Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2003-0094

    A patch for mcookie in the util-linux package for Mandrake Linux 8.2 and 9.0 uses /dev/urandom instead of /dev/random, which causes mcookie to use an entropy source that is more predictable than expected, which may make it easier for certain types of atta... Read more

    Affected Products : util-linux
    • EPSS Score: %0.43
    • Published: Mar. 03, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0100

    Buffer overflow in Cisco IOS 11.2.x to 12.0.x allows remote attackers to cause a denial of service and possibly execute commands via a large number of OSPF neighbor announcements.... Read more

    Affected Products : ios
    • EPSS Score: %4.07
    • Published: Mar. 03, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0097

    Unknown vulnerability in CGI module for PHP 4.3.0 allows attackers to access arbitrary files as the PHP user, and possibly execute PHP code, by bypassing the CGI force redirect settings (cgi.force_redirect or --enable-force-cgi-redirect).... Read more

    Affected Products : php
    • EPSS Score: %0.63
    • Published: Mar. 03, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-1510

    xdm, with the authComplain variable set to false, allows arbitrary attackers to connect to the X server if the xdm auth directory does not exist.... Read more

    Affected Products : linux x11r6
    • EPSS Score: %0.81
    • Published: Mar. 03, 2003
    • Modified: Apr. 03, 2025

  • 6.8

    MEDIUM
    CVE-2003-0070

    VTE, as used by default in gnome-terminal terminal emulator 2.2 and as an option in gnome-terminal 2.0, allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal,... Read more

    Affected Products : vte gnome-terminal
    • EPSS Score: %0.64
    • Published: Mar. 03, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0065

    The uxterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which c... Read more

    Affected Products : uxterm
    • EPSS Score: %0.67
    • Published: Mar. 03, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-0099

    Multiple buffer overflows in apcupsd before 3.8.6, and 3.10.x before 3.10.5, may allow attackers to cause a denial of service or execute arbitrary code, related to usage of the vsprintf function.... Read more

    Affected Products : apcupsd
    • EPSS Score: %0.12
    • Published: Mar. 03, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0022

    The "screen dump" feature in rxvt 2.7.8 allows attackers to overwrite arbitrary files via a certain character escape sequence when it is echoed to a user's terminal, e.g. when the user views a file containing the malicious sequence.... Read more

    Affected Products : rxvt
    • EPSS Score: %0.76
    • Published: Mar. 03, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2003-0101

    miniserv.pl in (1) Webmin before 1.070 and (2) Usermin before 1.000 does not properly handle metacharacters such as line feeds and carriage returns (CRLF) in Base-64 encoded strings during Basic authentication, which allows remote attackers to spoof a ses... Read more

    • EPSS Score: %15.50
    • Published: Mar. 03, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0049

    Apple File Protocol (AFP) in Mac OS X before 10.2.4 allows administrators to log in as other users by using the administrator password.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • EPSS Score: %0.54
    • Published: Mar. 03, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-0088

    TruBlueEnvironment for MacOS 10.2.3 and earlier allows local users to overwrite or create arbitrary files and gain root privileges by setting a certain environment variable that is used to write debugging information.... Read more

    Affected Products : mac_os_x
    • EPSS Score: %0.05
    • Published: Mar. 03, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2003-0095

    Buffer overflow in ORACLE.EXE for Oracle Database Server 9i, 8i, 8.1.7, and 8.0.6 allows remote attackers to execute arbitrary code via a long username that is provided during login, as exploitable through client applications that perform their own authen... Read more

    Affected Products : database_server oracle8i oracle9i
    • EPSS Score: %33.07
    • Published: Mar. 03, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-1472

    Untrusted search path vulnerability in libX11.so in xfree86, when used in setuid or setgid programs, allows local users to gain root privileges via a modified LD_PRELOAD environment variable that points to a malicious module.... Read more

    Affected Products : linux x11r6
    • EPSS Score: %0.06
    • Published: Mar. 03, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0064

    The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which c... Read more

    Affected Products : aix solaris hp-ux sunos irix
    • EPSS Score: %0.87
    • Published: Mar. 03, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-1078

    The FTP client for Solaris 2.6, 7, and 8 with the debug (-d) flag enabled displays the user password on the screen during login.... Read more

    Affected Products : solaris sunos
    • EPSS Score: %0.60
    • Published: Feb. 28, 2003
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2003-0047

    SSH2 clients for VanDyke (1) SecureCRT 4.0.2 and 3.4.7, (2) SecureFX 2.1.2 and 2.0.4, and (3) Entunnel 1.0.2 and earlier, do not clear logon credentials from memory, including plaintext passwords, which could allow attackers with access to memory to steal... Read more

    Affected Products : entunnel securecrt securefx
    • EPSS Score: %0.08
    • Published: Feb. 19, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-0019

    uml_net in the kernel-utils package for Red Hat Linux 8.0 has incorrect setuid root privileges, which allows local users to modify network interfaces, e.g. by modifying ARP entries or placing interfaces into promiscuous mode.... Read more

    Affected Products : linux
    • EPSS Score: %0.66
    • Published: Feb. 19, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0059

    Unknown vulnerability in the chk_trans.c of the libkrb5 library for MIT Kerberos V5 before 1.2.5 allows users from one realm to impersonate users in other realms that have the same inter-realm keys.... Read more

    Affected Products : kerberos_5
    • EPSS Score: %3.22
    • Published: Feb. 19, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0060

    Format string vulnerabilities in the logging routines for MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in Kerberos p... Read more

    Affected Products : kerberos_5
    • EPSS Score: %9.13
    • Published: Feb. 19, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1405

    CRLF injection vulnerability in Lynx 2.8.4 and earlier allows remote attackers to inject false HTTP headers into an HTTP request that is provided on the command line, via a URL containing encoded carriage return, line feed, and other whitespace characters... Read more

    Affected Products : linux lynx elinks links
    • EPSS Score: %14.08
    • Published: Feb. 19, 2003
    • Modified: Apr. 03, 2025
Showing 20 of 291222 Results