Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2002-1721

    Off-by-one error in alterMIME 0.1.10 and 0.1.11 allows remote attackers to cause a denial of service (crash) via an x-header that causes snprintf overwrite the FFGET_FILE variable with a (null) byte.... Read more

    Affected Products : altermime
    • EPSS Score: %1.41
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 9.8

    CRITICAL
    CVE-2002-1816

    Off-by-one buffer overflow in the sock_gets function in sockhelp.c for ATPhttpd 0.4b and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request.... Read more

    Affected Products : atphttpd
    • EPSS Score: %11.48
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.5

    MEDIUM
    CVE-2002-1696

    Microsoft Outlook plug-in PGP version 7.0, 7.0.3, and 7.0.4 silently saves a decrypted copy of a message to hard disk when "Automatically decrypt/verify when opening messages" option is checked, "Always use Secure Viewer when decrypting" option is not che... Read more

    Affected Products : outlook personal_privacy
    • EPSS Score: %0.06
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1752

    csChatRBox.cgi in CGIScript.net csChat-R-Box allows remote attackers to execute arbitrary Perl code via the setup parameter, which is processed by the Perl eval function.... Read more

    Affected Products : cschat-r-box
    • EPSS Score: %1.44
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-2411

    Buffer overflow in badmin.c in BannerWheel 1.0 allows remote attackers to execute arbitrary code via a long rcmd command.... Read more

    Affected Products : bannerwheel
    • EPSS Score: %5.64
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 3.6

    LOW
    CVE-2002-2401

    NT Virtual DOS Machine (NTVDM.EXE) in Windows 2000, NT and XP does not verify user execution permissions for 16-bit executable files, which allows local users to bypass the loader and execute arbitrary programs.... Read more

    Affected Products : windows_2000 windows_xp windows_nt
    • EPSS Score: %0.51
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-2397

    Sygate personal firewall 5.0 could allow remote attackers to bypass firewall filters via spoofed (1) source IP address of 127.0.0.1 or (2) network address of 127.0.0.0.... Read more

    Affected Products : sygate_personal_firewall
    • EPSS Score: %0.55
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-2396

    Buffer overflow in Advanced TFTP (atftp) 0.5 and 0.6, if installed setuid or setgid, may allow local users to execute arbitrary code via a long argument to the -g option.... Read more

    Affected Products : advanced_tftp
    • EPSS Score: %0.06
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1997

    ZoneAlarm Pro 3.0 MailSafe allows remote attackers to bypass filtering and possibly execute arbitrary code via email attachments containing a trailing dot after the file extension.... Read more

    Affected Products : zonealarm
    • EPSS Score: %0.91
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-2357

    MailEnable 1.5 015 through 1.5 018 allows remote attackers to cause a denial of service (crash) via a long USER string, possibly due to a buffer overflow.... Read more

    Affected Products : mailenable
    • EPSS Score: %3.35
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-2342

    Bannermatic 1, 2, and 3 stores the (1) ban.log, (2) ban.bak, (3) ban.dat and (4) banmat.pwd data files under the web document root with insufficient access control, which allows attackers to obtain sensitive information via a direct request for the files.... Read more

    Affected Products : bannermatic
    • EPSS Score: %0.29
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2002-1929

    Cross-site scripting (XSS) vulnerability in pafiledb.php in PHP Arena paFileDB 1.1.3 through 3.0 allows remote attackers to inject arbitrary web script or HTML via the query string in the (1) rate, (2) email, or (3) download actions.... Read more

    Affected Products : pafiledb
    • EPSS Score: %0.76
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2002-2336

    Norton Personal Firewall 2002 4.0, when configured to automatically block attacks, allows remote attackers to block IP addresses and cause a denial of service via spoofed packets.... Read more

    Affected Products : norton_personal_firewall
    • EPSS Score: %6.77
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-2332

    Buffer overflow in Opera 6.01 allows remote attackers to cause a denial of service (crash) via an IMG tag with large width and height attributes.... Read more

    Affected Products : opera_web_browser
    • EPSS Score: %1.37
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.8

    MEDIUM
    CVE-2002-2331

    W3Mail 1.0.2 through 1.0.5 with server side scripting (SSI) enabled in the attachments directory does not properly restrict the types of files that can be uploaded as attachments, which allows remote attackers to execute arbitrary code by sending code in ... Read more

    Affected Products : w3mail
    • EPSS Score: %1.56
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1936

    UTStarcom BAS 1000 3.1.10 creates several default or back door accounts and passwords, which allows remote attackers to gain access via (1) field account with a password of "*field", (2) guru account with a password of "*3noguru", (3) snmp account with a ... Read more

    Affected Products : bas_1000
    • EPSS Score: %1.40
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-2324

    The "System Restore" directory and subdirectories, and possibly other subdirectories in the "System Volume Information" directory on Windows XP Professional, have insecure access control list (ACL) permissions, which allows local users to access restricte... Read more

    Affected Products : windows_xp
    • EPSS Score: %0.55
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-2319

    Static code injection vulnerability in users.php in MySimpleNews allows remote attackers to inject arbitrary PHP code and HTML via the (1) LOGIN, (2) DATA, and (3) MESS parameters, which are inserted into news.php3.... Read more

    Affected Products : mysimplenews
    • EPSS Score: %3.82
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1952

    phpRank 1.8 does not properly check the return codes for MySQL operations when authenticating users, which could allow remote attackers to authenticate using a NULL password when database errors occur or if the database is unavailable.... Read more

    Affected Products : phprank
    • EPSS Score: %1.40
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1966

    Directory traversal vulnerability in magiccard.cgi in My Postcards Platinum 5.0 and 6.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter.... Read more

    Affected Products : my_postcards_platinum
    • EPSS Score: %3.45
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025
Showing 20 of 291641 Results