Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.1

    MEDIUM
    CVE-2004-0431

    Integer overflow in Apple QuickTime (QuickTime.qts) before 6.5.1 allows attackers to execute arbitrary code via a large "number of entries" field in the sample-to-chunk table data for a .mov movie file, which leads to a heap-based buffer overflow.... Read more

    Affected Products : quicktime
    • Published: Jul. 07, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0459

    The Clear Channel Assessment (CCA) algorithm in the IEEE 802.11 wireless protocol, when using DSSS transmission encoding, allows remote attackers to cause a denial of service via a certain RF signal that causes a channel to appear busy (aka "jabber"), whi... Read more

    Affected Products : 802.11_wireless_protocol
    • Published: Jul. 07, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0479

    Internet Explorer 6 allows remote attackers to cause a denial of service (crash) via Javascript that creates a new popup window and disables the imagetoolbar functionality with a META tag, which triggers a null dereference.... Read more

    Affected Products : ie
    • Published: Jul. 07, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0398

    Heap-based buffer overflow in the ne_rfc1036_parse date parsing function for the neon library (libneon) 0.24.5 and earlier, as used by cadaver before 0.22, allows remote WebDAV servers to execute arbitrary code on the client.... Read more

    • Published: Jul. 07, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0399

    Stack-based buffer overflow in Exim 3.35, and other versions before 4, when the sender_verify option is true, allows remote attackers to cause a denial of service and possibly execute arbitrary code during sender verification.... Read more

    Affected Products : exim
    • Published: Jul. 07, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-0427

    The do_fork function in Linux 2.4.x before 2.4.26, and 2.6.x before 2.6.6, does not properly decrement the mm_count counter when an error occurs after the mm_struct for a child process has been activated, which triggers a memory leak that allows local use... Read more

    Affected Products : linux_kernel
    • Published: Jul. 07, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-0422

    flim before 1.14.3 creates temporary files insecurely, which allows local users to overwrite arbitrary files of the Emacs user via a symlink attack.... Read more

    Affected Products : enterprise_linux flim
    • Published: Jul. 07, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0485

    The default protocol helper for the disk: URI on Mac OS X 10.3.3 and 10.2.8 allows remote attackers to write arbitrary files by causing a disk image file (.dmg) to be mounted as a disk volume.... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: Jul. 07, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0470

    BEA WebLogic Server and WebLogic Express 7.0 through SP5 and 8.1 through SP2, when editing weblogic.xml using WebLogic Builder or the SecurityRoleAssignmentMBean.toXML method, inadvertently removes security-role-assignment tags when weblogic.xml does not ... Read more

    Affected Products : weblogic_server
    • Published: Jul. 07, 2004
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-2004-0474

    Help Center (HelpCtr.exe) may allow remote attackers to read or execute arbitrary files via an "http://" or "file://" argument to the topic parameter in an hcp:// URL. NOTE: since the initial report of this problem, several researchers have been unable t... Read more

    Affected Products : windows_xp
    • Published: Jul. 07, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0437

    Titan FTP Server version 3.01 build 163, and possibly other versions before build 169, allows remote authenticated users to cause a denial of service (crash) by disconnecting from the system during a "LIST -L" command, which causes Titan to access an inva... Read more

    Affected Products : titan_ftp_server
    • Published: Jul. 07, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-0401

    Unknown vulnerability in libtasn1 0.1.x before 0.1.2, and 0.2.x before 0.2.7, related to the DER parsing functions.... Read more

    Affected Products : libtasn1
    • Published: Jul. 07, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-0469

    Buffer overflow in the ISAKMP functionality for Check Point VPN-1 and FireWall-1 NG products, before VPN-1/FireWall-1 R55 HFA-03, R54 HFA-410 and NG FP3 HFA-325, or VPN-1 SecuRemote/SecureClient R56, may allow remote attackers to execute arbitrary code du... Read more

    • Published: Jul. 07, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0400

    Stack-based buffer overflow in Exim 4 before 4.33, when the headers_check_syntax option is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code during the header check.... Read more

    Affected Products : exim
    • Published: Jul. 07, 2004
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2004-0478

    Unknown versions of Mozilla allow remote attackers to cause a denial of service (high CPU/RAM consumption) using Javascript with an infinite loop that continues to add input to a form, possibly as the result of inserting control characters, as demonstrat... Read more

    Affected Products : mozilla
    • Published: Jul. 07, 2004
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2004-0482

    Multiple integer overflows in (1) procfs_cmdline.c, (2) procfs_fpregs.c, (3) procfs_linux.c, (4) procfs_regs.c, (5) procfs_status.c, and (6) procfs_subr.c in procfs for OpenBSD 3.5 and earlier allow local users to read sensitive kernel memory and possibly... Read more

    Affected Products : openbsd openbsd
    • Published: Jul. 07, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-0444

    Multiple vulnerabilities in SYMDNS.SYS for Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allow re... Read more

    • Published: Jul. 07, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0411

    The URI handlers in Konqueror for KDE 3.2.2 and earlier do not properly filter "-" characters that begin a hostname in a (1) telnet, (2) rlogin, (3) ssh, or (4) mailto URI, which allows remote attackers to manipulate the options that are passed to the ass... Read more

    Affected Products : konqueror
    • Published: Jul. 07, 2004
    • Modified: Apr. 03, 2025

  • 7.6

    HIGH
    CVE-2004-0486

    HelpViewer in Mac OS X 10.3.3 and 10.2.8 processes scripts that it did not initiate, which can allow attackers to execute arbitrary code, an issue that was originally reported as a directory traversal vulnerability in the Safari web browser using the runs... Read more

    Affected Products : mac_os_x mac_os_x_server
    • Published: Jul. 07, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-0434

    k5admind (kadmind) for Heimdal allows remote attackers to execute arbitrary code via a Kerberos 4 compatibility administration request whose framing length is less than 2, which leads to a heap-based buffer overflow.... Read more

    Affected Products : debian_linux heimdal
    • Published: Jul. 07, 2004
    • Modified: Apr. 03, 2025
Showing 20 of 293302 Results