Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2002-2195

    Buffer overflow in the version update check for Winamp 2.80 and earlier allows remote attackers who can spoof www.winamp.com to execute arbitrary code via a long server response.... Read more

    Affected Products : winamp
    • EPSS Score: %20.62
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1778

    Symantec Norton Personal Firewall 2002 allows remote attackers to bypass the portscan protection by using a (1) SYN/FIN, (2) SYN/FIN/URG, (3) SYN/FIN/PUSH, or (4) SYN/FIN/URG/PUSH scan.... Read more

    Affected Products : norton_personal_firewall
    • EPSS Score: %0.45
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-2143

    The admin.html file in MySimple News 1.0 stores its administrative password in plaintext, which allows remote attackers to gain unauthorized access to the web server by viewing the source of admin.html.... Read more

    Affected Products : mysimplenews
    • EPSS Score: %5.38
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2002-2059

    BIOS D845BG, D845HV, D845PT and D845WN on Intel motherboards does not properly restrict access to configuration information when BIOS passwords are enabled, which could allow local users to change the default boot device via the F8 key.... Read more

    • EPSS Score: %0.10
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 6.8

    MEDIUM
    CVE-2002-2299

    PHP remote file inclusion vulnerability in thatfile.php in Thatware 0.3 through 0.5.2 allows remote attackers to execute arbitrary PHP code via the root_path parameter.... Read more

    Affected Products : thatware
    • EPSS Score: %0.52
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-2173

    Buffer overflow in the IRC module of Trillian 0.725 and 0.73 allowing remote attackers to execute arbitrary code via a long DCC Chat message.... Read more

    Affected Products : trillian
    • EPSS Score: %12.18
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-2095

    Joe Testa hellbent 01 webserver allows attackers to read files that are specified in the hellbent.prefs file by creating a file with a similar name in the web root, as demonstrated using (1) index.webroot and (2) index.ipallow.... Read more

    Affected Products : hellbent
    • EPSS Score: %0.35
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-1854

    Rlaj whois CGI script (whois.cgi) 1.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the domain name field.... Read more

    Affected Products : rlaj_whois
    • EPSS Score: %2.32
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.8

    MEDIUM
    CVE-2002-2312

    Opera 6.0.1 allows remote attackers to upload arbitrary file contents when users press a key corresponding to the JavaScript (1) event.ctrlKey or (2) event.shiftKey onkeydown event contained in a webpage.... Read more

    Affected Products : opera
    • EPSS Score: %2.32
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2002-2228

    MailScanner before 4.0 5-1 and before 3.2 6-1 allows remote attackers to bypass protection via attachments with a filename with (1) extra leading spaces, (2) extra trailing spaces, or (3) alternate character encodings that cannot be processed by MailScann... Read more

    Affected Products : mailscanner
    • EPSS Score: %0.18
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2002-2418

    Cross-site scripting (XSS) vulnerability in acFreeProxy (aka acFP) 1.33 beta 7 allows remote attackers to inject arbitrary web script or HTML via the URL, which is inserted into an error page.... Read more

    Affected Products : acfreeproxy
    • EPSS Score: %0.38
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-1927

    Aquonics File Manager 1.5 allows users with edit privileges to modify user accounts by editing the userlist.cgi file.... Read more

    Affected Products : aquonics_file_manager
    • EPSS Score: %0.07
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-2190

    ArtsCore Studios CuteCast Forum 1.2 stores passwords in plaintext under the web document root, which allows remote attackers to obtain the passwords via an HTTP request to a .user file.... Read more

    Affected Products : cutecast_forum
    • EPSS Score: %3.06
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-2235

    member2.php in vBulletin 2.2.9 and earlier does not properly restrict the $perpage variable to be an integer, which causes an error message to be reflected back to the user without quoting, which facilitates cross-site scripting (XSS) and possibly other a... Read more

    Affected Products : vbulletin
    • EPSS Score: %0.55
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-1983

    The timer implementation in QNX RTOS 6.1.0 allows local users to cause a denial of service (hang) and possibly execute arbitrary code by creating multiple timers with a 1-ms tick.... Read more

    Affected Products : rtos
    • EPSS Score: %0.25
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1951

    Buffer overflow in GoAhead WebServer 2.1 allows remote attackers to execute arbitrary code via a long HTTP GET request with a large number of subdirectories.... Read more

    Affected Products : goahead_webserver
    • EPSS Score: %10.93
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-2106

    PHP remote file inclusion vulnerability in WikkiTikkiTavi before 0.21 allows remote attackers to execute arbitrary PHP code via the TemplateDir variable, as demonstrated using conflict.php.... Read more

    Affected Products : wikkitikkitavi
    • EPSS Score: %3.12
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-2094

    Joe Testa hellbent 01 allows remote attackers to determine the full path of the web root directory via a GET request with a relative path that includes the root's parent, which generates a 403 error message if the parent is incorrect, but a normal respons... Read more

    Affected Products : hellbent
    • EPSS Score: %0.52
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2002-2089

    Buffer overflow in rcp in Solaris 9.0 allows local users to execute arbitrary code via a long command line argument.... Read more

    Affected Products : solaris
    • EPSS Score: %0.10
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2002-2087

    Buffer overflow in Borland InterBase 6.0 allows local users to execute arbitrary code via a long INTERBASE environment variable when calling (1) gds_drop, (2) gds_lock_mgr, or (3) gds_inet_server.... Read more

    Affected Products : interbase
    • EPSS Score: %0.91
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025
Showing 20 of 291647 Results