Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2003-0977

    CVS server before 1.11.10 may allow attackers to cause the CVS server to create directories and files in the file system root directory via malformed module requests.... Read more

    Affected Products : slackware_linux cvs
    • Published: Jan. 05, 2004
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-0999

    Unknown multiple vulnerabilities in (1) lpstat and (2) the libprint library in Solaris 2.6 through 9 may allow attackers to execute arbitrary code or read or write arbitrary files.... Read more

    Affected Products : solaris sunos
    • Published: Jan. 05, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0995

    Buffer overflow in the Microsoft Message Queue Manager (MSQM) allows remote attackers to cause a denial of service (RPC service crash) via a queue registration request.... Read more

    Affected Products : windows_2000
    • Published: Jan. 05, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0983

    Cisco Unity on IBM servers is shipped with default settings that should have been disabled by the manufacturer, which allows local or remote attackers to conduct unauthorized activities via (1) a "bubba" local user account, (2) an open TCP port 34571, or ... Read more

    • Published: Jan. 05, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0982

    Buffer overflow in the authentication module for Cisco ACNS 4.x before 4.2.11, and 5.x before 5.0.5, allows remote attackers to execute arbitrary code via a long password.... Read more

    • Published: Jan. 05, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-1012

    The SMB dissector in Ethereal before 0.10.0 allows remote attackers to cause a denial of service via a malformed SMB packet that triggers a segmentation fault during processing of Selected packets.... Read more

    Affected Products : linux ethereal
    • Published: Jan. 05, 2004
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2003-0980

    Cross-site scripting (XSS) vulnerability in FreeScripts VisitorBook LE (visitorbook.pl) allows remote attackers to inject arbitrary HTML or web script via (1) the "do" parameter, (2) via the "user" parameter from a host with a malicious reverse DNS name, ... Read more

    Affected Products : visitorbook
    • Published: Jan. 05, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0979

    FreeScripts VisitorBook LE (visitorbook.pl) does not properly escape line breaks in input, which allows remote attackers to (1) use VisitorBook as an open mail relay, when $mailuser is 1, via extra headers in the email field, or (2) cause the guestbook da... Read more

    Affected Products : visitorbook
    • Published: Jan. 05, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-1017

    Macromedia Flash Player before 7,0,19,0 stores a Flash data file in a predictable location that is accessible to web browsers such as Internet Explorer and Opera, which allows remote attackers to read restricted files via vulnerabilities in web browsers w... Read more

    Affected Products : flash_player director
    • Published: Jan. 05, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-1001

    Buffer overflow in the Cisco Firewall Services Module (FWSM) in Cisco Catalyst 6500 and 7600 series devices allows remote attackers to cause a denial of service (crash and reload) via HTTP auth requests for (1) TACACS+ or (2) RADIUS authentication.... Read more

    • Published: Jan. 05, 2004
    • Modified: Apr. 03, 2025

  • 6.1

    MEDIUM
    CVE-2003-0981

    FreeScripts VisitorBook LE (visitorbook.pl) logs the reverse DNS name of a visiting host, which allows remote attackers to spoof the origin of their incoming requests and facilitate cross-site scripting (XSS) attacks.... Read more

    Affected Products : visitorbook_le
    • Published: Jan. 05, 2004
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2003-0998

    Unknown "potential system security vulnerability" in Computer Associates (CA) Unicenter Remote Control 5.0 through 5.2, and ControlIT 5.0 and 5.1, may allow attackers to gain privileges to the local system account.... Read more

    • Published: Jan. 05, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-1013

    The Q.931 dissector in Ethereal before 0.10.0, and Tethereal, allows remote attackers to cause a denial of service (crash) via a malformed Q.931, which triggers a null dereference.... Read more

    Affected Products : enterprise_linux ethereal
    • Published: Jan. 05, 2004
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2003-0984

    Real time clock (RTC) routines in Linux kernel 2.4.23 and earlier do not properly initialize their structures, which could leak kernel data to user space.... Read more

    Affected Products : linux_kernel
    • Published: Jan. 05, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-1786

    PortalApp places user credentials under the web root with insufficient access control, which allows remote attackers to gain access to sensitive information via a direct request to 8275.mdb.... Read more

    Affected Products : portalapp
    • Published: Jan. 04, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-1785

    SQL injection vulnerability in calendar.php for Invision Power Board 1.3 allows remote attackers to execute arbitrary SQL commands via the m parameter, which sets the $this->chosen_month variable.... Read more

    Affected Products : invision_board
    • Published: Jan. 03, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-1784

    Buffer overflow in the web server of Webcam Watchdog 3.63 allows remote attackers to execute arbitrary code via a long HTTP GET request.... Read more

    Affected Products : webcam_watchdog
    • Published: Jan. 03, 2004
    • Modified: Apr. 03, 2025

  • 6.8

    MEDIUM
    CVE-2003-1500

    PHP remote file inclusion vulnerability in _functions.php in cpCommerce 0.5f allows remote attackers to execute arbitrary code via the prefix parameter.... Read more

    Affected Products : cpcommerce
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-1005

    The PKI functionality in Mac OS X 10.2.8 and 10.3.2 allows remote attackers to cause a denial of service (service crash) via malformed ASN.1 sequences.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2003-1105

    Unknown vulnerability in Internet Explorer 5.01 SP3 through 6.0 SP1 allows remote attackers to cause a denial of service (browser or Outlook Express crash) via HTML with certain input tags that are not properly rendered.... Read more

    Affected Products : internet_explorer ie
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025
Showing 20 of 293608 Results