Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2003-0562

    Buffer overflow in the CGI2PERL.NLM PERL handler in Novell Netware 5.1 and 6.0 allows remote attackers to cause a denial of service (ABEND) via a long input string.... Read more

    Affected Products : netware
    • EPSS Score: %9.90
    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2003-0615

    Cross-site scripting (XSS) vulnerability in start_form() of CGI.pm allows remote attackers to insert web script via a URL that is fed into the form's action parameter.... Read more

    Affected Products : debian_linux openpkg cgi.pm
    • EPSS Score: %7.25
    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0525

    The getCanonicalPath function in Windows NT 4.0 may free memory that it does not own and cause heap corruption, which allows attackers to cause a denial of service (crash) via requests that cause a long file name to be passed to getCanonicalPath, as demon... Read more

    Affected Products : windows_nt
    • EPSS Score: %4.45
    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-1063

    The patches (1) 105693-13, (2) 108800-02, (3) 105694-13, and (4) 108801-02 for cachefs on Solaris 2.6 and 7 overwrite the inetd.conf file, which may silently reenable services and allow remote attackers to bypass the intended security policy.... Read more

    Affected Products : solaris sunos
    • EPSS Score: %0.43
    • Published: Aug. 20, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2003-1202

    The checklogin function in omail.pl for omail webmail 0.98.4 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a (1) password, (2) domainname, or (3) username.... Read more

    Affected Products : omail_webmail
    • EPSS Score: %4.04
    • Published: Aug. 19, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0519

    Certain versions of Internet Explorer 5 and 6, in certain Windows environments, allow remote attackers to cause a denial of service (freeze) via a URL to C:\aux (MS-DOS device name) and possibly other devices.... Read more

    Affected Products : internet_explorer
    • EPSS Score: %7.08
    • Published: Aug. 18, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2003-0589

    admin.php in Digi-ads 1.1 allows remote attackers to bypass authentication via a cookie with the username set to the name of the administrator, which satisfies an improper condition in admin.php that does not require a correct password.... Read more

    Affected Products : digi-news
    • EPSS Score: %2.56
    • Published: Aug. 18, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0581

    X Fontserver for Truetype fonts (xfstt) 1.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a (1) FS_QueryXExtents8 or (2) FS_QueryXBitmaps8 packet, and possibly other types of packets, with a large num_ranges ... Read more

    Affected Products : xfstt
    • EPSS Score: %1.82
    • Published: Aug. 18, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0456

    VisNetic WebSite 3.5 allows remote attackers to obtain the full pathname of the server via a request containing a folder that does not exist, which leaks the pathname in an error message, as demonstrated using _vti_bin/fpcount.exe.... Read more

    Affected Products : visnetic_website
    • EPSS Score: %0.92
    • Published: Aug. 18, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0559

    mainfile.php in phpforum 2 RC-1, and possibly earlier versions, allows remote attackers to execute arbitrary PHP code by modifying the MAIN_PATH parameter to reference a URL on a remote web server that contains the code.... Read more

    Affected Products : phpforum
    • EPSS Score: %0.75
    • Published: Aug. 18, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0558

    Buffer overflow in LeapFTP 2.7.3.600 allows remote FTP servers to execute arbitrary code via a long IP address response to a PASV request.... Read more

    Affected Products : leapftp
    • EPSS Score: %75.78
    • Published: Aug. 18, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2003-0252

    Off-by-one error in the xlog function of mountd in the Linux NFS utils package (nfs-utils) before 1.0.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via certain RPC requests to mountd that do not contain newline... Read more

    Affected Products : nfs-utils
    • EPSS Score: %16.11
    • Published: Aug. 18, 2003
    • Modified: Apr. 03, 2025

  • 3.6

    LOW
    CVE-2003-0536

    Directory traversal vulnerability in phpSysInfo 2.1 and earlier allows attackers with write access to a local directory to read arbitrary files as the PHP user or cause a denial of service via .. (dot dot) sequences in the (1) template or (2) lng paramete... Read more

    Affected Products : phpsysinfo
    • EPSS Score: %0.74
    • Published: Aug. 18, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0515

    SQL injection vulnerabilities in the (1) PostgreSQL or (2) MySQL authentication modules for teapop 0.3.5 and earlier allow attackers to execute arbitrary SQL and possibly gain privileges.... Read more

    Affected Products : teapop
    • EPSS Score: %0.73
    • Published: Aug. 18, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0554

    NeoModus Direct Connect 1.0 build 9, and possibly other versions, allows remote attackers to cause a denial of service (connection and possibly memory exhaustion) via a flood of ConnectToMe requests containing arbitrary IP addresses and ports.... Read more

    Affected Products : direct_connect
    • EPSS Score: %0.66
    • Published: Aug. 18, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2003-0560

    SQL injection vulnerability in shopexd.asp for VP-ASP allows remote attackers to gain administrator privileges via the id parameter.... Read more

    Affected Products : vp-asp
    • EPSS Score: %0.59
    • Published: Aug. 18, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0556

    Polycom MGC 25 allows remote attackers to cause a denial of service (crash) via a large number of "user" requests to the control port 5003, as demonstrated using the blast TCP stress tester.... Read more

    Affected Products : mgc-100 mgc-25 mgc-50
    • EPSS Score: %0.66
    • Published: Aug. 18, 2003
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2003-0458

    Unknown vulnerability in HP NonStop Server D40.00 through D48.03, and G01.00 through G06.20, allows local users to gain additional privileges.... Read more

    Affected Products : nonstop_seeview_server_gateway
    • EPSS Score: %0.09
    • Published: Aug. 18, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-0584

    Format string vulnerability in Backup and Restore Utility for Unix (BRU) 17.0 and earlier, when running setuid, allows local users to execute arbitrary code via format string specifiers in a command line argument.... Read more

    Affected Products : bru
    • EPSS Score: %0.31
    • Published: Aug. 18, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2003-0588

    admin.php in Digi-news 1.1 allows remote attackers to bypass authentication via a cookie with the username set to the name of the administrator, which satisfies an improper condition in admin.php that does not require a correct password.... Read more

    Affected Products : digi-news
    • EPSS Score: %2.56
    • Published: Aug. 18, 2003
    • Modified: Apr. 03, 2025
Showing 20 of 292512 Results