Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2003-1298

    Multiple directory traversal vulnerabilities in siteman.php3 in AnyPortal(php) 12 MAY 00 allow remote attackers to (1) create, (2) delete, (3) save, and (4) upload files by navigating to the root directory and entering a filename beginning with "./.." (do... Read more

    Affected Products : anyportal_php
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 6.8

    MEDIUM
    CVE-2003-1520

    SQL injection vulnerability in FuzzyMonkey My Classifieds 2.11 allows remote attackers to execute arbitrary SQL commands via the email parameter.... Read more

    Affected Products : myclassifieds
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-1355

    Buffer overflow in the remote console (rcon) in Battlefield 1942 1.2 and 1.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long user name and password.... Read more

    Affected Products : battlefield_1942
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 6.3

    MEDIUM
    CVE-2003-1524

    PGPi PGPDisk 6.0.2i does not unmount a PGP partition when the switch user function in Windows XP is used, which could allow local users to access data on another user's PGP partition.... Read more

    Affected Products : pgpdisk
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2003-1527

    BlackICE Defender 2.9.cap and Server Protection 3.5.cdf, when configured to automatically block attacks, allows remote attackers to block IP addresses and cause a denial of service via spoofed packets.... Read more

    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-1076

    Unknown vulnerability in sendmail for Solaris 7, 8, and 9 allows local users to cause a denial of service (unknown impact) and possibly gain privileges via certain constructs in a .forward file.... Read more

    Affected Products : solaris sunos
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2003-1534

    Cross-site scripting (XSS) vulnerability in jgb.php3 in Justice Guestbook 1.3 allows remote attackers to inject arbitrary web script or HTML via the (1) name, (2) homepage, (3) aim, (4) yim, (5) location, and (6) comment variables.... Read more

    Affected Products : guestbook
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 1.7

    LOW
    CVE-2003-0986

    Various routines for the ppc64 architecture on Linux kernel 2.6 prior to 2.6.2 and 2.4 prior to 2.4.24 do not use the copy_from_user function when copying data from userspace to kernelspace, which crosses security boundaries and allows local users to caus... Read more

    Affected Products : linux_kernel enterprise_linux
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2003-1531

    Cross-site scripting (XSS) vulnerability in testcgi.exe in Lilikoi Software Ceilidh 2.70 and earlier allows remote attackers to inject arbitrary web script or HTML via the query string.... Read more

    Affected Products : ceilidh
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-1300

    Baby FTP Server (BabyFTP) 1.2, and possibly other versions before May 31, 2003, allows remote attackers to cause a denial of service via a large number of connections from the same IP address, which triggers an access violation.... Read more

    Affected Products : baby_ftp_server
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2003-1502

    mod_throttle 3.0 allows local users with Apache privileges to access shared memory that points to a file that is writable by the apache user, which could allow local users to gain privileges.... Read more

    Affected Products : mod_throttle
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-1291

    VMware ESX Server 1.5.2 before Patch 4 allows local users to execute arbitrary programs as root via certain modified VMware ESX Server environment variables.... Read more

    Affected Products : esx
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-1541

    PlanetMoon Guestbook tr3.a stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain the admin script password, and other passwords, via a direct request to files/passwd.txt.... Read more

    Affected Products : guestbook
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2003-1506

    Cross-site scripting (XSS) vulnerability in dansguardian.pl in Adelix CensorNet 3.0 through 3.2 allows remote attackers to execute arbitrary script as other users by injecting arbitrary HTML or script into the DENIEDURL parameter.... Read more

    Affected Products : dansguardian
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2003-1554

    Cross-site scripting (XSS) vulnerability in scozbook/add.php in ScozNet ScozBook 1.1 BETA allows remote attackers to inject arbitrary web script or HTML via the (1) username, (2) useremail, (3) aim, (4) msn, (5) sitename and (6) siteaddy variables.... Read more

    Affected Products : scozbook
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2003-1293

    Multiple cross-site scripting (XSS) vulnerabilities in NukedWeb GuestBookHost allow remote attackers to inject arbitrary web script or HTML via the (1) Name, (2) Email and (3) Message fields when signing the guestbook.... Read more

    Affected Products : guestbookhost
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2003-1556

    Cross-site scripting (XSS) vulnerability in cc_guestbook.pl in CGI City CC GuestBook allows remote attackers to inject arbitrary web script or HTML via the (1) name and (2) homepage_title (webpage title) parameters.... Read more

    Affected Products : cc_guestbook
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 9.3

    HIGH
    CVE-2003-1398

    Cisco IOS 12.0 through 12.2, when IP routing is disabled, accepts false ICMP redirect messages, which allows remote attackers to cause a denial of service (network routing modification).... Read more

    Affected Products : ios
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-1359

    Buffer overflow in stmkfont utility of HP-UX 10.0 through 11.22 allows local users to gain privileges via a long command line argument.... Read more

    Affected Products : hp-ux predictive_dialer_system
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-1280

    Directory traversal vulnerability in cgihtml 1.69 allows remote attackers to overwrite and create arbitrary files via a .. (dot dot) in multipart/form-data uploads.... Read more

    Affected Products : cgihtml
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025
Showing 20 of 293425 Results