Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2003-0812

    Stack-based buffer overflow in a logging function for Windows Workstation Service (WKSSVC.DLL) allows remote attackers to execute arbitrary code via RPC calls that cause long entries to be written to a debug log file ("NetSetup.LOG"), as demonstrated usin... Read more

    Affected Products : windows_2000 windows_xp
    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2003-0858

    Zebra 0.93b and earlier, and quagga before 0.95, allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface.... Read more

    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0950

    PeopleSoft PeopleTools 8.1x, 8.2x, and 8.4x allows remote attackers to execute arbitrary commands by uploading a file to the IClient Servlet, guessing the insufficiently random (system time) name of the directory used to store the file, and directly reque... Read more

    Affected Products : peopletools
    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 4.9

    MEDIUM
    CVE-2003-0859

    The getifaddrs function in GNU libc (glibc) 2.2.4 and earlier allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface.... Read more

    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 4.9

    MEDIUM
    CVE-2003-0856

    iproute 2.4.7 and earlier allows local users to cause a denial of service via spoofed messages as other users to the kernel netlink interface.... Read more

    Affected Products : linux iproute
    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2003-0914

    ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value.... Read more

    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0967

    rad_decode in FreeRADIUS 0.9.2 and earlier allows remote attackers to cause a denial of service (crash) via a short RADIUS string attribute with a tag, which causes memcpy to be called with a -1 length argument, as demonstrated using the Tunnel-Password a... Read more

    Affected Products : freeradius
    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0822

    Buffer overflow in the debug functionality in fp30reg.dll of Microsoft FrontPage Server Extensions (FPSE) 2000 and 2002 allows remote attackers to execute arbitrary code via a crafted chunked encoded request.... Read more

    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0327

    Sybase Adaptive Server Enterprise (ASE) 12.5 allows remote attackers to cause a denial of service (hang) via a remote password array with an invalid length, which triggers a heap-based buffer overflow.... Read more

    Affected Products : adaptive_server_enterprise
    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-0948

    Buffer overflow in iwconfig allows local users to execute arbitrary code via a long HOME environment variable.... Read more

    Affected Products : wireless_tools
    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0944

    Buffer overflow in the WAECHO default service in web-tools in SAP DB before 7.4.03.30 allows remote attackers to execute arbitrary code via a URL with a long requestURI.... Read more

    Affected Products : sap_db
    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0939

    eo420_GetStringFromVarPart in veo420.c for SAP database server (SAP DB) 7.4.03.27 and earlier may allow remote attackers to execute arbitrary code via a connect packet with a 256 byte segment to the niserver (aka serv.exe) process on TCP port 7269, which ... Read more

    Affected Products : sap_db
    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0973

    Unknown vulnerability in mod_python 3.0.x before 3.0.4, and 2.7.x before 2.7.9, allows remote attackers to cause a denial of service (httpd crash) via a certain query string.... Read more

    Affected Products : mod_python
    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0945

    The Web Database Manager in web-tools for SAP DB before 7.4.03.30 generates predictable session IDs, which allows remote attackers to conduct unauthorized activities.... Read more

    Affected Products : sap_db
    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0821

    Microsoft Excel 97, 2000, and 2002 allows remote attackers to execute arbitrary code via a spreadsheet with a malicious XLM (Excel 4) macro that bypasses the macro security model.... Read more

    Affected Products : word excel works
    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0974

    Applied Watch Command Center allows remote attackers to conduct unauthorized activities without authentication, such as (1) add new users to a console, as demonstrated using appliedsnatch.c, or (2) add spurious IDS rules to sensors, as demonstrated using ... Read more

    Affected Products : applied_watch_command_center
    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0960

    OpenCA before 0.9.1.4 does not use the correct certificate in a chain to check the serial, which could cause OpenCA to accept revoked or expired certificates.... Read more

    Affected Products : openca
    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-0947

    Buffer overflow in iwconfig, when installed setuid, allows local users to execute arbitrary code via a long OUT environment variable.... Read more

    Affected Products : wireless_tools
    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-0938

    vos24u.c in SAP database server (SAP DB) 7.4.03.27 and earlier allows local users to gain SYSTEM privileges via a malicious "NETAPI32.DLL" in the current working directory, which is found and loaded by SAP DB before the real DLL, as demonstrated using the... Read more

    Affected Products : sap_db
    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0970

    The Network Management Port on Sun Fire B1600 systems allows remote attackers to cause a denial of service (packet loss) via ARP packets, which cause all ports to become temporarily disabled.... Read more

    Affected Products : sun_fire
    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025
Showing 20 of 292835 Results