Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.9

    MEDIUM
    CVE-2002-2405

    Check Point FireWall-1 4.1 and Next Generation (NG), with UserAuth configured to proxy HTTP traffic only, allows remote attackers to pass unauthorized HTTPS, FTP and possibly other traffic through the firewall.... Read more

    Affected Products : firewall-1
    • EPSS Score: %0.27
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-2018

    sastcpd in SAS/Base 8.0 might allow local users to gain privileges by setting the netencralg environment variable, which causes a segmentation fault.... Read more

    Affected Products : base integration_technologies
    • EPSS Score: %0.05
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-2028

    The screensaver on Windows NT 4.0, 2000, XP, and 2002 does not verify if a domain account has already been locked when a valid password is provided, which makes it easier for users with physical access to conduct brute force password guessing.... Read more

    Affected Products : windows_2000 windows_xp windows_nt
    • EPSS Score: %0.81
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-2121

    SurfControl SuperScout Email filter for SMTP 3.5.1 allows remote attackers to cause a denial of service (crash) via a long SMTP (1) HELO or (2) RCPT TO command, possibly due to a buffer overflow.... Read more

    Affected Products : superscout_email_filter
    • EPSS Score: %0.81
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-2254

    The experimental IP packet queuing feature in Netfilter / IPTables in Linux kernel 2.4 up to 2.4.19 and 2.5 up to 2.5.31, when a privileged process exits and network traffic is not being queued, may allow a later process with the same Process ID (PID) to ... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.08
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 9.4

    HIGH
    CVE-2002-2269

    Directory traversal vulnerability in Webster HTTP Server allows remote attackers to read arbitrary files via a .. (dot dot) in the URL.... Read more

    Affected Products : webster_http_server
    • EPSS Score: %0.09
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 9.4

    HIGH
    CVE-2002-2268

    Buffer overflow in Webster HTTP Server allows remote attackers to execute arbitrary code via a long URL.... Read more

    Affected Products : webster_http_server
    • EPSS Score: %74.54
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 6.9

    MEDIUM
    CVE-2002-2282

    McAfee VirusScan 4.5.1, when the WebScanX.exe module is enabled, searches for particular DLLs from the user's home directory, even when browsing the local hard drive, which allows local users to run arbitrary code via malicious versions of those DLLs.... Read more

    Affected Products : virusscan
    • EPSS Score: %0.05
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-2286

    The parse-get function in utils.c for apt-www-proxy 0.1 allows remote attackers to cause a denial of service (crash) via an empty HTTP request, which causes a null dereference.... Read more

    Affected Products : apt-www-proxy
    • EPSS Score: %0.54
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-2289

    soinfo.php in BadBlue 1.7.1 calls the phpinfo function, which allows remote attackers to gain sensitive information including ODBC passwords.... Read more

    Affected Products : badblue
    • EPSS Score: %0.48
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1988

    Resin 2.1.1 allows remote attackers to cause a denial of service (memory consumption and hang) via a URL with long variables for non-existent resources.... Read more

    Affected Products : resin
    • EPSS Score: %0.74
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-2294

    Multiple buffer overflows in Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 allow remote attackers to cause a denial of service (service terminat... Read more

    • EPSS Score: %1.17
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 6.8

    MEDIUM
    CVE-2002-1662

    Multiple cross-site scripting (XSS) vulnerabilities in Mambo Site Server 4.0.11 allow remote attackers to execute arbitrary script on other clients via (1) search.php and (2) the "Your name" field during account registration.... Read more

    Affected Products : mambo_site_server
    • EPSS Score: %0.86
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.8

    HIGH
    CVE-2002-2306

    Sharman Networks KaZaA Media Desktop 1.7.1 allows remote attackers to cause a denial of service (CPU consumption) by sending several large messages.... Read more

    Affected Products : kazaa_media_desktop
    • EPSS Score: %3.06
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2002-1797

    ChaiVM for HP color LaserJet 4500 and 4550 or HP LaserJet 4100 and 8150 does not properly enforce access control restrictions, which could allow local users to add, delete, or modify any services hosted by the ChaiServer.... Read more

    Affected Products : chaivm
    • EPSS Score: %0.25
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-2310

    ClickCartPro 4.0 stores the admin_user.db data file under the web document root with insufficient access control on servers other than Apache, which allows remote attackers to obtain usernames and passwords.... Read more

    Affected Products : clickcartpro
    • EPSS Score: %0.42
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1818

    ezhttpbench.php in eZ httpbench 1.1 allows remote attackers to read arbitrary files via a full pathname in the AnalyseSite parameter.... Read more

    Affected Products : httpbench
    • EPSS Score: %3.45
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2002-1829

    Cross-site scripting (XSS) vulnerability in codeparse.php in Open Bulletin Board (OpenBB) 1.0.0 RC3 allows remote attackers to inject arbitrary web script or HTML via (1) myhome.php, (2) an onerror attribute in an IMG tag (a variant of CVE-2002-0330), or ... Read more

    Affected Products : openbb
    • EPSS Score: %0.52
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.8

    HIGH
    CVE-2002-2179

    The dynamic initialization feature of the ClearPath MCP environment allows remote attackers to cause a denial of service (crash) via a TCP port scan using a tool such as nmap.... Read more

    Affected Products : clearpath_mcp
    • EPSS Score: %1.03
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.1

    HIGH
    CVE-2002-2328

    Active Directory in Windows 2000, when supporting Kerberos V authentication and GSSAPI, allows remote attackers to cause a denial of service (hang) via an LDAP client that sets the page length to zero during a large request.... Read more

    Affected Products : windows_2000
    • EPSS Score: %37.66
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025
Showing 20 of 291739 Results