Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2002-1393

    Multiple vulnerabilities in KDE 2 and KDE 3.x through 3.0.5 do not quote certain parameters that are inserted into a shell command, which could allow remote attackers to execute arbitrary commands via (1) URLs, (2) filenames, or (3) e-mail addresses.... Read more

    Affected Products : linux kde
    • EPSS Score: %2.44
    • Published: Jan. 17, 2003
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2003-0014

    gsinterf.c in bmv 1.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files.... Read more

    Affected Products : bmv
    • EPSS Score: %0.08
    • Published: Jan. 11, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-0626

    Polycom ViewStation before 7.2.4 has a default null password for the administrator account, which allows arbitrary users to conduct unauthorized activities.... Read more

    • EPSS Score: %0.48
    • Published: Jan. 07, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0629

    The Telnet service for Polycom ViewStation before 7.2.4 allows remote attackers to cause a denial of service (crash) via multiple connections to the server.... Read more

    • EPSS Score: %1.32
    • Published: Jan. 07, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0630

    The Telnet service for Polycom ViewStation before 7.2.4 allows remote attackers to cause a denial of service (crash) via long or malformed ICMP packets.... Read more

    • EPSS Score: %1.32
    • Published: Jan. 07, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0628

    The Telnet service for Polycom ViewStation before 7.2.4 does not restrict the number of failed login attempts, which makes it easier for remote attackers to guess usernames and passwords via a brute force attack.... Read more

    • EPSS Score: %1.42
    • Published: Jan. 07, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0627

    The Web server for Polycom ViewStation before 7.2.4 allows remote attackers to bypass authentication and read files via Unicode encoded requests.... Read more

    • EPSS Score: %0.79
    • Published: Jan. 07, 2003
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2003-1071

    rpc.walld (wall daemon) for Solaris 2.6 through 9 allows local users to send messages to logged on users that appear to come from arbitrary user IDs by closing stderr before executing wall, then supplying a spoofed from header.... Read more

    Affected Products : solaris sunos
    • EPSS Score: %0.32
    • Published: Jan. 03, 2003
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2002-1389

    Buffer overflow in typespeed 0.4.2 and earlier allows local users to gain privileges via long input.... Read more

    Affected Products : typespeed
    • EPSS Score: %0.08
    • Published: Jan. 02, 2003
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2002-1386

    Buffer overflow in traceroute-nanog (aka traceroute-ng) may allow local users to execute arbitrary code via a long hostname argument.... Read more

    Affected Products : tracesroute
    • EPSS Score: %0.10
    • Published: Jan. 02, 2003
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2002-1388

    Cross-site scripting (XSS) vulnerability in MHonArc before 2.5.14 allows remote attackers to inject arbitrary HTML into web archive pages via HTML mail messages.... Read more

    Affected Products : mhonarc
    • EPSS Score: %0.35
    • Published: Jan. 02, 2003
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2002-1387

    The spray mode in traceroute-nanog (aka traceroute-ng) may allow local users to overwrite arbitrary memory locations via an array index overflow using the nprobes (number of probes) argument.... Read more

    Affected Products : tracesroute
    • EPSS Score: %0.07
    • Published: Jan. 02, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1378

    Multiple buffer overflows in OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allow remote attackers to execute arbitrary code via (1) long -t or -r parameters to slurpd, (2) a malicious ldapfilter.conf file that is not properly handled by getfilter functions, (3... Read more

    Affected Products : openldap
    • EPSS Score: %9.20
    • Published: Jan. 02, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-1384

    Integer overflow in pdftops, as used in Xpdf 2.01 and earlier, xpdf-i, and CUPS before 1.1.18, allows local users to execute arbitrary code via a ColorSpace entry with a large number of elements, as demonstrated by cups-pdf.... Read more

    Affected Products : xpdf cups
    • EPSS Score: %0.07
    • Published: Jan. 02, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1379

    OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allows remote or local attackers to execute arbitrary code when libldap reads the .ldaprc file within applications that are running with extra privileges.... Read more

    Affected Products : openldap
    • EPSS Score: %1.23
    • Published: Jan. 02, 2003
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2002-1700

    Cross-site scripting vulnerability (XSS) in the missing template handler in Macromedia ColdFusion MX allows remote attackers to execute arbitrary script as other users by injecting script into the HTTP request for the name of a template, which is not filt... Read more

    • EPSS Score: %30.37
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1861

    Sybase Enterprise Application Server 4.0, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing do... Read more

    Affected Products : easerver
    • EPSS Score: %0.44
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1656

    X-News (x_news) 1.1 and earlier allows attackers to authenticate as other users by obtaining the MD5 checksum of the password, e.g. via sniffing or the users.txt data file, and providing it in a cookie.... Read more

    Affected Products : x-news
    • EPSS Score: %15.43
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2002-1931

    Cross-site scripting (XSS) vulnerability in PHP Arena paFileDB 1.1.3 and 2.1.1 allows remote attackers to inject arbitrary web script or HTML via Javascript in the search string.... Read more

    Affected Products : pafiledb
    • EPSS Score: %0.41
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2002-2073

    Cross-site scripting (XSS) vulnerability in the default ASP pages on Microsoft Site Server 3.0 on Windows NT 4.0 allows remote attackers to inject arbitrary web script or HTML via the (1) ctr parameter in Default.asp and (2) the query string to formslogin... Read more

    • EPSS Score: %3.17
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025
Showing 20 of 291739 Results