Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2002-2333

    Buffer overflow in konqueror in KDE 2.1 through 3.0 and 3.0.2 allows remote attackers to cause a denial of service (crash) via an IMG tag with large width and height attributes.... Read more

    Affected Products : kde
    • EPSS Score: %1.37
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-2335

    Killer Protection 1.0 stores the vars.inc include file under the web root with insufficient access control, which allows remote attackers to obtain user names and passwords and log in using protection.php.... Read more

    Affected Products : killer_protection
    • EPSS Score: %4.79
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-2344

    Ensim WEBppliance 3.0 and 3.1 allows remote attackers to read mail intended for other users by defining an alias that is the target's email address.... Read more

    Affected Products : webppliance
    • EPSS Score: %0.26
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1917

    CRLF injection vulnerability in the "User Profile: Send Email" feature in Geeklog 1.35 and 1.3.5sr1 allows remote attackers to obtain e-mail addresses by injecting a CRLF into the Subject field and adding a BCC mail header.... Read more

    Affected Products : geeklog
    • EPSS Score: %0.39
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.8

    MEDIUM
    CVE-2002-2352

    The NBActiveX.ocx ActiveX control in NeoBook 4 allows remote attackers to install and execute arbitrary programs.... Read more

    Affected Products : neobook
    • EPSS Score: %0.39
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-2375

    Directory traversal vulnerability in CommuniGate Pro 4.0b4 and possibly earlier versions allows remote attackers to list the contents of the WebUser directory and its parent directory via a (1) .. (dot dot) or (2) . (dot) in a URL. NOTE: it is not clear ... Read more

    Affected Products : communigate_pro
    • EPSS Score: %0.07
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 3.6

    LOW
    CVE-2002-2384

    hotfoon4.exe in Hotfoon 4.00 stores user names and passwords in cleartext in the hotfoon2 registry key, which allows local users to gain access to user accounts and steal phone service.... Read more

    Affected Products : hotfoon
    • EPSS Score: %0.14
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-2390

    Buffer overflow in the IDENT daemon (identd) in Trillian 0.6351, 0.725, 0.73, 0.74 and 1.0 pro allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long request.... Read more

    Affected Products : trillian trillian_pro
    • EPSS Score: %11.22
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-2403

    Directory traversal vulnerability in KeyFocus web server 1.0.8 allows remote attackers to read arbitrary files for recognized MIME type files via "...", "....", ".....", and other multiple dot sequences.... Read more

    Affected Products : kf_web_server
    • EPSS Score: %5.99
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-2404

    Buffer overflow in IISPop email server 1.161 and 1.181 allows remote attackers to cause a denial of service (crash) via a long request to the POP3 port (TCP port 110).... Read more

    Affected Products : iispop
    • EPSS Score: %2.88
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-2416

    Directory traversal vulnerability in Zeroo web server 1.5 allows remote attackers to read arbitrary files via a .. (dot dot) in a URL GET request.... Read more

    Affected Products : http_server
    • EPSS Score: %4.79
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-2417

    acFTP 1.4 does not properly handle when an invalid password is provided by the user during authentication, which allows remote attackers to hide or misrepresent certain activity from log files and possibly gain privileges.... Read more

    Affected Products : acftp
    • EPSS Score: %4.38
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2002-2348

    Cross-site scripting (XSS) vulnerability in athcgi.exe in Authoria HR allows remote attackers to inject arbitrary web script or HTML via the command parameter.... Read more

    Affected Products : authoria
    • EPSS Score: %0.50
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1811

    Belkin F5D6130 Wireless Network Access Point running firmware AP14G8 allows remote attackers to cause a denial of service (connection loss) by sending several SNMP GetNextRequest requests.... Read more

    Affected Products : f5d6130_wnap
    • EPSS Score: %4.72
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-2144

    Directory traversal vulnerability in BearShare 4.0.5 and 4.0.6 allows remote attackers to read files outside of the web root by hex-encoding the "/" (forward slash) or "." (dot) characters.... Read more

    Affected Products : bearshare
    • EPSS Score: %0.21
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1744

    Directory traversal vulnerability in CodeBrws.asp in Microsoft IIS 5.0 allows remote attackers to view source code and determine the existence of arbitrary files via a hex-encoded "%c0%ae%c0%ae" string, which is the Unicode representation for ".." (dot do... Read more

    Affected Products : internet_information_services iis
    • EPSS Score: %66.21
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-1737

    Astaro Security Linux 2.016 creates world-writable files and directories, which allows local users to overwrite arbitrary files.... Read more

    Affected Products : security_linux
    • EPSS Score: %0.08
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-1734

    NewsPro 1.01 allows remote attackers to gain unauthorized administrator access by setting their authentication cookie to "logged,true".... Read more

    Affected Products : newspro
    • EPSS Score: %1.57
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-2042

    ptrace in the QNX realtime operating system (RTOS) 4.25 and 6.1.0 allows programs to attach to privileged processes, which could allow local users to execute arbitrary code by modifying running processes.... Read more

    Affected Products : rtos
    • EPSS Score: %0.42
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1945

    Buffer overflow in SmartMail Server 1.0 Beta 10 allows remote attackers to cause a denial of service (crash) via a long request to (1) TCP port 25 (SMTP) or (2) TCP port 110 (POP3).... Read more

    Affected Products : smartmail_server
    • EPSS Score: %7.59
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025
Showing 20 of 291737 Results