Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2003-0989

    tcpdump before 3.8.1 allows remote attackers to cause a denial of service (infinite loop) via certain ISAKMP packets, a different vulnerability than CVE-2004-0057.... Read more

    Affected Products : linux tcpdump
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2003-0819

    Buffer overflow in the H.323 filter of Microsoft Internet Security and Acceleration Server 2000 allows remote attackers to execute arbitrary code in the Microsoft Firewall Service via certain H.323 traffic, as demonstrated by the NISCC/OUSPG PROTOS test s... Read more

    Affected Products : proxy_server
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0700

    The C-Media PCI sound driver in Linux before 2.4.22 does not use the get_user function to access userspace in certain conditions, which crosses security boundaries and may facilitate the exploitation of vulnerabilities, a different vulnerability than CVE-... Read more

    Affected Products : kernel
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0988

    Buffer overflow in the VCF file information reader for KDE Personal Information Management (kdepim) suite in KDE 3.1.0 through 3.1.4 allows attackers to execute arbitrary code via a VCF file.... Read more

    Affected Products : linux kde
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0966

    Buffer overflow in the frm command in elm 2.5.6 and earlier, and possibly later versions, allows remote attackers to execute arbitrary code via a long Subject line.... Read more

    Affected Products : elm
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-1032

    Pi3Web web server 2.0.2 Beta 1, when the Directory Index is configured to use the "Name" column and sort using the column title as a hyperlink, allows remote attackers to cause a denial of service (crash) via a malformed URL to the web server, possibly in... Read more

    Affected Products : pi3web
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2003-0992

    Cross-site scripting (XSS) vulnerability in the create CGI script for Mailman before 2.1.3 allows remote attackers to steal cookies of other users.... Read more

    Affected Products : mailman
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-1029

    The L2TP protocol parser in tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (infinite loop and memory consumption) via a packet with invalid data to UDP port 1701, which causes l2tp_avp_print to use a bad length value when c... Read more

    Affected Products : tcpdump
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 6.8

    MEDIUM
    CVE-2003-0965

    Cross-site scripting (XSS) vulnerability in the admin CGI script for Mailman before 2.1.4 allows remote attackers to steal session cookies and conduct unauthorized activities.... Read more

    Affected Products : mailman
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2004-0074

    Multiple buffer overflows in xsok 1.02 allows local users to gain privileges via (1) a long LANG environment variable, or (2) a long -xsokdir command line argument, a different vulnerability than CVE-2003-0949.... Read more

    Affected Products : xsok
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 3.7

    LOW
    CVE-2003-0924

    netpbm 9.25 and earlier does not properly create temporary files, which allows local users to overwrite arbitrary files.... Read more

    Affected Products : netpbm
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0004

    The libCheckSignature function in crypto-utils.lib for OpenCA 0.9.1.6 and earlier only compares the serial of the signer's certificate and the one in the database, which can cause OpenCA to incorrectly accept a signature if the certificate's chain is trus... Read more

    Affected Products : openca
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0062

    Integer overflow in the rnd arithmetic rounding function for various versions of FishCart before 3.1 allows remote attackers to "cause negative totals" via an order with a large quantity.... Read more

    Affected Products : fishcart
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2004-0067

    Multiple cross-site scripting (XSS) vulnerabilities in phpGedView before 2.65 allow remote attackers to inject arbitrary HTML or web script via (1) descendancy.php, (2) index.php, (3) individual.php, (4) login.php, (5) relationship.php, (6) source.php, (7... Read more

    Affected Products : phpgedview
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0060

    WWW File Share Pro 2.42 and earlier allows remote attackers to cause a denial of service (crash) via a large POST request.... Read more

    Affected Products : www_file_share_pro
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-0064

    The SuSEconfig.gnome-filesystem script for YaST in SuSE 9.0 allows local users to overwrite arbitrary files via a symlink attack on files within the tmp.SuSEconfig.gnome-filesystem.$RANDOM temporary directory.... Read more

    Affected Products : suse_linux
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0066

    phpGedView before 2.65 allows remote attackers to obtain the absolute path of the web server via malformed parameters to (1) indilist.php, (2) famlist.php, (3) placelist.php, (4) imageview.php, (5) timeline.php, (6) clippings.php, (7) login.php, and (8) g... Read more

    Affected Products : phpgedview
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0071

    Directory traversal vulnerability in buildManPage in class.manpagelookup.php for PHP Man Page Lookup 1.2.0 allows remote attackers to read arbitrary files via the command parameter ($cmd variable) to index.php.... Read more

    Affected Products : php
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0073

    PHP remote file inclusion vulnerability in (1) config.php and (2) config_page.php for EasyDynamicPages 2.0 allows remote attackers to execute arbitrary PHP code by modifying the edp_relative_path parameter to reference a URL on a remote web server that co... Read more

    Affected Products : easydynamicpages
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0070

    PHP remote file inclusion vulnerability in module.php for ezContents allows remote attackers to execute arbitrary PHP code by modifying the link parameter to reference a URL on a remote web server that contains the code.... Read more

    Affected Products : ezcontents
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025
Showing 20 of 293179 Results