Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2004-1752

    Stack-based buffer overflow in Gaucho 1.4 Build 145 allows remote attackers to execute arbitrary code via a POP3 email with a long Content-Type header.... Read more

    Affected Products : gaucho
    • Published: Aug. 24, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-1740

    Music daemon (musicd) 0.0.3 and earlier allows remote attackers to read arbitrary files by calling LOAD with a full pathname, then calling SHOWLIST.... Read more

    Affected Products : music_daemon
    • Published: Aug. 23, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-1741

    Music daemon (musicd) 0.0.3 and earlier allows remote attackers to cause a denial of service (crash) by calling LOAD with a binary file as an argument, then calling SHOWLIST.... Read more

    Affected Products : music_daemon
    • Published: Aug. 23, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-1739

    Bird Chat 1.61 allows remote attackers to cause a denial of service (crash) via invalid users.... Read more

    Affected Products : internet_chat_server
    • Published: Aug. 23, 2004
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2004-1735

    Cross-site scripting (XSS) vulnerability in the create list option in Sympa 4.1.x and earlier allows remote authenticated users to inject arbitrary web script or HTML via the description field.... Read more

    Affected Products : sympa
    • Published: Aug. 21, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-1733

    Directory traversal vulnerability in MyDMS 1.4.2 and other versions allows remote registered users to read arbitrary files via .. (dot dot) sequences in the URL.... Read more

    Affected Products : mydms
    • Published: Aug. 20, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-1727

    BadBlue 2.5 allows remote attackers to cause a denial of service (refuse HTTP connections) via a large number of connections from the same IP address.... Read more

    Affected Products : badblue
    • Published: Aug. 20, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-1731

    signup_page.php in Mantis bugtracker allows remote attackers to send e-mail bombs by creating multiple users and providing the same e-mail address.... Read more

    Affected Products : mantis
    • Published: Aug. 20, 2004
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2004-1729

    Cross-site scripting (XSS) vulnerability in Nihuo Web Log Analyzer 1.6 allows remote attackers to inject arbitrary web script or HTML via the User-Agent HTTP header.... Read more

    Affected Products : web_log_analyzer
    • Published: Aug. 20, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-1728

    Buffer overflow in British National Corpus SARA (sarad) allows remote attackers to execute arbitrary code by calling the client with a long string.... Read more

    Affected Products : sara
    • Published: Aug. 20, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-1732

    SQL injection vulnerability in out.ViewFolder.php in MyDMS before 1.4.2 allows remote attackers to execute arbitrary SQL commands via the folderid parameter.... Read more

    Affected Products : mydms
    • Published: Aug. 20, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-1726

    Multiple integer overflows in (1) xviris.c, (2) xvpcx.c, and (3) xvpm.c in XV allow remote attackers to execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow.... Read more

    Affected Products : xv
    • Published: Aug. 20, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0765

    The cert_TestHostName function in Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, only checks the hostname portion of a certificate when the hostname portion of the URI is not a fully qualified domain name (FQDN), which allows remote a... Read more

    Affected Products : firefox thunderbird mozilla
    • Published: Aug. 18, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0502

    Outlook 2003, when replying to an e-mail message, stores certain files in a predictable location for the "src" of an img tag of the original message, which allows remote attackers to bypass zone restrictions and exploit other issues that rely on predictab... Read more

    Affected Products : outlook
    • Published: Aug. 18, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0839

    Internet Explorer in Windows XP SP2, and other versions including 5.01 and 5.5, allows remote attackers to install arbitrary programs via a web page that uses certain styles and the AnchorClick behavior, popup windows, and drag-and-drop capabilities to dr... Read more

    • Published: Aug. 18, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0421

    The Portable Network Graphics library (libpng) 1.0.15 and earlier allows attackers to cause a denial of service (crash) via a malformed PNG image file that triggers an error that causes an out-of-bounds read when creating the error message.... Read more

    • Published: Aug. 18, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0419

    XDM in XFree86 opens a chooserFd TCP socket even when DisplayManager.requestPort is 0, which could allow remote attackers to connect to the port, in violation of the intended restrictions.... Read more

    Affected Products : linux x11r6 xdm
    • Published: Aug. 18, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2003-1042

    SQL injection vulnerability in collectstats.pl for Bugzilla 2.16.3 and earlier allows remote authenticated users with editproducts privileges to execute arbitrary SQL via the product name.... Read more

    Affected Products : bugzilla
    • Published: Aug. 18, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0501

    Outlook 2003 allows remote attackers to bypass intended access restrictions and cause Outlook to request a URL from a remote site via an HTML e-mail message containing a Vector Markup Language (VML) entity whose src parameter points to the remote site, wh... Read more

    Affected Products : outlook
    • Published: Aug. 18, 2004
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2004-0515

    Unknown vulnerability in LoginWindow for Mac OS X 10.3.4, related to "handling of console log files."... Read more

    Affected Products : mac_os_x mac_os_x_server
    • Published: Aug. 18, 2004
    • Modified: Apr. 03, 2025
Showing 20 of 294850 Results