Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.0

    MEDIUM
    CVE-2002-2163

    KvPoll 1.1 allows remote authenticated users to vote more than once by setting the "already_voted" cookie by various methods, including a direct call to clear_cookies.php.... Read more

    Affected Products : kvpoll
    • EPSS Score: %0.24
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1944

    Motorola Surfboard 4200 cable modem allows remote attackers to cause a denial of service (crash) by performing a SYN scan using a tool such as nmap.... Read more

    Affected Products : surfboard
    • EPSS Score: %0.66
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-1571

    The linux 2.4 kernel before 2.4.19 assumes that the fninit instruction clears all registers, which could lead to an information leak on processors that do not clear all relevant SSE registers.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.08
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2002-1819

    Directory traversal vulnerability in TinyHTTPD 0.1 .0 allows remote attackers to read or execute arbitrary files via a ".." (dot dot) in the URL.... Read more

    Affected Products : tinyhttpd
    • EPSS Score: %0.56
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-1629

    Multi-Tech ProxyServer products MTPSR1-100, MTPSR1-120, MTPSR1-202ST, MTPSR2-201, and MTPSR3-200 ship with a null password, which allows remote attackers to gain administrative privileges via Telnet or HTTP.... Read more

    Affected Products : proxyserver
    • EPSS Score: %1.27
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1828

    Savant Webserver 3.1 allows remote attackers to cause a denial of service (crash) via an HTTP GET request with a negative Content-Length value.... Read more

    Affected Products : savant_webserver
    • EPSS Score: %4.19
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-2029

    PHP, when installed on Windows with Apache and ScriptAlias for /php/ set to c:/php/, allows remote attackers to read arbitrary files and possibly execute arbitrary programs via an HTTP request for php.exe with a filename in the query string.... Read more

    Affected Products : http_server
    • EPSS Score: %36.64
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-1689

    Unknown vulnerability in the login program on AIX before 4.0 could allow remote users to specify 100 or more environment variables when logging on, which exceeds the length of a certain string, possibly triggering a buffer overflow.... Read more

    Affected Products : aix
    • EPSS Score: %1.42
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-2196

    Samba before 2.2.5 does not properly terminate the enum_csc_policy data structure, which may allow remote attackers to execute arbitrary code via a buffer overflow attack.... Read more

    Affected Products : samba
    • EPSS Score: %13.07
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.8

    HIGH
    CVE-2002-2272

    Tomcat 4.0 through 4.1.12, using mod_jk 1.2.1 module on Apache 1.3 through 1.3.27, allows remote attackers to cause a denial of service (desynchronized communications) via an HTTP GET request with a Transfer-Encoding chunked field with invalid values.... Read more

    Affected Products : http_server tomcat
    • EPSS Score: %20.74
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-2009

    Apache Tomcat 4.0.1 allows remote attackers to obtain the web root path via HTTP requests for JSP files preceded by (1) +/, (2) >/, (3) </, and (4) %20/, which leaks the pathname in an error message.... Read more

    Affected Products : tomcat
    • EPSS Score: %2.78
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2002-1636

    Cross-site scripting (XSS) vulnerability in the htp PL/SQL package for Oracle 9i Application Server (9iAS) allows remote attackers to inject arbitrary web script or HTML via the cbuf parameter to htp.print.... Read more

    Affected Products : application_server
    • EPSS Score: %0.29
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-2153

    Format string vulnerability in the administrative pages of the PL/SQL module for Oracle Application Server 4.0.8 and 4.0.8 2 allows remote attackers to execute arbitrary code.... Read more

    Affected Products : application_server
    • EPSS Score: %2.54
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1815

    Directory traversal vulnerability in source.php and source.cgi in Aquonics File Manager 1.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the URL.... Read more

    Affected Products : aquonics_file_manager
    • EPSS Score: %0.45
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1961

    Finjan Software SurfinGate 6.0 and 6.0 1 allows remote attackers to bypass URL access restrictions via a URL whose hostname portion uses a fully qualified domain name (FQDN) that ends in a "." (dot).... Read more

    Affected Products : surfingate
    • EPSS Score: %0.22
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 9.4

    HIGH
    CVE-2002-2268

    Buffer overflow in Webster HTTP Server allows remote attackers to execute arbitrary code via a long URL.... Read more

    Affected Products : webster_http_server
    • EPSS Score: %74.54
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1973

    Buffer overflow in CHttpServer::OnParseError in the ISAPI extension (Isapi.cpp) when built using Microsoft Foundation Class (MFC) static libraries in Visual C++ 5.0, and 6.0 before SP3, as used in multiple products including BadBlue, allows remote attacke... Read more

    Affected Products : badblue foundation_class_library
    • EPSS Score: %60.23
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-1892

    NETGEAR FVS318 running firmware 1.1 stores the username and password in a readable format when a backup of the configuration file is made, which allows local users to obtain sensitive information.... Read more

    Affected Products : fvs318
    • EPSS Score: %0.14
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1851

    Buffer overflow in WS_FTP Pro 7.5 allows remote attackers to execute code on a client system via unknown attack vectors.... Read more

    Affected Products : ws_ftp_pro
    • EPSS Score: %16.56
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1770

    Qualcomm Eudora 5.1 allows remote attackers to execute arbitrary code via an HTML e-mail message that uses a file:// URL in a t:video tag to reference an attached Windows Media Player file containing JavaScript code, which is launched and executed in the ... Read more

    Affected Products : eudora
    • EPSS Score: %1.19
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025
Showing 20 of 291601 Results