Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2003-0013

    The default .htaccess scripts for Bugzilla 2.14.x before 2.14.5, 2.16.x before 2.16.2, and 2.17.x before 2.17.3 do not include filenames for backup copies of the localconfig file that are made from editors such as vi and Emacs, which could allow remote at... Read more

    Affected Products : bugzilla
    • EPSS Score: %1.11
    • Published: Jan. 17, 2003
    • Modified: Apr. 03, 2025

  • 6.5

    MEDIUM
    CVE-2002-1401

    Buffer overflows in (1) circle_poly, (2) path_encode and (3) path_add (also incorrectly identified as path_addr) for PostgreSQL 7.2.3 and earlier allow attackers to cause a denial of service and possibly execute arbitrary code, possibly as a result of an ... Read more

    Affected Products : postgresql
    • EPSS Score: %1.03
    • Published: Jan. 17, 2003
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-1392

    faxspool in mgetty before 1.1.29 uses a world-writable spool directory for outgoing faxes, which allows local users to modify fax transmission privileges.... Read more

    Affected Products : mgetty
    • EPSS Score: %0.08
    • Published: Jan. 17, 2003
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2002-1398

    Buffer overflow in the date parser for PostgreSQL before 7.2.2 allows attackers to cause a denial of service and possibly execute arbitrary code via a long date string, aka a vulnerability "in handling long datetime input."... Read more

    Affected Products : postgresql
    • EPSS Score: %0.16
    • Published: Jan. 17, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1396

    Heap-based buffer overflow in the wordwrap function in PHP after 4.1.2 and before 4.3.0 may allow attackers to cause a denial of service or execute arbitrary code.... Read more

    Affected Products : php
    • EPSS Score: %1.66
    • Published: Jan. 17, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1400

    Heap-based buffer overflow in the repeat() function for PostgreSQL before 7.2.2 allows attackers to execute arbitrary code by causing repeat() to generate a large string.... Read more

    Affected Products : postgresql
    • EPSS Score: %1.63
    • Published: Jan. 17, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1397

    Vulnerability in the cash_words() function for PostgreSQL 7.2 and earlier allows local users to cause a denial of service and possibly execute arbitrary code via a large negative argument, possibly triggering an integer signedness error or buffer overflow... Read more

    Affected Products : postgresql
    • EPSS Score: %0.66
    • Published: Jan. 17, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0031

    Multiple buffer overflows in libmcrypt before 2.5.5 allow attackers to cause a denial of service (crash).... Read more

    Affected Products : libmcrypt
    • EPSS Score: %0.79
    • Published: Jan. 17, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0025

    Multiple SQL injection vulnerabilities in IMP 2.2.8 and earlier allow remote attackers to perform unauthorized database activities and possibly gain privileges via certain database functions such as check_prefs() in db.pgsql, as demonstrated using mailbox... Read more

    Affected Products : imp
    • EPSS Score: %1.80
    • Published: Jan. 17, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1391

    Buffer overflow in cnd-program for mgetty before 1.1.29 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a Caller ID string with a long CallerName argument.... Read more

    Affected Products : mgetty
    • EPSS Score: %3.00
    • Published: Jan. 17, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0001

    Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak.... Read more

    • EPSS Score: %3.61
    • Published: Jan. 17, 2003
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2003-0014

    gsinterf.c in bmv 1.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files.... Read more

    Affected Products : bmv
    • EPSS Score: %0.08
    • Published: Jan. 11, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0630

    The Telnet service for Polycom ViewStation before 7.2.4 allows remote attackers to cause a denial of service (crash) via long or malformed ICMP packets.... Read more

    • EPSS Score: %1.32
    • Published: Jan. 07, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0627

    The Web server for Polycom ViewStation before 7.2.4 allows remote attackers to bypass authentication and read files via Unicode encoded requests.... Read more

    • EPSS Score: %0.79
    • Published: Jan. 07, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0629

    The Telnet service for Polycom ViewStation before 7.2.4 allows remote attackers to cause a denial of service (crash) via multiple connections to the server.... Read more

    • EPSS Score: %1.32
    • Published: Jan. 07, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0628

    The Telnet service for Polycom ViewStation before 7.2.4 does not restrict the number of failed login attempts, which makes it easier for remote attackers to guess usernames and passwords via a brute force attack.... Read more

    • EPSS Score: %1.42
    • Published: Jan. 07, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-0626

    Polycom ViewStation before 7.2.4 has a default null password for the administrator account, which allows arbitrary users to conduct unauthorized activities.... Read more

    • EPSS Score: %0.48
    • Published: Jan. 07, 2003
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2003-1071

    rpc.walld (wall daemon) for Solaris 2.6 through 9 allows local users to send messages to logged on users that appear to come from arbitrary user IDs by closing stderr before executing wall, then supplying a spoofed from header.... Read more

    Affected Products : solaris sunos
    • EPSS Score: %0.32
    • Published: Jan. 03, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-1384

    Integer overflow in pdftops, as used in Xpdf 2.01 and earlier, xpdf-i, and CUPS before 1.1.18, allows local users to execute arbitrary code via a ColorSpace entry with a large number of elements, as demonstrated by cups-pdf.... Read more

    Affected Products : xpdf cups
    • EPSS Score: %0.07
    • Published: Jan. 02, 2003
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2002-1386

    Buffer overflow in traceroute-nanog (aka traceroute-ng) may allow local users to execute arbitrary code via a long hostname argument.... Read more

    Affected Products : tracesroute
    • EPSS Score: %0.10
    • Published: Jan. 02, 2003
    • Modified: Apr. 03, 2025
Showing 20 of 291209 Results