Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2004-0521

    SQL injection vulnerability in SquirrelMail before 1.4.3 RC1 allows remote attackers to execute unauthorized SQL statements, with unknown impact, probably via abook_database.php.... Read more

    Affected Products : enterprise_linux squirrelmail propack
    • Published: Aug. 18, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0419

    XDM in XFree86 opens a chooserFd TCP socket even when DisplayManager.requestPort is 0, which could allow remote attackers to connect to the port, in violation of the intended restrictions.... Read more

    Affected Products : linux x11r6 xdm
    • Published: Aug. 18, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0767

    NGSEC StackDefender 1.10 allows attackers to cause a denial of service (system crash) via an invalid address for the ObjectAttribues parameter to the hooks for the (1) ZwCreateFile or (2) ZwOpenFile functions.... Read more

    Affected Products : stackdefender
    • Published: Aug. 18, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0476

    Buffer overflow in 3Com OfficeConnect Remote 812 ADSL Router 1.1.9.4 allows remote attackers to cause a denial of service (reboot or packet loss) via a long string containing Telnet escape characters to the Telnet port.... Read more

    Affected Products : 3cp4144
    • Published: Aug. 18, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0421

    The Portable Network Graphics library (libpng) 1.0.15 and earlier allows attackers to cause a denial of service (crash) via a malformed PNG image file that triggers an error that causes an out-of-bounds read when creating the error message.... Read more

    • Published: Aug. 18, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0765

    The cert_TestHostName function in Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, only checks the hostname portion of a certificate when the hostname portion of the URI is not a fully qualified domain name (FQDN), which allows remote a... Read more

    Affected Products : firefox thunderbird mozilla
    • Published: Aug. 18, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0518

    Unknown vulnerability in AppleFileServer for Mac OS X 10.3.4, related to "the use of SSH and reporting errors," has unknown impact and attack vectors.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • Published: Aug. 18, 2004
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2004-0517

    Unknown vulnerability in Mac OS X 10.3.4, related to "handling of process IDs during package installation," a different vulnerability than CVE-2004-0516.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • Published: Aug. 18, 2004
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2004-0516

    Unknown vulnerability in Mac OS X 10.3.4, related to "package installation scripts," a different vulnerability than CVE-2004-0517.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • Published: Aug. 18, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-0234

    Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used in products such as Barracuda Spam Firewall, allow remote attackers or local users to execute arbitrary code via long directory or file names in an LHA arch... Read more

    • Published: Aug. 18, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0763

    Mozilla Firefox 0.9.1 and 0.9.2 allows remote web sites to spoof certificates of trusted web sites via redirects and Javascript that uses the "onunload" method.... Read more

    Affected Products : firefox
    • Published: Aug. 18, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0762

    Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to install arbitrary extensions by using interactive events to manipulate the XPInstall Security dialog box.... Read more

    Affected Products : firefox thunderbird mozilla
    • Published: Aug. 18, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-0631

    Buffer overflow in the uudecoding feature for Adobe Acrobat Reader 5.0.5 and 5.0.6 for Unix and Linux, and possibly other versions including those before 5.0.9, allows remote attackers to execute arbitrary code via a long filename for the PDF file that is... Read more

    Affected Products : acrobat_reader
    • Published: Aug. 18, 2004
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2004-0175

    Directory traversal vulnerability in scp for OpenSSH before 3.4p1 allows remote malicious servers to overwrite arbitrary files. NOTE: this may be a rediscovery of CVE-2000-0992.... Read more

    Affected Products : openssh
    • Published: Aug. 18, 2004
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2004-0229

    The framebuffer driver in Linux kernel 2.6.x does not properly use the fb_copy_cmap function, with unknown impact.... Read more

    Affected Products : linux_kernel linux
    • Published: Aug. 18, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-1044

    editproducts.cgi in Bugzilla 2.16.3 and earlier, when usebuggroups is enabled, does not properly remove group add privileges from a group that is being deleted, which allows users with those privileges to perform unauthorized additions to the next group t... Read more

    Affected Products : bugzilla
    • Published: Aug. 18, 2004
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2004-0228

    Integer signedness error in the cpufreq proc handler (cpufreq_procctl) in Linux kernel 2.6 allows local users to gain privileges.... Read more

    Affected Products : linux_kernel
    • Published: Aug. 18, 2004
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2004-0134

    cpr (libcpr) in SGI IRIX before 6.5.25 allows local users to gain privileges by loading a user provided library while restarting the checkpointed process.... Read more

    Affected Products : irix
    • Published: Aug. 18, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-0226

    Multiple buffer overflows in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code.... Read more

    • Published: Aug. 18, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-1045

    votes.cgi in Bugzilla 2.16.3 and earlier, and 2.17.1 through 2.17.4, allows remote attackers to read a user's voting page when that user has voted on a restricted bug, which allows remote attackers to read potentially sensitive voting information by modif... Read more

    Affected Products : bugzilla
    • Published: Aug. 18, 2004
    • Modified: Apr. 03, 2025
Showing 20 of 294202 Results