Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2003-0841

    The grid option in PeopleSoft 8.42 stores temporary .xls files in guessable directories under the web document root, which allows remote attackers to steal search results by directly accessing the files via a URL request.... Read more

    Affected Products : peopletools
    • Published: Nov. 17, 2003
    • Modified: Apr. 03, 2025

  • 9.0

    HIGH
    CVE-2003-0831

    ProFTPD 1.2.7 through 1.2.9rc2 does not properly translate newline characters when transferring files in ASCII mode, which allows remote attackers to execute arbitrary code via a buffer overflow using certain files.... Read more

    Affected Products : proftpd
    • Published: Nov. 17, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2001-1411

    Format string vulnerability in gm4 (aka m4) on Mac OS X may allow local users to gain privileges if gm4 is called by setuid programs.... Read more

    Affected Products : mac_os_x
    • Published: Nov. 17, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0838

    Internet Explorer allows remote attackers to bypass zone restrictions to inject and execute arbitrary programs by creating a popup window and inserting ActiveX object code with a "data" tag pointing to the malicious code, which Internet Explorer treats as... Read more

    Affected Products : internet_explorer ie
    • Published: Nov. 17, 2003
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2003-0848

    Heap-based buffer overflow in main.c of slocate 2.6, and possibly other versions, may allow local users to gain privileges via a modified slocate database that causes a negative "pathlen" value to be used.... Read more

    Affected Products : slocate
    • Published: Nov. 17, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0865

    Heap-based buffer overflow in readstring of httpget.c for mpg123 0.59r and 0.59s allows remote attackers to execute arbitrary code via a long request.... Read more

    Affected Products : mpg123
    • Published: Nov. 17, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0863

    The php_check_safe_mode_include_dir function in fopen_wrappers.c of PHP 4.3.x returns a success value (0) when the safe_mode_include_dir variable is not specified in configuration, which differs from the previous failure value and may allow remote attacke... Read more

    Affected Products : php
    • Published: Nov. 17, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1568

    OpenSSL 0.9.6e uses assertions when detecting buffer overflow attacks instead of less severe mechanisms, which allows remote attackers to cause a denial of service (crash) via certain messages that cause OpenSSL to abort from a failed assertion, as demons... Read more

    Affected Products : openssl
    • Published: Nov. 17, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0626

    psdoccgi.exe in PeopleSoft PeopleTools 8.4 through 8.43 allows remote attackers to read arbitrary files via the (1) headername or (2) footername arguments.... Read more

    Affected Products : peopletools
    • Published: Nov. 13, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-1141

    Buffer overflow in NIPrint 4.10 allows remote attackers to execute arbitrary code via a long string to TCP port 515.... Read more

    Affected Products : niprint_lpd-lpr_print_server
    • Published: Nov. 04, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2003-1144

    Buffer overflow in the log viewing interface in Perception LiteServe 1.25 through 2.2 allows remote attackers to execute arbitrary code via a GET request with a long file name.... Read more

    Affected Products : liteserve
    • Published: Nov. 04, 2003
    • Modified: Apr. 03, 2025

  • 7.8

    HIGH
    CVE-2003-0855

    Pan 0.13.3 and earlier allows remote attackers to cause a denial of service (crash) via a news post with a long author email address.... Read more

    Affected Products : linux pan
    • Published: Nov. 03, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2003-1192

    Stack-based buffer overflow in IA WebMail Server 3.1.0 allows remote attackers to execute arbitrary code via a long GET request.... Read more

    Affected Products : ia_webmail_server
    • Published: Nov. 03, 2003
    • Modified: Apr. 03, 2025

  • 6.8

    MEDIUM
    CVE-2003-1145

    Cross-site scripting (XSS) vulnerability in friendmail.php in OpenAutoClassifieds 1.0 allows remote attackers to inject arbitrary web script or HTML via the listing parameter.... Read more

    Affected Products : openautoclassifieds
    • Published: Nov. 03, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0871

    Unknown vulnerability in QuickTime Java in Mac OS X v10.3 and Mac OS X Server 10.3 allows attackers to gain "unauthorized access to a system."... Read more

    Affected Products : mac_os_x mac_os_x_server
    • Published: Nov. 03, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-0542

    Multiple stack-based buffer overflows in (1) mod_alias and (2) mod_rewrite for Apache before 1.3.29 allow attackers to create configuration files to cause a denial of service (crash) or execute arbitrary code via a regular expression with more than 9 capt... Read more

    Affected Products : http_server
    • Published: Nov. 03, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0683

    NFS in SGI 6.5.21m and 6.5.21f does not perform access checks in certain configurations when an /etc/exports entry uses wildcards without any hostnames or groups, which could allow attackers to bypass intended restrictions.... Read more

    Affected Products : irix
    • Published: Nov. 03, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0882

    Mac OS X before 10.3 initializes the TCP timestamp with a constant number, which allows remote attackers to determine the system's uptime via the ID field in a TCP packet.... Read more

    Affected Products : mac_os_x
    • Published: Nov. 03, 2003
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2003-1190

    Cross-site scripting (XSS) vulnerability in PHPRecipeBook 1.24 through 2.17 allows remote attackers to inject arbitrary web script or HTML via a recipe.... Read more

    Affected Products : phprecipebook
    • Published: Nov. 03, 2003
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2003-0880

    Unknown vulnerability in Mac OS X before 10.3 allows local users to access Dock functions from behind Screen Effects when Full Keyboard Access is enabled using the Keyboard pane in System Preferences.... Read more

    Affected Products : mac_os_x
    • Published: Nov. 03, 2003
    • Modified: Apr. 03, 2025
Showing 20 of 293289 Results