Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2004-0073

    PHP remote file inclusion vulnerability in (1) config.php and (2) config_page.php for EasyDynamicPages 2.0 allows remote attackers to execute arbitrary PHP code by modifying the edp_relative_path parameter to reference a URL on a remote web server that co... Read more

    Affected Products : easydynamicpages
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0070

    PHP remote file inclusion vulnerability in module.php for ezContents allows remote attackers to execute arbitrary PHP code by modifying the link parameter to reference a URL on a remote web server that contains the code.... Read more

    Affected Products : ezcontents
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2004-0091

    NOTE: this issue has been disputed by the vendor. Cross-site scripting (XSS) vulnerability in register.php for unknown versions of vBulletin allows remote attackers to inject arbitrary HTML or web script via the reg_site (or possibly regsite) parameter. ... Read more

    Affected Products : vbulletin
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0054

    Multiple vulnerabilities in the H.323 protocol implementation for Cisco IOS 11.3T through 12.2T allow remote attackers to cause a denial of service and possibly execute arbitrary code, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 pro... Read more

    Affected Products : ios
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0063

    The SPP_VerifyPVV function in nCipher payShield SPP library 1.3.12, 1.5.18 and 1.6.18 returns a Status_OK value even if the HSM returns a different status code, which could cause applications to make incorrect security-critical decisions, e.g. by acceptin... Read more

    Affected Products : payshield_spp_library
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-0064

    The SuSEconfig.gnome-filesystem script for YaST in SuSE 9.0 allows local users to overwrite arbitrary files via a symlink attack on files within the tmp.SuSEconfig.gnome-filesystem.$RANDOM temporary directory.... Read more

    Affected Products : suse_linux
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 6.8

    MEDIUM
    CVE-2004-0049

    Helix Universal Server/Proxy 9 and Mobile Server 10 allow remote attackers to cause a denial of service via certain HTTP POST messages to the Administration System port.... Read more

    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0061

    WWW File Share Pro 2.42 and earlier allows remote attackers to bypass directory access restrictions via (1) a URL with a trailing . (dot), or (2) a URI with a leading slash or backslash character.... Read more

    Affected Products : www_file_share_pro
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2004-0001

    Unknown vulnerability in the eflags checking in the 32-bit ptrace emulation for the Linux kernel on AMD64 systems allows local users to gain privileges.... Read more

    Affected Products : linux_kernel
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2003-0903

    Buffer overflow in a component of Microsoft Data Access Components (MDAC) 2.5 through 2.8 allows remote attackers to execute arbitrary code via a malformed UDP response to a broadcast request.... Read more

    Affected Products : data_access_components
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-1030

    Buffer overflow in DameWare Mini Remote Control before 3.73 allows remote attackers to execute arbitrary code via a long pre-authentication request to TCP port 6129.... Read more

    Affected Products : mini_remote_control_server
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-1180

    Unknown vulnerability in the rwho daemon (rwhod) before 0.17, on little endian architectures, allows remote attackers to cause a denial of service (application crash).... Read more

    • Published: Feb. 16, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-2082

    The samiftp.dll library in Sami FTP Server 1.1.3 allows remote authenticated users to cause a denial of service (pmsystem.exe crash) via a GET request wit a large number of leading "/" (slash) characters.... Read more

    Affected Products : sami_ftp_server
    • Published: Feb. 13, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-2088

    Sophos Anti-Virus 3.78 allows remote attackers to bypass virus scanning by using a qmail generated Delivery Status Notification (DSN) where the original email is not included in the bounce message.... Read more

    Affected Products : sophos_anti-virus
    • Published: Feb. 12, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-1214

    Unknown vulnerability in the server login for VisualShapers ezContents 2.02 and earlier allows remote attackers to bypass access restrictions and gain access to restricted functions.... Read more

    Affected Products : ezcontents
    • Published: Feb. 11, 2004
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2004-2083

    Opera Web Browser 7.0 through 7.23 allows remote attackers to trick users into executing a malicious file by embedding a CLSID in the file name, which causes the malicious file to appear as a trusted file type, aka "File Download Extension Spoofing."... Read more

    Affected Products : opera_browser
    • Published: Feb. 11, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-2091

    Microsoft Baseline Security Analyzer (MBSA) 1.2 does not correctly identify systems that have been patched but remain vulnerable to exploit until the system is rebooted, possibly giving the administrator a false sense of security.... Read more

    Affected Products : baseline_security_analyzer
    • Published: Feb. 10, 2004
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2004-2092

    eTrust InoculateIT for Linux 6.0 uses insecure permissions for multiple files and directories, including the application's registry and tmp directories, which allows local users to delete, modify, or examine sensitive information.... Read more

    Affected Products : inoculateit
    • Published: Feb. 09, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-2079

    Red-M Red-Alert 2.7.5 with software 3.1 build 24 binds authentication to IP addresses, which allows remote attackers to bypass authentication by connecting from the same IP address as an active authenticated user.... Read more

    Affected Products : red-alert
    • Published: Feb. 09, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-2080

    Red-M Red-Alert 2.7.5 with software 3.1 build 24 converts multiple spaces in a Service Set Identifier (SSID) to a single space, which prevents Red-Alert from correctly identifying the SSID.... Read more

    Affected Products : red-alert
    • Published: Feb. 09, 2004
    • Modified: Apr. 03, 2025
Showing 20 of 293513 Results