Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.3

    MEDIUM
    CVE-2003-1025

    Internet Explorer 5.01 through 6 SP1 allows remote attackers to spoof the domain of a URL via a "%01" character before an @ sign in the user@domain portion of the URL, which hides the rest of the URL, including the real site, in the address bar, aka the "... Read more

    Affected Products : internet_explorer
    • Published: Jan. 20, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0014

    Multiple buffer overflows in the nd WebDAV interface 0.8.2 and earlier allows remote web servers to execute arbitrary code via certain long strings.... Read more

    Affected Products : nd
    • Published: Jan. 20, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0035

    SQL injection vulnerability in register.php for Phorum 3.4.5 and earlier allows remote attackers to execute arbitrary SQL commands via the hide_email parameter.... Read more

    Affected Products : phorum
    • Published: Jan. 20, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0990

    The parseAddress code in (1) SquirrelMail 1.4.0 and (2) GPG Plugin 1.1 allows remote attackers to execute commands via shell metacharacters in the "To:" field.... Read more

    Affected Products : squirrelmail gpg_plugin
    • Published: Jan. 20, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0969

    mpg321 0.2.10 allows remote attackers to overwrite memory and possibly execute arbitrary code via an mp3 file that passes certain strings to the printf function, possibly triggering a format string vulnerability.... Read more

    Affected Products : mpg321
    • Published: Jan. 20, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-1022

    Directory traversal vulnerability in fsp before 2.81.b18 allows remote users to access files outside the FSP root directory.... Read more

    Affected Products : fsp
    • Published: Jan. 20, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0033

    admin.php in PHPGEDVIEW 2.61 allows remote attackers to obtain sensitive information via an action parameter with a phpinfo command.... Read more

    Affected Products : phpgedview
    • Published: Jan. 20, 2004
    • Modified: Apr. 03, 2025

  • 9.8

    CRITICAL
    CVE-2004-0030

    PHP remote file inclusion vulnerability in (1) functions.php, (2) authentication_index.php, and (3) config_gedcom.php for PHPGEDVIEW 2.61 allows remote attackers to execute arbitrary PHP code by modifying the PGV_BASE_DIRECTORY parameter to reference a UR... Read more

    Affected Products : phpgedview
    • Published: Jan. 20, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-1247

    webadmin.exe in Novell Nsure Audit 1.0.1 allows remote attackers to cause a denial of service via malformed ASN.1 packets in corrupt client certificates to an SSL server, as demonstrated using an exploit for the OpenSSL ASN.1 parsing vulnerability.... Read more

    Affected Products : nsure_audit
    • Published: Jan. 15, 2004
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2004-1764

    Buffer overflow in CDE libDtSvc on HP-UX B.11.00, B.11.04, B.11.11, and B.11.22 allows local users to gain root privileges via unknown vectors.... Read more

    Affected Products : hp-ux
    • Published: Jan. 14, 2004
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2004-1124

    Unknown vulnerability in chroot on SCO UnixWare 7.1.1 through 7.1.4 allows local users to escape the chroot jail and conduct unauthorized activities.... Read more

    Affected Products : unixware openserver
    • Published: Jan. 14, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-1000

    lintian 1.23 and earlier removes the working directory even if it was not created by lintian, which may allow local users to delete arbitrary files or directories via a symlink attack.... Read more

    Affected Products : lintian
    • Published: Jan. 10, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0963

    Buffer overflows in (1) try_netscape_proxy and (2) try_squid_eplf for lftp 2.6.9 and earlier allow remote HTTP servers to execute arbitrary code via long directory names that are processed by the ls or rels commands.... Read more

    Affected Products : lftp
    • Published: Jan. 05, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-1020

    The format_send_to_gui function in formats.c for irssi before 0.8.9 allows remote IRC users to cause a denial of service (crash).... Read more

    Affected Products : irssi mandrake_linux
    • Published: Jan. 05, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0995

    Buffer overflow in the Microsoft Message Queue Manager (MSQM) allows remote attackers to cause a denial of service (RPC service crash) via a queue registration request.... Read more

    Affected Products : windows_2000
    • Published: Jan. 05, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0983

    Cisco Unity on IBM servers is shipped with default settings that should have been disabled by the manufacturer, which allows local or remote attackers to conduct unauthorized activities via (1) a "bubba" local user account, (2) an open TCP port 34571, or ... Read more

    • Published: Jan. 05, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0982

    Buffer overflow in the authentication module for Cisco ACNS 4.x before 4.2.11, and 5.x before 5.0.5, allows remote attackers to execute arbitrary code via a long password.... Read more

    • Published: Jan. 05, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0978

    Format string vulnerability in gpgkeys_hkp (experimental HKP interface) for the GnuPG (gpg) client 1.2.3 and earlier, and 1.3.3 and earlier, allows remote attackers or a malicious keyserver to cause a denial of service (crash) and possibly execute arbitra... Read more

    Affected Products : privacy_guard
    • Published: Jan. 05, 2004
    • Modified: Apr. 03, 2025

  • 7.8

    HIGH
    CVE-2003-1003

    Cisco PIX firewall 5.x.x, and 6.3.1 and earlier, allows remote attackers to cause a denial of service (crash and reload) via an SNMPv3 message when snmp-server is set.... Read more

    • Published: Jan. 05, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0997

    Unknown "Denial of Service Attack" vulnerability in Computer Associates (CA) Unicenter Remote Control (URC) 6.0 allows attackers to cause a denial of service (CPU consumption in URC host service).... Read more

    Affected Products : unicenter_remote_control_host
    • Published: Jan. 05, 2004
    • Modified: Apr. 03, 2025
Showing 20 of 293629 Results