Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.3

    MEDIUM
    CVE-2002-2318

    Cross-site scripting (XSS) vulnerability in Falcon web server 2.0.0.1009 through 2.0.0.1021 allows remote attackers to inject arbitrary web script or HTML via the URI, which is inserted into 301 error messages and executed by 404 error messages.... Read more

    Affected Products : falcon_web_server
    • EPSS Score: %0.50
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1726

    secure_inc.php in PhotoDB 1.4 allows remote attackers to bypass authentication via a URL with a large Time parameter, non-empty rmtusername and rmtpassword parameter, and an accesslevel parameter that is lower than the access level of the requested page.... Read more

    Affected Products : photodb
    • EPSS Score: %0.64
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2002-2350

    Cross-site scripting (XSS) vulnerability in z_user_show.php in dbtreelistproperty_method.php in Zorum 2.4 allows remote attackers to inject arbitrary web script or HTML via the class parameter.... Read more

    Affected Products : zorum
    • EPSS Score: %0.22
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-2369

    Perception LiteServe 2.0 allows remote attackers to read password protected files via a leading "/./" in a URL.... Read more

    Affected Products : liteserve
    • EPSS Score: %0.46
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1695

    Norton Internet Security 2001 opens log files with FILE_SHARE_READ and FILE_SHARE_WRITE permissions, which could allow remote attackers to modify the log file contents while Norton Internet Security is running.... Read more

    • EPSS Score: %2.04
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-1676

    BindView NetInventory 1.0, when used with NetRC 1.0, allows local users to read sensitive information (passwords) by deleting the HOSTCFG._NI file and forcing an audit, which rewrites the HOSTCFG._NI to HOSTCFG.INI and stores the passwords in cleartext un... Read more

    Affected Products : netrc netinventory
    • EPSS Score: %0.07
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2002-1679

    Cross-site scripting (XSS) vulnerability in Jelsoft vBulletin 2.2.0 allows remote attackers to execute arbitrary script as other users by injecting script into a bulletin board message.... Read more

    Affected Products : vbulletin
    • EPSS Score: %0.39
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-1669

    pkg_add in FreeBSD 4.2 through 4.4 creates a temporary directory with world-searchable permissions, which may allow local users to modify world-writable parts of the package during installation.... Read more

    Affected Products : freebsd
    • EPSS Score: %0.05
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1648

    Cross-site request forgery (CSRF) vulnerability in compose.php in SquirrelMail before 1.2.3 allows remote attackers to send email as other users via an IMG URL with modified send_to and subject parameters.... Read more

    Affected Products : squirrelmail
    • EPSS Score: %1.27
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2002-1658

    Buffer overflow in htdigest in Apache 1.3.26 and 1.3.27 may allow attackers to execute arbitrary code via a long user argument. NOTE: since htdigest is normally only locally accessible and not setuid or setgid, there are few attack vectors which would le... Read more

    Affected Products : http_server
    • EPSS Score: %0.18
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.1

    HIGH
    CVE-2002-2355

    Netgear FM114P firmware 1.3 wireless firewall, when configured to backup configuration information, stores DDNS (DynDNS) user name and password, MAC address filtering table and possibly other information in cleartext, which could allow local users to obta... Read more

    Affected Products : fm114p
    • EPSS Score: %0.38
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1660

    calendar.php in vBulletin before 2.2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the command parameter.... Read more

    Affected Products : vbulletin
    • EPSS Score: %11.74
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1622

    Buffer overflow in certain RPC routines in IBM AIX 4.3 may allow attackers to execute arbitrary code, related to a "variable data type."... Read more

    Affected Products : aix
    • EPSS Score: %1.75
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-2111

    Fwmon before 1.0.10 allows remote attackers to cause a denial of service (crash) by causing the kernel to return a large packet.... Read more

    Affected Products : fwmon
    • EPSS Score: %0.74
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-2114

    Artekopia Netjuke before 1.0 b7 allows remote attackers to execute arbitrary code on the web server, possibly via the section parameter, which is passed to an eval call.... Read more

    Affected Products : netjuke
    • EPSS Score: %1.73
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-2133

    Telindus 1100 ASDL router running firmware 6.0.x uses weak encryption for UDP session traffic, which allows remote attackers to gain unauthorized access by sniffing and decrypting the administrative password.... Read more

    Affected Products : 1120_adsl_router
    • EPSS Score: %0.76
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-2034

    The Email Sanitizer before 1.133 for Procmail allows remote attackers to bypass the mail filter and execute arbitrary code via crafted recursive multipart MIME attachments.... Read more

    Affected Products : procmail_email_sanitizer
    • EPSS Score: %0.72
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-2058

    TeeKai Tracking Online 1.0 uses weak encryption of web usage statistics in data/userlog/log.txt, which allows remote attackers to identify IP's visiting the site by dividing each octet by the MD5 hash of '20'.... Read more

    Affected Products : tracking_online
    • EPSS Score: %0.25
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-2063

    AtGuard 3.2 allows remote attackers to bypass firwall filters and execute prohibited programs by changing the filenames to permitted filenames.... Read more

    Affected Products : atguard_personal_firewall
    • EPSS Score: %0.23
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2002-2278

    Cross-site scripting (XSS) vulnerability in mod_search/index.php in PortailPHP 0.99 allows remote attackers to inject arbitrary web script or HTML via the (1) $App_Theme, (2) $Rub_Search, (3) $Rub_News, (4) $Rub_File, (5) $Rub_Liens, or (6) $Rub_Faq varia... Read more

    Affected Products : portail_web_php
    • EPSS Score: %0.22
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025
Showing 20 of 292212 Results