Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2003-0163

    decrypt_msg for the Gaim-Encryption GAIM plugin 1.15 and earlier does not properly validate a message length parameter, which allows remote attackers to cause a denial of service (crash) via a negative length, which overwrites arbitrary heap memory with a... Read more

    Affected Products : gaim-encryption
    • EPSS Score: %0.40
    • Published: May. 05, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0204

    KDE 2 and KDE 3.1.1 and earlier 3.x versions allows attackers to execute arbitrary commands via (1) PostScript (PS) or (2) PDF files, related to missing -dPARANOIDSAFER and -dSAFER arguments when using the kghostview Ghostscript viewer.... Read more

    Affected Products : kde
    • EPSS Score: %1.50
    • Published: May. 05, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0133

    GtkHTML, as included in Evolution before 1.2.4, allows remote attackers to cause a denial of service (crash) via certain malformed messages.... Read more

    Affected Products : linux gtkhtml
    • EPSS Score: %0.76
    • Published: May. 05, 2003
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2003-0208

    Cross-site scripting (XSS) vulnerability in Macromedia Flash ad user tracking capability allows remote attackers to insert arbitrary Javascript via the clickTAG field.... Read more

    Affected Products : flash
    • EPSS Score: %0.27
    • Published: May. 05, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-0173

    xfsdq in xfsdump does not create quota information files securely, which allows local users to gain root privileges.... Read more

    Affected Products : irix xfsdump
    • EPSS Score: %0.08
    • Published: May. 05, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2003-0201

    Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code.... Read more

    • EPSS Score: %80.77
    • Published: May. 05, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0110

    The Winsock Proxy service in Microsoft Proxy Server 2.0 and the Microsoft Firewall service in Internet Security and Acceleration (ISA) Server 2000 allow remote attackers to cause a denial of service (CPU consumption or packet storm) via a spoofed, malform... Read more

    Affected Products : isa_server proxy_server
    • EPSS Score: %19.46
    • Published: May. 05, 2003
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2003-0198

    Mac OS X before 10.2.5 allows guest users to modify the permissions of the DropBox folder and read unauthorized files.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • EPSS Score: %0.45
    • Published: May. 05, 2003
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2003-0207

    ps2epsi creates insecure temporary files when calling ghostscript, which allows local attackers to overwrite arbitrary files.... Read more

    Affected Products : gs-common
    • EPSS Score: %0.11
    • Published: May. 05, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2003-0196

    Multiple buffer overflows in Samba before 2.2.8a may allow remote attackers to execute arbitrary code or cause a denial of service, as discovered by the Samba team and a different vulnerability than CVE-2003-0201.... Read more

    • EPSS Score: %6.78
    • Published: May. 05, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0211

    Memory leak in xinetd 2.3.10 allows remote attackers to cause a denial of service (memory consumption) via a large number of rejected connections.... Read more

    Affected Products : xinetd
    • EPSS Score: %9.29
    • Published: May. 05, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-1070

    Unknown vulnerability in rpcbind for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (rpcbind crash).... Read more

    Affected Products : solaris sunos
    • EPSS Score: %0.90
    • Published: Apr. 28, 2003
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2003-1072

    Memory leak in lofiadm in Solaris 8 allows local users to cause a denial of service (kernel memory consumption).... Read more

    Affected Products : solaris sunos
    • EPSS Score: %0.06
    • Published: Apr. 28, 2003
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-1470

    SHOUTcast 1.8.9 and earlier allows local users to obtain the cleartext administrative password via a GET request to port 8001, which causes the password to be logged in the world-readable sc_serv.log file.... Read more

    Affected Products : shoutcast_server
    • EPSS Score: %0.10
    • Published: Apr. 22, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1465

    SQL injection vulnerability in CafeLog b2 Weblog Tool allows remote attackers to execute arbitrary SQL code via the tablehosts variable.... Read more

    Affected Products : b2
    • EPSS Score: %0.71
    • Published: Apr. 22, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-1468

    Buffer overflow in errpt in AIX 4.3.3 allows local users to execute arbitrary code as root.... Read more

    Affected Products : aix
    • EPSS Score: %10.66
    • Published: Apr. 22, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1471

    The camel component for Ximian Evolution 1.0.x and earlier does not verify certificates when it establishes a new SSL connection after previously verifying a certificate, which could allow remote attackers to monitor or modify sessions via a man-in-the-mi... Read more

    Affected Products : evolution
    • EPSS Score: %0.26
    • Published: Apr. 22, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1467

    Macromedia Flash Plugin before 6,0,47,0 allows remote attackers to bypass the same-domain restriction and read arbitrary files via (1) an HTTP redirect, (2) a "file://" base in a web document, or (3) a relative URL from a web archive (mht file).... Read more

    Affected Products : flash_player shockwave
    • EPSS Score: %0.49
    • Published: Apr. 22, 2003
    • Modified: Apr. 03, 2025

  • 9.8

    CRITICAL
    CVE-2002-1484

    DB4Web server, when configured to use verbose debug messages, allows remote attackers to use DB4Web as a proxy and attempt TCP connections to other systems (port scan) via a request for a URL that specifies the target IP address and port, which produces a... Read more

    Affected Products : db4web
    • EPSS Score: %7.03
    • Published: Apr. 22, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1483

    db4web_c and db4web_c.exe programs in DB4Web 3.4 and 3.6 allow remote attackers to read arbitrary files via an HTTP request whose argument is a filename of the form (1) C: (drive letter), (2) //absolute/path (double-slash), or (3) .. (dot-dot).... Read more

    Affected Products : db4web
    • EPSS Score: %5.11
    • Published: Apr. 22, 2003
    • Modified: Apr. 03, 2025
Showing 20 of 291513 Results