Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
  • 6.8

    MEDIUM
    CVE-2003-0310

    Cross-site scripting (XSS) vulnerability in articleview.php for eZ publish 2.2 allows remote attackers to insert arbitrary web script.... Read more

    Affected Products : ez_publish
    • EPSS Score: %0.37
    • Published: Jun. 16, 2003
    • Modified: Apr. 03, 2025
  • 7.5

    HIGH
    CVE-2003-0286

    SQL injection vulnerability in register.asp in Snitz Forums 2000 before 3.4.03, and possibly 3.4.07 and earlier, allows remote attackers to execute arbitrary stored procedures via the Email variable.... Read more

    Affected Products : snitz_forums_2000
    • EPSS Score: %1.23
    • Published: Jun. 16, 2003
    • Modified: Apr. 03, 2025
  • 2.6

    LOW
    CVE-2003-0282

    Directory traversal vulnerability in UnZip 5.50 allows attackers to overwrite arbitrary files via invalid characters between two . (dot) characters, which are filtered and result in a ".." sequence.... Read more

    • EPSS Score: %12.23
    • Published: Jun. 16, 2003
    • Modified: Apr. 03, 2025
  • 5.0

    MEDIUM
    CVE-2003-0285

    IBM AIX 5.2 and earlier distributes Sendmail with a configuration file (sendmail.cf) with the (1) promiscuous_relay, (2) accept_unresolvable_domains, and (3) accept_unqualified_senders features enabled, which allows Sendmail to be used as an open mail rel... Read more

    Affected Products : aix
    • EPSS Score: %1.18
    • Published: Jun. 16, 2003
    • Modified: Apr. 03, 2025
  • 6.8

    MEDIUM
    CVE-2003-0278

    Cross-site scripting (XSS) vulnerability in normal_html.cgi in Happycgi.com Happymall 4.3 and 4.4 allows remote attackers to insert arbitrary web script via the file parameter.... Read more

    Affected Products : happymall
    • EPSS Score: %0.57
    • Published: Jun. 16, 2003
    • Modified: Apr. 03, 2025
  • 7.5

    HIGH
    CVE-2003-0298

    The IMAP Client for Mozilla 1.3 and 1.4a allows remote malicious IMAP servers to cause a denial of service and possibly execute arbitrary code via certain large (1) literal and possibly (2) mailbox size values that cause either integer signedness errors o... Read more

    Affected Products : mozilla
    • EPSS Score: %0.95
    • Published: Jun. 16, 2003
    • Modified: Apr. 03, 2025
  • 5.0

    MEDIUM
    CVE-2003-0302

    The IMAP Client for Eudora 5.2.1 allows remote malicious IMAP servers to cause a denial of service and possibly execute arbitrary code via certain large literal size values that cause either integer signedness errors or integer overflow errors.... Read more

    Affected Products : eudora
    • EPSS Score: %0.86
    • Published: Jun. 16, 2003
    • Modified: Apr. 03, 2025
  • 10.0

    HIGH
    CVE-2003-0374

    Multiple unknown vulnerabilities in Nessus before 2.0.6, in libnessus and possibly libnasl, a different set of vulnerabilities than those identified by CVE-2003-0372 and CVE-2003-0373, aka "similar issues in other nasl functions as well as in libnessus."... Read more

    Affected Products : nessus
    • EPSS Score: %0.47
    • Published: Jun. 16, 2003
    • Modified: Apr. 03, 2025
  • 4.6

    MEDIUM
    CVE-2003-0365

    ICQLite 2003a creates the ICQ Lite directory with an ACE for "Full Control" privileges for Interactive Users, which allows local users to gain privileges as other users by replacing the executables with malicious programs.... Read more

    Affected Products : icqlite
    • EPSS Score: %0.17
    • Published: Jun. 16, 2003
    • Modified: Apr. 03, 2025
  • 6.8

    MEDIUM
    CVE-2003-0295

    Cross-site scripting (XSS) vulnerability in private.php for vBulletin 3.0.0 Beta 2 allows remote attackers to inject arbitrary web script and HTML via the "Preview Message" capability.... Read more

