Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
  • 4.3

    MEDIUM
    CVE-2002-2086

    Multiple cross-site scripting (XSS) vulnerabilities in magicHTML of SquirrelMail before 1.2.6 allow remote attackers to inject arbitrary web script or HTML via (1) "<<script" in unspecified input fields or (2) a javascript: URL in the src attribute of an ... Read more

    Affected Products : squirrelmail
    • EPSS Score: %0.68
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025
  • 7.5

    HIGH
    CVE-2002-2078

    Heap-based buffer overflow in Floositek (1) FTGate Pro 1.05 and (2) FTGate Office 1.05 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long POP3 APOP USER command.... Read more

    Affected Products : ftgateoffice ftgatepro
    • EPSS Score: %2.28
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025
  • 5.0

    MEDIUM
    CVE-2002-2077

    The DCOM client in Windows 2000 before SP3 does not properly clear memory before sending an "alter context" request, which may allow remote attackers to obtain sensitive information by sniffing the session.... Read more

    Affected Products : windows_2000
    • EPSS Score: %20.51
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025
  • 2.1

    LOW
    CVE-2002-2039

    /bin/su in QNX realtime operating system (RTOS) 4.25 and 6.1.0 allows local users to obtain sensitive information from core dump files by sending the SIGSERV (invalid memory reference) signal.... Read more

    Affected Products : rtos
    • EPSS Score: %0.17
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025
  • 5.0

    MEDIUM
    CVE-2002-2004

    portmapper in Compaq Tru64 4.0G and 5.0A allows remote attackers to cause a denial of service via a flood of packets.... Read more

    Affected Products : tru64
    • EPSS Score: %0.66
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025
  • 7.5

    HIGH
    CVE-2002-2002

    Buffer overflow in libc in Compaq Tru64 4.0F, 5.0, 5.1 and 5.1A allows attackers to execute arbitrary code via long (1) LANG and (2) LOCPATH environment variables.... Read more

    Affected Products : tru64
    • EPSS Score: %1.50
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025
  • 5.0

    MEDIUM
    CVE-2002-1999

    HP Praesidium Webproxy 1.0 running on HP-UX 11.04 VVOS could allow remote attackers to cause Webproxy to forward requests to the internal network via crafted HTTP requests.... Read more

    Affected Products : praesidium_webproxy
    • EPSS Score: %0.46
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025
  • 5.0

    MEDIUM
    CVE-2002-1992

    Buffer overflow in jrun.dll in ColdFusion MX, when used with IIS 4 or 5, allows remote attackers to cause a denial of service in IIS via (1) a long template file name or (2) a long HTTP header.... Read more

    Affected Products : coldfusion coldfusion_professional
    • EPSS Score: %5.67
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025
  • 7.5

    HIGH
    CVE-2002-1979

    WatchGuard SOHO products running firmware 5.1.6 and earlier, and Vclass/RSSA using 3.2 SP1 and earlier, allows remote attackers to bypass firewall rules by sending a PASV command string as the argument of another command to an FTP server, which generates ... Read more

    Affected Products : legacy_rssa soho vclass
    • EPSS Score: %0.22
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025
  • 5.0

    MEDIUM
    CVE-2002-1966

    Directory traversal vulnerability in magiccard.cgi in My Postcards Platinum 5.0 and 6.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter.... Read more

    Affected Products : my_postcards_platinum
    • EPSS Score: %3.45
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025
  • 7.5

    HIGH
    CVE-2002-1952

    phpRank 1.8 does not properly check the return codes for MySQL operations when authenticating users, which could allow remote attackers to authenticate using a NULL password when database errors occur or if the database is unavailable.... Read more

    Affected Products : phprank
    • EPSS Score: %1.40
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025
  • 7.5

    HIGH
    CVE-2002-1936

    UTStarcom BAS 1000 3.1.10 creates several default or back door accounts and passwords, which allows remote attackers to gain access via (1) field account with a password of "*field", (2) guru account with a password of "*3noguru", (3) snmp account with a ... Read more

    Affected Products : bas_1000
    • EPSS Score: %1.40
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025
  • 4.3

    MEDIUM
    CVE-2002-1929

    Cross-site scripting (XSS) vulnerability in pafiledb.php in PHP Arena paFileDB 1.1.3 through 3.0 allows remote attackers to inject arbitrary web script or HTML via the query string in the (1) rate, (2) email, or (3) download actions.... Read more

    Affected Products : pafiledb
    • EPSS Score: %0.76
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025
  • 7.5

    HIGH
    CVE-2002-1891

    Buffer overflow in IRCIT 0.3.1 IRC client allows remote attackers to execute arbitrary code via a long invite request.... Read more

    Affected Products : ircit
    • EPSS Score: %25.70
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025
  • 5.0

    MEDIUM
    CVE-2002-1889

    Off-by-one buffer overflow in the context_action function in context.c of Logsurfer 1.41 through 1.5a allows remote attackers to cause a denial of service (crash) via a malformed log entry.... Read more

    Affected Products : logsurfer
    • EPSS Score: %1.96
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025
  • 4.3

    MEDIUM
    CVE-2002-1852

    Cross-site scripting (XSS) vulnerability in Monkey 0.5.0 allows remote attackers to inject arbitrary web script or HTML via (1) the URL or (2) a parameter to test2.pl.... Read more

    Affected Products : monkey
    • EPSS Score: %3.02
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025
  • 5.0

    MEDIUM
    CVE-2002-1880

    LokwaBB 1.2.2 allows remote attackers to read arbitrary messages by modifying the pmid parameter to pm.php.... Read more

    Affected Products : lokwabb
    • EPSS Score: %0.41
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025
  • 7.5

    HIGH
    CVE-2002-1877

    NETGEAR FM114P allows remote attackers to bypass access restrictions for web sites via a URL that uses the IP address instead of the hostname.... Read more

    Affected Products : fm114p
    • EPSS Score: %0.13
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025
  • 2.1

    LOW
    CVE-2002-1876

    Microsoft Exchange 2000 allows remote authenticated attackers to cause a denial of service via a large number of rapid requests, which consumes all of the licenses that are granted to Exchange by IIS.... Read more

    Affected Products : exchange_server
    • EPSS Score: %0.82
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025
  • 5.0

    MEDIUM
    CVE-2002-1866

    Simple Web Server (SWS) 0.0.4 through 0.1.0 does not close file descriptors for 404 error messages, which could allow remote attackers to cause a denial of service (file descriptor exhaustion) via multiple requests for pages that do not exist.... Read more

    Affected Products : sws_simple_web_server
    • EPSS Score: %0.72
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025
Showing 20 of 291562 Results