Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2002-1809

    The default configuration of the Windows binary release of MySQL 3.23.2 through 3.23.52 has a NULL root password, which could allow remote attackers to gain unauthorized root access to the MySQL database.... Read more

    Affected Products : mysql
    • EPSS Score: %8.98
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.8

    HIGH
    CVE-2002-2272

    Tomcat 4.0 through 4.1.12, using mod_jk 1.2.1 module on Apache 1.3 through 1.3.27, allows remote attackers to cause a denial of service (desynchronized communications) via an HTTP GET request with a Transfer-Encoding chunked field with invalid values.... Read more

    Affected Products : http_server tomcat
    • EPSS Score: %20.74
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1905

    Buffer overflow in the web server of Polycom ViaVideo 2.2 and 3.0 allows remote attackers to cause a denial of service (crash) via a long HTTP GET request.... Read more

    Affected Products : viavideo
    • EPSS Score: %4.35
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-2006

    The default installation of Apache Tomcat 4.0 through 4.1 and 3.0 through 3.3.1 allows remote attackers to obtain the installation path and other sensitive system information via the (1) SnoopServlet or (2) TroubleShooter example servlets.... Read more

    Affected Products : tomcat
    • EPSS Score: %32.36
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-1956

    ROX Filer 1.1.9 and 1.2 is installed with world writable permissions, which allows local users to write to arbitrary files.... Read more

    Affected Products : filer
    • EPSS Score: %0.10
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-1686

    Buffer overflow in lscfg of unknown versions of AIX has unknown impact.... Read more

    Affected Products : aix
    • EPSS Score: %0.50
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-2035

    SQL injection vulnerability in RealityScape MyLogin 2000 1.0.0 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) Username or (2) Password in the login form.... Read more

    Affected Products : mylogin_2000
    • EPSS Score: %1.10
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-2402

    SURECOM broadband router EP-4501 uses a default SNMP read community string of "public" and a default SNMP read/write community string of "secret," which allows remote attackers to read and modify router configuration information.... Read more

    Affected Products : ep-4501
    • EPSS Score: %0.70
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2002-2376

    Cross-site scripting (XSS) vulnerability in E-Guest_sign.pl in E-Guest 1.1 allows remote attackers to inject arbitrary SSI directives, web script, and HTML via the (1) full name, (2) email, (3) homepage, and (4) location parameters. NOTE: this issue migh... Read more

    Affected Products : e-guest
    • EPSS Score: %0.51
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-2372

    The telnet server in Infoprint 21 running controller software before 1.056007 allows remote attackers to cause a denial of service (crash) via a long username, possibly due to a buffer overflow.... Read more

    Affected Products : infoprint_21 infoprint
    • EPSS Score: %1.65
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-2322

    Ultimate PHP Board (UPB) 1.0b stores the users.dat data file under the web root with insufficient access control, which allows remote attackers to obtain usernames and passwords.... Read more

    Affected Products : ultimate_php_board
    • EPSS Score: %0.48
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2002-2231

    Cross-site scripting (XSS) vulnerability in Ikonboard 3.1.1 allows remote attackers to inject arbitrary web script or HTML via (1) a javascript: URL in a photo URL or (2) an X-Forwarded-For: header.... Read more

    Affected Products : ikonboard
    • EPSS Score: %0.33
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1778

    Symantec Norton Personal Firewall 2002 allows remote attackers to bypass the portscan protection by using a (1) SYN/FIN, (2) SYN/FIN/URG, (3) SYN/FIN/PUSH, or (4) SYN/FIN/URG/PUSH scan.... Read more

    Affected Products : norton_personal_firewall
    • EPSS Score: %0.45
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-1854

    Rlaj whois CGI script (whois.cgi) 1.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the domain name field.... Read more

    Affected Products : rlaj_whois
    • EPSS Score: %2.32
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.8

    HIGH
    CVE-2002-2206

    The POP3 proxy service (POPROXY.EXE) in Norton AntiVirus 2001 allows local users to cause a denial of service (CPU consumption and crash) via a long username with multiple /localhost entries.... Read more

    Affected Products : norton_antivirus
    • EPSS Score: %1.04
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-2127

    Integrity Protection Driver (IPD) 1.2 and earlier blocks access to \Device\PhysicalMemory by its name, which could allow local privileged processes to overwrite kernel memory by accessing the device through a symlink.... Read more

    Affected Products : integrity_protection_driver
    • EPSS Score: %0.08
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-2100

    Microsoft Outlook 2002 allows remote attackers to embed bypass the file download restrictions for attachments via an HTML email message that uses an IFRAME to reference malicious content.... Read more

    Affected Products : outlook
    • EPSS Score: %8.15
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-2098

    Buffer overflow in axspawn.c in Axspawn-pam before 0.2.1a allows remote attackers to execute arbitrary code via large packets.... Read more

    Affected Products : axspawn
    • EPSS Score: %3.31
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-2075

    ICQ 2001a and 2002b allows remote attackers to cause a denial of service (memory consumption and hang) via a contact message with a large contacts number.... Read more

    Affected Products : icq
    • EPSS Score: %1.17
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-2040

    The (1) phrafx and (2) phgrafx-startup programs in QNX realtime operating system (RTOS) 4.25 and 6.1.0 do not properly drop privileges before executing the system command, which allows local users to execute arbitrary commands by modifying the PATH enviro... Read more

    Affected Products : rtos
    • EPSS Score: %0.31
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025
Showing 20 of 291578 Results