Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
  • 5.0

    MEDIUM
    CVE-2003-1054

    mod_access_referer 1.0.2 allows remote attackers to cause a denial of service (crash) via a malformed Referer header that is missing a hostname, as parsed by the ap_parse_uri_components function in Apache, which triggers a null dereference.... Read more

    Affected Products : mod_access_referer
    • EPSS Score: %7.09
    • Published: Apr. 16, 2003
    • Modified: Apr. 03, 2025
  • 7.8

    HIGH
    CVE-2002-1426

    HP ProCurve Switch 4000M C.07.23 allows remote attackers to cause a denial of service (crash) via an SNMP write request containing 85 characters, possibly triggering a buffer overflow.... Read more

    Affected Products : procurve_switch_4000m
    • EPSS Score: %10.93
    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025
  • 5.0

    MEDIUM
    CVE-2002-1422

    admbrowse.php in FUDforum before 2.2.0 allows remote attackers to create or delete files via URL-encoded pathnames in the cur and dest parameters.... Read more

    Affected Products : fudforum
    • EPSS Score: %6.34
    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025
  • 5.0

    MEDIUM
    CVE-2002-1415

    Format string vulnerability in SMTP service for WebEasyMail 3.4.2.2 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format strings in SMTP requests.... Read more

    Affected Products : webeasymail
    • EPSS Score: %1.87
    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025
  • 7.5

    HIGH
    CVE-2002-1410

    Easy Guestbook CGI programs do not authenticate the administrator, which allows remote attackers to (1) delete entries via direct access of admin.cgi, or (2) reconfigure Guestbook via direct access of config.cgi.... Read more

    • EPSS Score: %11.51
    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025
  • 7.5

    HIGH
    CVE-2002-1427

    The print_html_to_file function in edit.cgi for Easy Homepage Creator 1.0 does not check user credentials, which allows remote attackers to modify home pages of other users.... Read more

    • EPSS Score: %3.06
    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025
  • 5.0

    MEDIUM
    CVE-2002-1430

    Unknown vulnerability in Sympoll 1.2 allows remote attackers to read arbitrary files when register_globals is enabled, possibly by modifying certain PHP variables through URL parameters.... Read more

    Affected Products : sympoll
    • EPSS Score: %0.52
    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025
  • 7.5

    HIGH
    CVE-2002-1419

    The upgrade of IRIX on Origin 3000 to 6.5.13 through 6.5.16 changes the MAC address of the system, which could modify intended access restrictions that are based on a MAC address.... Read more

    Affected Products : irix
    • EPSS Score: %0.53
    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025
  • 7.5

    HIGH
    CVE-2003-0135

    vsftpd FTP daemon in Red Hat Linux 9 is not compiled against TCP wrappers (tcp_wrappers) but is installed as a standalone service, which inadvertently prevents vsftpd from restricting access as intended.... Read more

    Affected Products : linux
    • EPSS Score: %0.53
    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025
  • 7.5

    HIGH
    CVE-2002-1407

    TinySSL 1.02 and earlier does not verify the Basic Constraints for an intermediate CA-signed certificate, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack.... Read more

    Affected Products : tinyssl
    • EPSS Score: %0.48
    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025
  • 7.5

    HIGH
    CVE-2002-1431

    Belkin F5D5230-4 4-Port Cable/DSL Gateway Router 1.20.000 modifies the source IP address of internal packets to that of the router's external interface when forwarding a request from an internal host to an internal web server, which allows remote attacker... Read more

    • EPSS Score: %0.74
    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025
  • 10.0

    HIGH
    CVE-2002-1440

    The Gateway GS-400 server has a default root password of "0001n" that can not be changed via the administrative interface, which can allow attackers to gain root privileges.... Read more

    Affected Products : gs-400
    • EPSS Score: %0.76
    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025
  • 7.5

    HIGH
    CVE-2002-1408

    Unknown vulnerability or vulnerabilities in HP OpenView EMANATE 14.2 snmpModules allow the SNMP read-write community name to be exposed, related to (1) "'read-only' community access," and/or (2) an easily guessable community name.... Read more

    Affected Products : vvos openview_emanate_snmp_agent
    • EPSS Score: %0.92
    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025
  • 5.0

    MEDIUM
    CVE-2002-1429

    Cross-site scripting vulnerability in board.php of endity.com ShoutBOX allows remote attackers to inject arbitrary HTML into the shoutbox page via the site parameter.... Read more

    Affected Products : shoutbox
    • EPSS Score: %5.05
    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025
  • 4.6

    MEDIUM
    CVE-2002-1439

    Unknown vulnerability related to stack corruption in the TGA daemon for HP-UX 11.04 (VVOS) Virtualvault 4.0, 4.5, and 4.6 may allow attackers to obtain access to system files.... Read more

    Affected Products : virtualvault vvos
    • EPSS Score: %0.10
    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025
  • 5.0

    MEDIUM
    CVE-2002-1443

    The Google toolbar 1.1.58 and earlier allows remote web sites to monitor a user's input into the toolbar via an "onkeydown" event handler.... Read more

    Affected Products : toolbar
    • EPSS Score: %0.38
    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025
  • 5.0

    MEDIUM
    CVE-2002-1411

    Directory traversal vulnerability in update.dpgs in Duma Photo Gallery System (DPGS) 0.99.4 allows remote attackers to read arbitrary files via .. (dot dot) sequences in the id parameter.... Read more

    Affected Products : photo_gallery_system
    • EPSS Score: %0.27
    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025
  • 5.0

    MEDIUM
    CVE-2002-1417

    Directory traversal vulnerability in Novell NetBasic Scripting Server (NSN) for Netware 5.1 and 6, and Novell Small Business Suite 5.1 and 6, allows remote attackers to read arbitrary files via a URL containing a "..%5c" sequence (modified dot-dot), which... Read more

    Affected Products : netware small_business_suite
    • EPSS Score: %13.55
    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025
  • 7.5

    HIGH
    CVE-2002-1442

    The Google toolbar 1.1.58 and earlier allows remote web sites to perform unauthorized toolbar operations including script execution and file reading in other zones such as "My Computer" by opening a window to tools.google.com or the res: protocol, then us... Read more

    Affected Products : toolbar
    • EPSS Score: %0.68
    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025
  • 6.4

    MEDIUM
    CVE-2002-1425

    Directory traversal vulnerability in munpack in mpack 1.5 and earlier allows remote attackers to create new files in the parent directory via a ../ (dot-dot) sequence in the filename to be extracted.... Read more

    Affected Products : mpack
    • EPSS Score: %1.79
    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025
Showing 20 of 291520 Results