attackers to obtain the absolute pathname of the FTP root via a PWD command, which includes the full path in the response.... Read more

    Affected Products : personal_ftp_server
    • EPSS Score: %0.50
    • Published: Mar. 31, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1530

    The administrative web interface (STEMWADM) for SurfControl SuperScout Email Filter allows users to obtain usernames and plaintext passwords via a request to the userlist.asp program, which includes the passwords in a user editing form.... Read more

    Affected Products : superscout_email_filter
    • EPSS Score: %7.13
    • Published: Mar. 31, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1547

    Netscreen running ScreenOS 4.0.0r6 and earlier allows remote attackers to cause a denial of service via a malformed SSH packet to the Secure Command Shell (SCS) management interface, as demonstrated via certain CRC32 exploits, a different vulnerability th... Read more

    Affected Products : netscreen_screenos
    • EPSS Score: %1.72
    • Published: Mar. 31, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0080

    The iptables ruleset in Gnome-lokkit in Red Hat Linux 8.0 does not include any rules in the FORWARD chain, which could allow attackers to bypass intended access restrictions if packet forwarding is enabled.... Read more

    Affected Products : linux gnome-lokkit
    • EPSS Score: %0.44
    • Published: Mar. 31, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-1548

    Unknown vulnerability in autofs on AIX 4.3.0, when using executable maps, allows attackers to execute arbitrary commands as root, possibly related to "string handling around how the executable map is called."... Read more

    Affected Products : aix
    • EPSS Score: %0.06
    • Published: Mar. 31, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1541

    BadBlue 1.7 allows remote attackers to bypass password protections for directories and files via an HTTP request containing an extra / (slash).... Read more

    Affected Products : badblue
    • EPSS Score: %0.42
    • Published: Mar. 31, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1534

    Macromedia Flash Player allows remote attackers to read arbitrary files via XML script in a .swf file that is hosted on a remote SMB share.... Read more

    Affected Products : flash_player
    • EPSS Score: %0.57
    • Published: Mar. 31, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0147

    OpenSSL does not use RSA blinding by default, which allows local and remote attackers to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of ... Read more

    Affected Products : openssl openpkg stunnel
    • EPSS Score: %21.35
    • Published: Mar. 31, 2003
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2003-0086

    The code for writing reg files in Samba before 2.2.8 allows local users to overwrite arbitrary files via a race condition involving chown.... Read more

    Affected Products : samba
    • EPSS Score: %0.32
    • Published: Mar. 31, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-1074

    Unknown vulnerability in newtask for Solaris 9 allows local users to gain root privileges.... Read more

    Affected Products : solaris
    • EPSS Score: %0.05
    • Published: Mar. 28, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0028

    Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certa... Read more

    Affected Products : aix solaris hp-ux sunos freebsd glibc openafs kerberos_5 openbsd unicos +3 more products
    • EPSS Score: %56.05
    • Published: Mar. 25, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0151

    BEA WebLogic Server and Express 6.0 through 7.0 does not properly restrict access to certain internal servlets that perform administrative functions, which allows remote attackers to read arbitrary files or execute arbitrary code.... Read more

    Affected Products : weblogic_server
    • EPSS Score: %4.73
    • Published: Mar. 24, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0138

    Version 4 of the Kerberos protocol (krb4), as used in Heimdal and other packages, allows an attacker to impersonate any principal in a realm via a chosen-plaintext attack.... Read more

    Affected Products : kerberos
    • EPSS Score: %5.64
    • Published: Mar. 24, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0129

    Ximian Evolution Mail User Agent 1.2.2 and earlier allows remote attackers to cause a denial of service (memory consumption) via a mail message that is uuencoded multiple times.... Read more

    Affected Products : linux evolution
    • EPSS Score: %19.35
    • Published: Mar. 24, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0011

    Unknown vulnerability in the DNS intrusion detection application filter for Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to cause a denial of service (blocked traffic to DNS servers) via a certain type of incoming... Read more

    Affected Products : isa_server
    • EPSS Score: %18.32
    • Published: Mar. 24, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0128

    The try_uudecoding function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a malicious uuencoded (UUE) header, possibly triggerin... Read more

    Affected Products : linux evolution
    • EPSS Score: %25.27
    • Published: Mar. 24, 2003
    • Modified: Apr. 03, 2025
Showing 20 of 291219 Results