Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2004-1917

    Format string vulnerability in test_func_func in LCDProc 0.4.1 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the str variable.... Read more

    Affected Products : lcdproc
    • Published: Apr. 08, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-1916

    Multiple buffer overflows in LCDProc 0.4.1, and possibly other 0.4.x versions up to 0.4.4, allows remote attackers to execute arbitrary code via (1) a long invalid command to parse_all_client_messages function, or (2) long argv command to test_func_func f... Read more

    Affected Products : lcdproc
    • Published: Apr. 08, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-1357

    The Secure Shell (SSH) Daemon (SSHD) in Sun Solaris 9 does not properly log IP addresses when SSHD is configured with the ListenAddress as 0.0.0.0, which makes it easier for remote attackers to hide the source of their activities.... Read more

    Affected Products : solaris
    • Published: Apr. 07, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-1986

    Directory traversal vulnerability in modules.php in Coppermine Photo Gallery 1.2.2b and 1.2.0 RC4 allows remote attackers with administrative privileges to read arbitrary files via a .. (dot dot) in the startdir parameter.... Read more

    Affected Products : php-nuke coppermine_photo_gallery
    • Published: Apr. 04, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-1890

    Unknown vulnerability in ftpd in SGI IRIX 6.5.20 through 6.5.23 allows remote attackers to cause a denial of service (hang) via the PORT mode.... Read more

    Affected Products : irix
    • Published: Apr. 02, 2004
    • Modified: Apr. 03, 2025

  • 9.3

    HIGH
    CVE-2004-1875

    Multiple cross-site scripting (XSS) vulnerabilities in cPanel 9.1.0-R85 allow remote attackers to inject arbitrary web script or HTML via the (1) email parameter to testfile.html, (2) file parameter to erredit.html, (3) dns parameter to dnslook.html, (4) ... Read more

    Affected Products : cpanel
    • Published: Mar. 30, 2004
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2004-1876

    The "%f" feature in the VirusEvent directive in Clam AntiVirus daemon (clamd) before 0.70 allows local users to execute arbitrary commands via shell metacharacters in a file name.... Read more

    Affected Products : clamav
    • Published: Mar. 30, 2004
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2004-1877

    The p_submit_url value in the sample login form in the Oracle 9i Application Server (9iAS) Single Sign-on Administrators Guide, Release 2(9.0.2) for Oracle SSO allows remote attackers to spoof the login page, which could allow users to inadvertently revea... Read more

    Affected Products : http_server application_server
    • Published: Mar. 30, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-1878

    LINBOX LIN:BOX allows remote attackers to bypass authentication, obtain sensitive information, or gain access via a direct request to admin/user.pl preceded by // (double leading slash).... Read more

    Affected Products : linbox_officeserver
    • Published: Mar. 30, 2004
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2003-1008

    Unknown vulnerability in Mac OS X 10.2.8 and 10.3.2 allows local users to bypass the screen saver login window and write a text clipping to the desktop or another application.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • Published: Mar. 29, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0194

    Stack-based buffer overflow in the OutputDebugString function for Adobe Acrobat Reader 5.1 allows remote attackers to execute arbitrary code via a PDF document with XML Forms Data Format (XFDF) data.... Read more

    Affected Products : acrobat_reader
    • Published: Mar. 29, 2004
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-1018

    Format string vulnerability in enq command in AIX 4.3, 5.1, and 5.2 allows local users with rintq group privileges to gain privileges via unknown attack vectors.... Read more

    Affected Products : aix
    • Published: Mar. 29, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0796

    Unknown vulnerability in rpc.mountd SGI IRIX 6.5.18 through 6.5.22 allows remote attackers to mount from unprivileged ports even with the -n option disabled.... Read more

    Affected Products : irix
    • Published: Mar. 29, 2004
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2004-1874

    Multiple cross-site scripting (XSS) vulnerabilities in (1) deliver.asp and (2) billing.asp in A-CART Pro and A-CART 2.0 allow remote attackers to inject arbitrary web script or HTML via the user information forms.... Read more

    Affected Products : a-cart
    • Published: Mar. 29, 2004
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2004-0158

    Buffer overflow in lbreakout2 allows local users to gain 'games' group privileges via a large HOME environment variable to (1) editor.c, (2) theme.c, (3) manager.c, (4) config.c, (5) game.c, (6) levels.c, or (7) main.c.... Read more

    Affected Products : lbreakout2
    • Published: Mar. 29, 2004
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-1006

    Buffer overflow in cd9660.util in Apple Mac OS X 10.0 through 10.3.2 and Apple Mac OS X Server 10.0 through 10.3.2 may allow local users to execute arbitrary code via a long command line parameter.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • Published: Mar. 29, 2004
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2003-0612

    Multiple buffer overflows in main.c for Crafty 19.3 allow local users to gain group "games" privileges via long command line arguments to crafty.bin.... Read more

    Affected Products : crafty
    • Published: Mar. 29, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0444

    Heap-based buffer overflow in GTKSee 0.5 and 0.5.1 allows remote attackers to execute arbitrary code via a PNG image of certain color depths.... Read more

    Affected Products : gtksee
    • Published: Mar. 29, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0113

    Memory leak in ssl_engine_io.c for mod_ssl in Apache 2 before 2.0.49 allows remote attackers to cause a denial of service (memory consumption) via plain HTTP requests to the SSL port of an SSL-enabled server.... Read more

    Affected Products : http_server
    • Published: Mar. 29, 2004
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2003-0828

    Buffer overflow in freesweep in Debian GNU/Linux 3.0 allows local users to gain "games" group privileges when processing environment variables.... Read more

    Affected Products : freesweep
    • Published: Mar. 29, 2004
    • Modified: Apr. 03, 2025
Showing 20 of 293633 Results