Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2002-1549

    Buffer overflow in Light HTTPd (lhttpd) 0.1 allows remote attackers to execute arbitrary code via a long HTTP GET request.... Read more

    Affected Products : light_httpd
    • EPSS Score: %7.10
    • Published: Mar. 31, 2003
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2002-1550

    dump_smutil.sh in IBM AIX allows local users to overwrite arbitrary files via a symlink attack on temporary files.... Read more

    Affected Products : aix
    • EPSS Score: %0.06
    • Published: Mar. 31, 2003
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2002-1544

    Directory traversal vulnerability in CooolSoft Personal FTP Server 2.24 allows remote attackers to read or modify arbitrary files via .. (dot dot) sequences in the commands (1) LIST (ls), (2) mkdir, (3) put, or (4) get.... Read more

    Affected Products : personal_ftp_server
    • EPSS Score: %0.35
    • Published: Mar. 31, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-0127

    The kernel module loader in Linux kernel 2.2.x before 2.2.25, and 2.4.x before 2.4.21, allows local users to gain root privileges by using ptrace to attach to a child process that is spawned by the kernel.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.95
    • Published: Mar. 31, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0109

    Buffer overflow in ntdll.dll on Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute arbitrary code, as demonstrated via a WebDAV request to IIS 5.0.... Read more

    • EPSS Score: %88.72
    • Published: Mar. 31, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2003-0085

    Buffer overflow in the SMB/CIFS packet fragment re-assembly code for SMB daemon (smbd) in Samba before 2.2.8, and Samba-TNG before 0.3.1, allows remote attackers to execute arbitrary code.... Read more

    Affected Products : samba cifs-9000_server
    • EPSS Score: %86.07
    • Published: Mar. 31, 2003
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2003-0086

    The code for writing reg files in Samba before 2.2.8 allows local users to overwrite arbitrary files via a race condition involving chown.... Read more

    Affected Products : samba
    • EPSS Score: %0.32
    • Published: Mar. 31, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1546

    BRS WebWeaver Web Server 1.01 allows remote attackers to bypass password protections for files and directories via an HTTP request containing a "/./" sequence.... Read more

    Affected Products : webweaver
    • EPSS Score: %0.43
    • Published: Mar. 31, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1531

    The administrative web interface (STEMWADM) for SurfControl SuperScout Email Filter allows remote attackers to cause a denial of service (crash) via an HTTP request without a Content-Length parameter.... Read more

    Affected Products : superscout_email_filter
    • EPSS Score: %0.78
    • Published: Mar. 31, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-1074

    Unknown vulnerability in newtask for Solaris 9 allows local users to gain root privileges.... Read more

    Affected Products : solaris
    • EPSS Score: %0.05
    • Published: Mar. 28, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0028

    Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certa... Read more

    Affected Products : aix solaris hp-ux sunos freebsd glibc openafs kerberos_5 openbsd unicos +3 more products
    • EPSS Score: %56.05
    • Published: Mar. 25, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0129

    Ximian Evolution Mail User Agent 1.2.2 and earlier allows remote attackers to cause a denial of service (memory consumption) via a mail message that is uuencoded multiple times.... Read more

    Affected Products : linux evolution
    • EPSS Score: %19.35
    • Published: Mar. 24, 2003
    • Modified: Apr. 03, 2025

  • 9.0

    HIGH
    CVE-2003-0150

    MySQL 3.23.55 and earlier creates world-writeable files and allows mysql users to gain root privileges by using the "SELECT * INFO OUTFILE" operator to overwrite a configuration file and cause mysql to run as root upon restart, as demonstrated by modifyin... Read more

    Affected Products : mysql
    • EPSS Score: %12.81
    • Published: Mar. 24, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0130

    The handle_image function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier does not properly escape HTML characters, which allows remote attackers to inject arbitrary data and HTML via a MIME Content-ID header in a MIME-encoded imag... Read more

    Affected Products : linux evolution
    • EPSS Score: %14.82
    • Published: Mar. 24, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0140

    Buffer overflow in Mutt 1.4.0 and possibly earlier versions, 1.5.x up to 1.5.3, and other programs that use Mutt code such as Balsa before 2.0.10, allows a remote malicious IMAP server to cause a denial of service (crash) and possibly execute arbitrary co... Read more

    Affected Products : mutt linux
    • EPSS Score: %1.90
    • Published: Mar. 24, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0010

    Integer overflow in JsArrayFunctionHeapSort function used by Windows Script Engine for JScript (JScript.dll) on various Windows operating system allows remote attackers to execute arbitrary code via a malicious web page or HTML e-mail that uses a large ar... Read more

    • EPSS Score: %18.90
    • Published: Mar. 24, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0151

    BEA WebLogic Server and Express 6.0 through 7.0 does not properly restrict access to certain internal servlets that perform administrative functions, which allows remote attackers to read arbitrary files or execute arbitrary code.... Read more

    Affected Products : weblogic_server
    • EPSS Score: %4.73
    • Published: Mar. 24, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0138

    Version 4 of the Kerberos protocol (krb4), as used in Heimdal and other packages, allows an attacker to impersonate any principal in a realm via a chosen-plaintext attack.... Read more

    Affected Products : kerberos
    • EPSS Score: %5.64
    • Published: Mar. 24, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0139

    Certain weaknesses in the implementation of version 4 of the Kerberos protocol (krb4) in the krb5 distribution, when triple-DES keys are used to key krb4 services, allow an attacker to create krb4 tickets for unauthorized principals using a cut-and-paste ... Read more

    Affected Products : kerberos
    • EPSS Score: %4.95
    • Published: Mar. 24, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0131

    The SSL and TLS components for OpenSSL 0.9.6i and earlier, 0.9.7, and 0.9.7a allow remote attackers to perform an unauthorized RSA private key operation via a modified Bleichenbacher attack that uses a large number of SSL or TLS connections using PKCS #1 ... Read more

    Affected Products : openssl
    • EPSS Score: %17.25
    • Published: Mar. 24, 2003
    • Modified: Apr. 03, 2025
Showing 20 of 291915 Results