Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2003-1081

    Aspppls for Solaris 8 allows local users to overwrite arbitrary files via a symlink attack on the .asppp.fifo temporary file.... Read more

    Affected Products : solaris sunos
    • Published: Sep. 09, 2003
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2003-0644

    Kdbg 1.1.0 through 1.2.8 does not check permissions of the .kdbgrc file, which allows local users to execute arbitrary commands.... Read more

    Affected Products : enterprise_linux kdbg
    • Published: Sep. 07, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0460

    The rotatelogs program on Apache before 1.3.28, for Windows and OS/2 systems, does not properly ignore certain control characters that are received over the pipe, which could allow remote attackers to cause a denial of service.... Read more

    Affected Products : http_server
    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0459

    KDE Konqueror for KDE 3.1.2 and earlier does not remove authentication credentials from URLs of the "user:password@host" form in the HTTP-Referer header, which could allow remote web sites to steal the credentials for pages that link to the sites.... Read more

    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0511

    The web server for Cisco Aironet AP1x00 Series Wireless devices running certain versions of IOS 12.2 allow remote attackers to cause a denial of service (reload) via a malformed URL.... Read more

    Affected Products : ios
    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-0148

    The default installation of MSDE via McAfee ePolicy Orchestrator 2.0 through 3.0 allows attackers to execute arbitrary code via a series of steps that (1) obtain the database administrator username and encrypted password in a configuration file from the e... Read more

    Affected Products : epolicy_orchestrator
    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0468

    Postfix 1.1.11 and earlier allows remote attackers to use Postfix to conduct "bounce scans" or DDos attacks of other hosts via an email address to the local host containing the target IP address and service name followed by a "!" string, which causes Post... Read more

    Affected Products : linux postfix
    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0149

    Heap-based buffer overflow in ePO agent for McAfee ePolicy Orchestrator 2.0, 2.5, and 2.5.1 allows remote attackers to execute arbitrary code via a POST request containing long parameters.... Read more

    Affected Products : epolicy_orchestrator
    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0187

    The connection tracking core of Netfilter for Linux 2.4.20, with CONFIG_IP_NF_CONNTRACK enabled or the ip_conntrack module loaded, allows remote attackers to cause a denial of service (resource consumption) due to an inconsistency with Linux 2.4.20's supp... Read more

    Affected Products : linux_kernel
    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1566

    netris 0.5, and possibly other versions before 0.52, when running with the -w (wait) option, allows remote attackers to cause a denial of service (crash) via a long string to port 9284.... Read more

    Affected Products : netris
    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0699

    The C-Media PCI sound driver in Linux before 2.4.21 does not use the get_user function to access userspace, which crosses security boundaries and may facilitate the exploitation of vulnerabilities, a different vulnerability than CVE-2003-0700.... Read more

    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2003-0620

    Multiple buffer overflows in man-db 2.4.1 and earlier, when installed setuid, allow local users to gain privileges via (1) MANDATORY_MANPATH, MANPATH_MAP, and MANDB_MAP arguments to add_to_dirlist in manp.c, (2) a long pathname to ult_src in ult_src.c, (3... Read more

    Affected Products : man
    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0346

    Multiple integer overflows in a Microsoft Windows DirectX MIDI library (QUARTZ.DLL) allow remote attackers to execute arbitrary code via a MIDI (.mid) file with (1) large length for a Text or Copyright string, or (2) a large number of tracks, which leads ... Read more

    Affected Products : directx
    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-0232

    Microsoft SQL Server 7, 2000, and MSDE allows local users to execute arbitrary code via a certain request to the Local Procedure Calls (LPC) port that leads to a buffer overflow.... Read more

    Affected Products : sql_server data_engine
    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0604

    Windows Media Player (WMP) 7 and 8, as running on Internet Explorer and possibly other Microsoft products that process HTML, allows remote attackers to bypass zone restrictions and access or execute arbitrary files via an IFRAME tag pointing to an ASF fil... Read more

    Affected Products : windows_media_player
    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0635

    Unknown vulnerability or vulnerabilities in Novell iChain 2.2 before Support Pack 1, with unknown impact, possibly related to unauthorized access to (1) NCPIP.NLM and (2) JSTCP.NLM.... Read more

    Affected Products : ichain
    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0653

    The OSI networking kernel (sys/netiso) in NetBSD 1.6.1 and earlier does not use a BSD-required "PKTHDR" mbuf when sending certain error responses to the sender of an OSI packet, which allows remote attackers to cause a denial of service (kernel panic or c... Read more

    Affected Products : netbsd
    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0637

    Novell iChain 2.2 before Support Pack 1 uses a shorter timeout for a non-existent user than a valid user, which makes it easier for remote attackers to guess usernames and conduct brute force password guessing.... Read more

    Affected Products : ichain
    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0654

    Buffer overflow in autorespond may allow remote attackers to execute arbitrary code as the autorespond user via qmail.... Read more

    Affected Products : autorespond
    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2003-0613

    Buffer overflow in zblast-svgalib of zblast 1.2.1 and earlier allows local users to execute arbitrary code via the high score file.... Read more

    Affected Products : zblast
    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025
Showing 20 of 293246 Results