Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 1.2

    LOW
    CVE-2003-0462

    A race condition in the way env_start and env_end pointers are initialized in the execve system call and used in fs/proc/base.c on Linux 2.4 allows local users to cause a denial of service (crash).... Read more

    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2003-0641

    WatchGuard ServerLock for Windows 2000 before SL 2.0.3 allows local users to load arbitrary modules via the OpenProcess() function, as demonstrated using (1) a DLL injection attack, (2) ZwSetSystemInformation, and (3) API hooking in OpenProcess.... Read more

    Affected Products : serverlock
    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0650

    Directory traversal vulnerability in GSAPAK.EXE for GameSpy Arcade, possibly versions before 1.3e, allows remote attackers to overwrite arbitrary files and execute arbitrary code via .. (dot dot) sequences in filenames in a .APK (Zip) file.... Read more

    Affected Products : arcade
    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2003-0502

    Apple QuickTime / Darwin Streaming Server before 4.1.3g allows remote attackers to cause a denial of service (crash) via a .. (dot dot) sequence followed by an MS-DOS device name (e.g. AUX) in a request to HTTP port 1220, a different vulnerability than CV... Read more

    Affected Products : darwin_streaming_server
    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0632

    Buffer overflow in the Oracle Applications Web Report Review (FNDWRR) CGI program (FNDWRR.exe) of Oracle E-Business Suite 11.0 and 11.5.1 through 11.5.8 may allow remote attackers to execute arbitrary code via a long URL.... Read more

    Affected Products : e-business_suite applications
    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0676

    Directory traversal vulnerability in ViewLog for iPlanet Administration Server 5.1 (aka Sun ONE) allows remote attackers to read arbitrary files via "..%2f" (partially encoded dot dot) sequences.... Read more

    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0187

    The connection tracking core of Netfilter for Linux 2.4.20, with CONFIG_IP_NF_CONNTRACK enabled or the ip_conntrack module loaded, allows remote attackers to cause a denial of service (resource consumption) due to an inconsistency with Linux 2.4.20's supp... Read more

    Affected Products : linux_kernel
    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0149

    Heap-based buffer overflow in ePO agent for McAfee ePolicy Orchestrator 2.0, 2.5, and 2.5.1 allows remote attackers to execute arbitrary code via a POST request containing long parameters.... Read more

    Affected Products : epolicy_orchestrator
    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-0230

    Microsoft SQL Server 7, 2000, and MSDE allows local users to gain privileges by hijacking a named pipe during the authentication of another user, aka the "Named Pipe Hijacking" vulnerability.... Read more

    Affected Products : sql_server data_engine
    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0610

    Directory traversal vulnerability in ePO agent for McAfee ePolicy Orchestrator 3.0 allows remote attackers to read arbitrary files via a certain HTTP request.... Read more

    Affected Products : epolicy_orchestrator
    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0425

    Directory traversal vulnerability in Apple QuickTime / Darwin Streaming Server before 4.1.3f allows remote attackers to read arbitrary files via a ... (triple dot) in an HTTP request.... Read more

    Affected Products : darwin_streaming_server
    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0595

    Buffer overflow in WiTango Application Server and Tango 2000 allows remote attackers to execute arbitrary code via a long cookie to Witango_UserReference.... Read more

    Affected Products : wintango_application_server
    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-1063

    The patches (1) 105693-13, (2) 108800-02, (3) 105694-13, and (4) 108801-02 for cachefs on Solaris 2.6 and 7 overwrite the inetd.conf file, which may silently reenable services and allow remote attackers to bypass the intended security policy.... Read more

    Affected Products : solaris sunos
    • Published: Aug. 20, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2003-1202

    The checklogin function in omail.pl for omail webmail 0.98.4 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a (1) password, (2) domainname, or (3) username.... Read more

    Affected Products : omail_webmail
    • Published: Aug. 19, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0519

    Certain versions of Internet Explorer 5 and 6, in certain Windows environments, allow remote attackers to cause a denial of service (freeze) via a URL to C:\aux (MS-DOS device name) and possibly other devices.... Read more

    Affected Products : internet_explorer
    • Published: Aug. 18, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1410

    Internet Explorer 6 and earlier allows remote attackers to create chromeless windows using the Javascript window.createPopup method, which could allow attackers to simulate a victim's display and conduct unauthorized activities or steal sensitive data via... Read more

    Affected Products : internet_explorer
    • Published: Aug. 18, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-0496

    Microsoft SQL Server before Windows 2000 SP4 allows local users to gain privileges as the SQL Server user by calling the xp_fileexist extended stored procedure with a named pipe as an argument instead of a normal file.... Read more

    • Published: Aug. 18, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0516

    cnd.c in mgetty 1.1.28 and earlier does not properly filter non-printable characters and quotes, which may allow remote attackers to execute arbitrary commands via shell metacharacters in (1) caller ID or (2) caller name strings.... Read more

    Affected Products : mgetty
    • Published: Aug. 18, 2003
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2003-0177

    SGI IRIX 6.5.x through 6.5.20f, and possibly earlier versions, does not follow "-" entries in the /etc/group file, which may cause subsequent group membership entries to be processed inadvertently.... Read more

    Affected Products : irix
    • Published: Aug. 18, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-0580

    Buffer overflow in uvadmsh in IBM U2 UniVerse 10.0.0.9 and earlier allows the uvadm user to execute arbitrary code via a long -uv.install command line argument.... Read more

    Affected Products : u2_universe
    • Published: Aug. 18, 2003
    • Modified: Apr. 03, 2025
Showing 20 of 293261 Results