Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.6

    MEDIUM
    CVE-2004-1997

    Kolab stores OpenLDAP passwords in plaintext in the slapd.conf file, which may be installed world-readable, which allows local users to gain privileges.... Read more

    Affected Products : kolab_groupware_server openpkg
    • Published: May. 05, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-2000

    SQL injection vulnerability in the Downloads module in Php-Nuke 6.x through 7.2 allows remote attackers to execute arbitrary SQL via the (1) orderby or (2) sid parameters to modules.php.... Read more

    Affected Products : php-nuke
    • Published: May. 05, 2004
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2004-1999

    Cross-site scripting (XSS) vulnerability in the Downloads module in Php-Nuke 6.x through 7.2 allows remote attackers to inject arbitrary HTML and web script via the (1) ttitle or (2) sid parameters to modules.php.... Read more

    Affected Products : php-nuke
    • Published: May. 05, 2004
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2004-1996

    Cross-site scripting (XSS) vulnerability in Simple Machines Forum (SMF) 1.0 allows remote attackers to inject arbitrary web script via the size tag.... Read more

    Affected Products : smf
    • Published: May. 05, 2004
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2004-2001

    ifconfig "-arp" in SGI IRIX 6.5 through 6.5.22m does not properly disable ARP requests from being sent or received.... Read more

    Affected Products : irix
    • Published: May. 05, 2004
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2004-0149

    Multiple buffer overflows in xboing before 2.4 allow local users to gain privileges.... Read more

    Affected Products : xboing
    • Published: May. 04, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0184

    Integer underflow in the isakmp_id_print for TCPDUMP 3.8.1 and earlier allows remote attackers to cause a denial of service (crash) via an ISAKMP packet with an Identification payload with a length that becomes less than 8 during byte order conversion, wh... Read more

    Affected Products : tcpdump
    • Published: May. 04, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2003-0781

    Unknown vulnerability in ecartis before 1.0.0 does not properly validate user input, which allows attackers to obtain mailing list passwords.... Read more

    Affected Products : ecartis
    • Published: May. 04, 2004
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2004-0374

    Interchange before 5.0.1 allows remote attackers to "expose the content of arbitrary variables" and read or modify sensitive SQL information via an HTTP request ending with the "__SQLUSER__" string.... Read more

    Affected Products : interchange
    • Published: May. 04, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-0380

    The MHTML protocol handler in Microsoft Outlook Express 5.5 SP2 through Outlook Express 6 SP1 allows remote attackers to bypass domain restrictions and execute arbitrary code, as demonstrated on Internet Explorer using script in a compiled help (CHM) file... Read more

    Affected Products : outlook_express
    • Published: May. 04, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-0386

    Buffer overflow in the HTTP parser for MPlayer 1.0pre3 and earlier, 0.90, and 0.91 allows remote attackers to execute arbitrary code via a long Location header.... Read more

    Affected Products : mplayer linux mandrake_linux
    • Published: May. 04, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-0377

    Buffer overflow in the win32_stat function for (1) ActiveState's ActivePerl and (2) Larry Wall's Perl before 5.8.3 allows local or remote attackers to execute arbitrary commands via filenames that end in a backslash character.... Read more

    Affected Products : perl activeperl
    • Published: May. 04, 2004
    • Modified: Apr. 03, 2025

  • 6.8

    MEDIUM
    CVE-2004-0379

    Multiple cross-site scripting (XSS) vulnerabilities in Microsoft SharePoint Portal Server 2001 allow remote attackers to process arbitrary web content and steal cookies via certain server scripts.... Read more

    Affected Products : sharepoint_portal_server
    • Published: May. 04, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2003-0782

    Multiple buffer overflows in ecartis before 1.0.0 allow attackers to cause a denial of service and possibly execute arbitrary code.... Read more

    Affected Products : ecartis
    • Published: May. 04, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0366

    SQL injection vulnerability in the libpam-pgsql library before 0.5.2 allows attackers to execute arbitrary SQL statements.... Read more

    Affected Products : pam-pgsql
    • Published: May. 04, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0367

    Ethereal 0.10.1 to 0.10.2 allows remote attackers to cause a denial of service (crash) via a zero-length Presentation protocol selector.... Read more

    Affected Products : ethereal
    • Published: May. 04, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0371

    Heimdal 0.6.x before 0.6.1 and 0.5.x before 0.5.3 does not properly perform certain consistency checks for cross-realm requests, which allows remote attackers with control of a realm to impersonate others in the cross-realm trust path.... Read more

    Affected Products : heimdal
    • Published: May. 04, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-0370

    The setsockopt call in the KAME Project IPv6 implementation, as used in FreeBSD 5.2, does not properly handle certain IPv6 socket options, which could allow attackers to read kernel memory and cause a system panic.... Read more

    Affected Products : freebsd
    • Published: May. 04, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-0368

    Double free vulnerability in dtlogin in CDE on Solaris, HP-UX, and other operating systems allows remote attackers to execute arbitrary code via a crafted XDMCP packet.... Read more

    • Published: May. 04, 2004
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2004-0382

    Unknown vulnerability in the CUPS printing system in Mac OS X 10.3.3 and Mac OS X 10.2.8 with unknown impact, possibly related to a configuration file setting.... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: May. 04, 2004
    • Modified: Apr. 03, 2025
Showing 20 of 293437 Results