Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2003-0285

    IBM AIX 5.2 and earlier distributes Sendmail with a configuration file (sendmail.cf) with the (1) promiscuous_relay, (2) accept_unresolvable_domains, and (3) accept_unqualified_senders features enabled, which allows Sendmail to be used as an open mail rel... Read more

    Affected Products : aix
    • EPSS Score: %1.18
    • Published: Jun. 16, 2003
    • Modified: Apr. 03, 2025

  • 6.8

    MEDIUM
    CVE-2003-0217

    Cross-site scripting (XSS) vulnerability in Neoteris Instant Virtual Extranet (IVE) 3.01 and earlier allows remote attackers to insert arbitrary web script and bypass authentication via a certain CGI script.... Read more

    Affected Products : instant_virtual_extranet
    • EPSS Score: %0.32
    • Published: Jun. 16, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-1155

    Buffer overflow in KON kon2 0.3.9b and earlier allows local users to execute arbitrary code via a long -Coding command line argument.... Read more

    Affected Products : linux
    • EPSS Score: %0.13
    • Published: Jun. 16, 2003
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2003-0420

    Information leak in dsimportexport for Apple Macintosh OS X Server 10.2.6 allows local users to obtain the username and password of the account running the tool.... Read more

    Affected Products : mac_os_x_server
    • EPSS Score: %0.08
    • Published: Jun. 13, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0355

    Safari 1.0 Beta 2 (v73) and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates.... Read more

    Affected Products : safari konqueror_embedded
    • EPSS Score: %0.35
    • Published: Jun. 09, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0241

    FrontRange GoldMine mail agent 5.70 and 6.00 before 30503 directly sends HTML to the default browser without setting its security zone or otherwise labeling it untrusted, which allows remote attackers to execute arbitrary code via a message that is render... Read more

    Affected Products : goldmine
    • EPSS Score: %2.72
    • Published: Jun. 09, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1457

    SQL injection vulnerability in search.php for L-Forum 2.40 allows remote attackers to execute arbitrary SQL statements via the search parameter.... Read more

    Affected Products : l-forum
    • EPSS Score: %1.58
    • Published: Jun. 09, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1459

    Cross-site scripting vulnerability in L-Forum 2.40 and earlier, when the "Enable HTML in messages" option is off, allows remote attackers to insert arbitrary script or HTML via message fields including (1) From, (2) E-Mail, and (3) Subject.... Read more

    Affected Products : l-forum
    • EPSS Score: %1.08
    • Published: Jun. 09, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1461

    Web Shop Manager 1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the search box.... Read more

    Affected Products : web_shop_manager
    • EPSS Score: %2.14
    • Published: Jun. 09, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-0306

    Buffer overflow in EXPLORER.EXE on Windows XP allows attackers to execute arbitrary code as the XP user via a desktop.ini file with a long .ShellClassInfo parameter.... Read more

    Affected Products : windows_xp
    • EPSS Score: %2.48
    • Published: Jun. 09, 2003
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2003-0194

    tcpdump does not properly drop privileges to the pcap user when starting up.... Read more

    Affected Products : linux tcpdump
    • EPSS Score: %0.07
    • Published: Jun. 09, 2003
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2003-0329

    CesarFTP 0.99g stores user names and passwords in plaintext in the settings.ini file, which could allow local users to gain privileges.... Read more

    Affected Products : cesarftp
    • EPSS Score: %0.14
    • Published: Jun. 09, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0303

    SQL injection vulnerability in one||zero (aka One or Zero) Helpdesk 1.4 rc4 allows remote attackers to modify arbitrary ticket number descriptions via the sg parameter.... Read more

    Affected Products : oneorzero_helpdesk
    • EPSS Score: %0.33
    • Published: Jun. 09, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0320

    header.php in ttCMS 2.3 and earlier allows remote attackers to inject arbitrary PHP code by setting the ttcms_user_admin parameter to "1" and modifying the admin_root parameter to point to a URL that contains a Trojan horse header.inc.php script.... Read more

    Affected Products : ttcms
    • EPSS Score: %3.22
    • Published: Jun. 09, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0226

    Microsoft Internet Information Services (IIS) 5.0 and 5.1 allows remote attackers to cause a denial of service via a long WebDAV request with a (1) PROPFIND or (2) SEARCH method, which generates an error condition that is not properly handled.... Read more

    Affected Products : internet_information_services iis
    • EPSS Score: %40.64
    • Published: Jun. 09, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-0188

    lv reads a .lv file from the current working directory, which allows local users to execute arbitrary commands as other lv users by placing malicious .lv files into other directories.... Read more

    Affected Products : linux lv lv
    • EPSS Score: %0.04
    • Published: Jun. 09, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0357

    Multiple integer overflow vulnerabilities in Ethereal 0.9.11 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) Mount and (2) PPP dissectors.... Read more

    Affected Products : ethereal
    • EPSS Score: %14.38
    • Published: Jun. 09, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0245

    Vulnerability in the apr_psprintf function in the Apache Portable Runtime (APR) library for Apache 2.0.37 through 2.0.45 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long strings, as demonstrated usi... Read more

    Affected Products : http_server
    • EPSS Score: %78.92
    • Published: Jun. 09, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1564

    Internet Explorer 5.5 and 6.0 allows remote attackers to steal potentially sensitive information from cookies via a cookie that contains script which is executed when a page is loaded, aka the "Script within Cookies Reading Cookies" vulnerability.... Read more

    Affected Products : internet_explorer
    • EPSS Score: %15.86
    • Published: Jun. 09, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2003-0240

    The web-based administration capability for various Axis Network Camera products allows remote attackers to bypass access restrictions and modify configuration via an HTTP request to the admin/admin.shtml containing a leading // (double slash).... Read more

    • EPSS Score: %22.36
    • Published: Jun. 09, 2003
    • Modified: Apr. 03, 2025
Showing 20 of 291659 Results