Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.6

    MEDIUM
    CVE-2003-0612

    Multiple buffer overflows in main.c for Crafty 19.3 allow local users to gain group "games" privileges via long command line arguments to crafty.bin.... Read more

    Affected Products : crafty
    • Published: Mar. 29, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0601

    Workgroup Manager in Apple Mac OS X Server 10.2 through 10.2.6 does not disable a password for a new account before it is saved for the first time, which allows remote attackers to gain unauthorized access via the new account before it is saved.... Read more

    Affected Products : mac_os_x_server
    • Published: Mar. 29, 2004
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2003-0607

    Buffer overflow in xconq 7.4.1 allows local users to become part of the "games" group via the (1) USER or (2) DISPLAY environment variables.... Read more

    Affected Products : xconq
    • Published: Mar. 29, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0194

    Stack-based buffer overflow in the OutputDebugString function for Adobe Acrobat Reader 5.1 allows remote attackers to execute arbitrary code via a PDF document with XML Forms Data Format (XFDF) data.... Read more

    Affected Products : acrobat_reader
    • Published: Mar. 29, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0797

    Unknown vulnerability in rpc.mountd in SGI IRIX 6.5 through 6.5.22 allows remote attackers to cause a denial of service (process death) via unknown attack vectors.... Read more

    Affected Products : irix
    • Published: Mar. 29, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0444

    Heap-based buffer overflow in GTKSee 0.5 and 0.5.1 allows remote attackers to execute arbitrary code via a PNG image of certain color depths.... Read more

    Affected Products : gtksee
    • Published: Mar. 29, 2004
    • Modified: Apr. 03, 2025

  • 4.8

    MEDIUM
    CVE-2004-1865

    Cross-site scripting (XSS) vulnerability in the administration panel in bBlog 0.7.2 allows remote authenticated users with superuser privileges to inject arbitrary web script or HTML via a blog name ($blogname). NOTE: if administrators are normally allow... Read more

    Affected Products : bblog
    • Published: Mar. 26, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-1866

    nstxd in Nstx 1.1 beta3 and earlier allows remote attackers to cause a denial of service (crash) via a large packet, which triggers a null dereference.... Read more

    Affected Products : ip_over_dns_utility
    • Published: Mar. 26, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-1864

    SQL injection vulnerability in Extreme Messageboard (XMB) 1.9 beta allows remote attackers to execute arbitrary SQL commands via the restrict parameter to (1) member.php, (2) misc.php, or (3) today.php.... Read more

    Affected Products : xmb
    • Published: Mar. 26, 2004
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2004-1862

    Multiple cross-site scripting (XSS) vulnerabilities in Extreme Messageboard (XMB) 1.8 SP3 and 1.9 beta allow remote attackers to inject arbitrary web script or HTML via the (1) xmbuser parameter to xmb.php, (2) folder parameter to u2u.php, (3) viewmost, r... Read more

    Affected Products : xmb
    • Published: Mar. 26, 2004
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2004-1861

    Invision NetSupport School Pro uses a weak encryption algorithm to encrypt passwords, which allows local users to obtain passwords.... Read more

    Affected Products : netsupport_school
    • Published: Mar. 25, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-1868

    Stack-based buffer overflow in WinSig.exe in eSignal 7.5 and 7.6 allows remote attackers to execute arbitrary code via a long STREAMQUOTE tag.... Read more

    Affected Products : esignal
    • Published: Mar. 25, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-1854

    Buffer overflow in the logging function in Picophone 1.63 and earlier allows remote attackers to execute arbitrary code via a large packet.... Read more

    Affected Products : internet_telephone
    • Published: Mar. 24, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-1851

    Dameware Mini Remote Control 4.1.0.0 uses insufficiently random data to create the encryption key, which makes it easier for remote attackers to obtain sensitive information via brute force guessing.... Read more

    Affected Products : mini_remote_control_server
    • Published: Mar. 24, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-1859

    Directory traversal vulnerability in Trend Micro Interscan Web Viruswall in InterScan VirusWall 3.5x allows remote attackers to read arbitrary files via a .. (dot dot) in the URL.... Read more

    • Published: Mar. 24, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-1857

    Directory traversal vulnerability in setinfo.hts in HP Web Jetadmin 7.5.2546 allows remote authenticated attackers to read arbitrary files via a .. (dot dot) in the setinclude parameter.... Read more

    Affected Products : web_jetadmin
    • Published: Mar. 24, 2004
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2004-1849

    Multiple cross-site scripting (XSS) vulnerabilities in cPanel 9.1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) email parameter to dodelautores.html or (2) handle parameter to addhandle.html.... Read more

    Affected Products : cpanel
    • Published: Mar. 24, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-1856

    devices_update_printer_fw_upload.hts in HP Web JetAdmin 7.5.2546, when no password is set, allows remote attackers to upload arbitrary files to the printer directory.... Read more

    Affected Products : web_jetadmin
    • Published: Mar. 24, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-2037

    Buffer overflow in Mollensoft Lightweight FTP Server 3.6 allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a long CWD command, as demonstrated in one example by using the "cd" command in an inte... Read more

    Affected Products : lightweight_ftp_server
    • Published: Mar. 24, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-1884

    Ipswitch WS_FTP Server 4.0.2 has a backdoor XXSESS_MGRYY username with a default password, which allows remote attackers to gain access.... Read more

    Affected Products : ws_ftp_pro ws_ftp_server ws_ftp_server
    • Published: Mar. 23, 2004
    • Modified: Apr. 03, 2025
Showing 20 of 294125 Results