    Affected Products : vbulletin
    • EPSS Score: %0.42
    • Published: Jun. 16, 2003
    • Modified: Apr. 03, 2025
  • 4.4

    MEDIUM
    CVE-2003-0373

    Multiple buffer overflows in libnasl in Nessus before 2.0.6 allow local users with plugin upload privileges to cause a denial of service (core dump) and possibly execute arbitrary code via (1) a long proto argument to the scanner_add_port function, (2) a ... Read more

    Affected Products : nessus
    • EPSS Score: %0.09
    • Published: Jun. 16, 2003
    • Modified: Apr. 03, 2025
  • 6.8

    MEDIUM
    CVE-2003-0283

    Cross-site scripting (XSS) vulnerability in Phorum before 3.4.3 allows remote attackers to inject arbitrary web script and HTML tags via a message with a "<<" before a tag name in the (1) subject, (2) author's name, or (3) author's e-mail.... Read more

    Affected Products : phorum
    • EPSS Score: %0.72
    • Published: Jun. 16, 2003
    • Modified: Apr. 03, 2025
  • 4.6

    MEDIUM
    CVE-2003-0372

    Signed integer vulnerability in libnasl in Nessus before 2.0.6 allows local users with plugin upload privileges to cause a denial of service (core dump) and possibly execute arbitrary code by causing a negative argument to be provided to the insstr functi... Read more

    Affected Products : nessus
    • EPSS Score: %0.17
    • Published: Jun. 16, 2003
    • Modified: Apr. 03, 2025
  • 7.5

    HIGH
    CVE-2003-0296

    The IMAP Client for Evolution 1.2.4 allows remote malicious IMAP servers to cause a denial of service and possibly execute arbitrary code via certain large literal size values that cause either integer signedness errors or integer overflow errors.... Read more

    Affected Products : evolution
    • EPSS Score: %0.95
    • Published: Jun. 16, 2003
    • Modified: Apr. 03, 2025
  • 7.5

    HIGH
    CVE-2003-0377

    SQL injection vulnerability in the web-based administration interface for iisPROTECT 2.2-r4, and possibly earlier versions, allows remote attackers to insert arbitrary SQL and execute code via certain variables, as demonstrated using the GroupName variabl... Read more

    Affected Products : iisprotect
    • EPSS Score: %0.90
    • Published: Jun. 16, 2003
    • Modified: Apr. 03, 2025
  • 7.2

    HIGH
    CVE-2003-0289

    Format string vulnerability in scsiopen.c of the cdrecord program in cdrtools 2.0 allows local users to gain privileges via format string specifiers in the dev parameter.... Read more

    Affected Products : cdrecord
    • EPSS Score: %0.13
    • Published: Jun. 16, 2003
    • Modified: Apr. 03, 2025
  • 7.5

    HIGH
    CVE-2003-0315

    Snowblind Web Server 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP request, which may trigger a buffer overflow.... Read more

    Affected Products : snowblind_web_server
    • EPSS Score: %4.86
    • Published: Jun. 16, 2003
    • Modified: Apr. 03, 2025
  • 4.6

    MEDIUM
    CVE-2003-0420

    Information leak in dsimportexport for Apple Macintosh OS X Server 10.2.6 allows local users to obtain the username and password of the account running the tool.... Read more

    Affected Products : mac_os_x_server
    • EPSS Score: %0.08
    • Published: Jun. 13, 2003
    • Modified: Apr. 03, 2025
  • 7.5

    HIGH
    CVE-2002-1459

    Cross-site scripting vulnerability in L-Forum 2.40 and earlier, when the "Enable HTML in messages" option is off, allows remote attackers to insert arbitrary script or HTML via message fields including (1) From, (2) E-Mail, and (3) Subject.... Read more

    Affected Products : l-forum
    • EPSS Score: %1.08
    • Published: Jun. 09, 2003
    • Modified: Apr. 03, 2025
  • 5.0

    MEDIUM
    CVE-2003-0355

    Safari 1.0 Beta 2 (v73) and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates.... Read more

    Affected Products : safari konqueror_embedded
    • EPSS Score: %0.35
    • Published: Jun. 09, 2003
    • Modified: Apr. 03, 2025
Showing 20 of 291773 Results