Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.1

    MEDIUM
    CVE-2004-0474

    Help Center (HelpCtr.exe) may allow remote attackers to read or execute arbitrary files via an "http://" or "file://" argument to the topic parameter in an hcp:// URL. NOTE: since the initial report of this problem, several researchers have been unable t... Read more

    Affected Products : windows_xp
    • Published: Jul. 07, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0399

    Stack-based buffer overflow in Exim 3.35, and other versions before 4, when the sender_verify option is true, allows remote attackers to cause a denial of service and possibly execute arbitrary code during sender verification.... Read more

    Affected Products : exim
    • Published: Jul. 07, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0483

    Unknown vulnerability in rpc.mountd for SGI IRIX 6.5.24 allows remote attackers to cause a denial of service (infinite loop) via certain RPC requests.... Read more

    Affected Products : irix
    • Published: Jul. 07, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0459

    The Clear Channel Assessment (CCA) algorithm in the IEEE 802.11 wireless protocol, when using DSSS transmission encoding, allows remote attackers to cause a denial of service via a certain RF signal that causes a channel to appear busy (aka "jabber"), whi... Read more

    Affected Products : 802.11_wireless_protocol
    • Published: Jul. 07, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-0444

    Multiple vulnerabilities in SYMDNS.SYS for Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allow re... Read more

    • Published: Jul. 07, 2004
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2004-0445

    The SYMDNS.SYS driver in Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allows remote attackers to... Read more

    • Published: Jul. 07, 2004
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-2004-0430

    Stack-based buffer overflow in AppleFileServer for Mac OS X 10.3.3 and earlier allows remote attackers to execute arbitrary code via a LoginExt packet for a Cleartext Password User Authentication Method (UAM) request with a PathName argument that includes... Read more

    Affected Products : mac_os_x mac_os_x_server
    • Published: Jul. 07, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-0434

    k5admind (kadmind) for Heimdal allows remote attackers to execute arbitrary code via a Kerberos 4 compatibility administration request whose framing length is less than 2, which leads to a heap-based buffer overflow.... Read more

    Affected Products : debian_linux heimdal
    • Published: Jul. 07, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0411

    The URI handlers in Konqueror for KDE 3.2.2 and earlier do not properly filter "-" characters that begin a hostname in a (1) telnet, (2) rlogin, (3) ssh, or (4) mailto URI, which allows remote attackers to manipulate the options that are passed to the ass... Read more

    Affected Products : konqueror
    • Published: Jul. 07, 2004
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2004-0482

    Multiple integer overflows in (1) procfs_cmdline.c, (2) procfs_fpregs.c, (3) procfs_linux.c, (4) procfs_regs.c, (5) procfs_status.c, and (6) procfs_subr.c in procfs for OpenBSD 3.5 and earlier allow local users to read sensitive kernel memory and possibly... Read more

    Affected Products : openbsd openbsd
    • Published: Jul. 07, 2004
    • Modified: Apr. 03, 2025

  • 7.6

    HIGH
    CVE-2004-0489

    Argument injection vulnerability in the SSH URI handler for Safari on Mac OS 10.3.3 and earlier allows remote attackers to (1) execute arbitrary code via the ProxyCommand option or (2) conduct port forwarding via the -R option.... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: Jul. 07, 2004
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2004-0484

    mshtml.dll in Microsoft Internet Explorer 6.0.2800 allows remote attackers to cause a denial of service (crash) via a table containing a form that crosses multiple td elements, and whose "float: left" class is defined in a link to a CSS stylesheet after t... Read more

    Affected Products : internet_explorer
    • Published: Jul. 07, 2004
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2004-0424

    Integer overflow in the ip_setsockopt function in Linux kernel 2.4.22 through 2.4.25 and 2.6.1 through 2.6.3 allows local users to cause a denial of service (crash) or execute arbitrary code via the MCAST_MSFILTER socket option.... Read more

    • Published: Jul. 07, 2004
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2004-1345

    Unknown vulnerability in Sun StorEdge Enterprise Storage Manager (ESM) 2.1 for Solaris 8 and Solaris 9 allows local users with the "ESMUser" role to gain root access.... Read more

    • Published: Jun. 21, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-1346

    The Sun Solaris Volume Manager (SVM) on Solaris 9 allows local users to cause a denial of service (kernel panic) via a malformed probe request to the SVM.... Read more

    Affected Products : solaris
    • Published: Jun. 19, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-1754

    The DNS proxy (DNSd) for multiple Symantec Gateway Security products allows remote attackers to poison the DNS cache via a malicious DNS server query response that contains authoritative or additional records.... Read more

    • Published: Jun. 15, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0038

    McAfee ePolicy Orchestrator (ePO) 2.5.1 Patch 13 and 3.0 SP2a Patch 3 allows remote attackers to execute arbitrary commands via certain HTTP POST requests to the spipe/file handler on ePO TCP port 81.... Read more

    Affected Products : epolicy_orchestrator
    • Published: Jun. 14, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0227

    Buffer overflow in the zms script in ZoneMinder before 1.19.2 may allow a remote attacker to execute arbitrary code via a long query string.... Read more

    Affected Products : zoneminder
    • Published: Jun. 14, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0396

    Heap-based buffer overflow in CVS 1.11.x up to 1.11.15, and 1.12.x up to 1.12.7, when using the pserver mechanism allows remote attackers to execute arbitrary code via Entry lines.... Read more

    Affected Products : cvs
    • Published: Jun. 14, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-1041

    Internet Explorer 5.x and 6.0 allows remote attackers to execute arbitrary programs via a modified directory traversal attack using a URL containing ".." (dot dot) sequences and a filename that ends in "::" which is treated as a .chm file even if it does ... Read more

    Affected Products : internet_explorer ie
    • Published: Jun. 14, 2004
    • Modified: Apr. 03, 2025
Showing 20 of 293568 Results