Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.6

    MEDIUM
    CVE-2003-0898

    IBM DB2 7.2 before FixPak 10a, and earlier versions including 7.1, allows local users to overwrite arbitrary files and gain privileges via a symlink attack on (1) db2job and (2) db2job2.... Read more

    Affected Products : db2_universal_database
    • Published: Nov. 17, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0850

    The TCP reassembly functionality in libnids before 1.18 allows remote attackers to cause "memory corruption" and possibly execute arbitrary code via "overlarge TCP packets."... Read more

    Affected Products : dsniff libnids
    • Published: Nov. 17, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0792

    Fetchmail 6.2.4 and earlier does not properly allocate memory for long lines, which allows remote attackers to cause a denial of service (crash) via a certain email.... Read more

    Affected Products : fetchmail
    • Published: Nov. 17, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0853

    An integer overflow in ls in the fileutils or coreutils packages may allow local users to cause a denial of service or execute arbitrary code via a large -w value, which could be remotely exploited via applications that use ls, such as wu-ftpd.... Read more

    Affected Products : wu-ftpd fileutils
    • Published: Nov. 17, 2003
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2003-0854

    ls in the fileutils or coreutils packages allows local users to consume a large amount of memory via a large -w value, which can be remotely exploited via applications that use ls, such as wu-ftpd.... Read more

    Affected Products : wu-ftpd fileutils
    • Published: Nov. 17, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2003-0861

    Integer overflows in (1) base64_encode and (2) the GD library for PHP before 4.3.3 have unknown impact and unknown attack vectors.... Read more

    Affected Products : php
    • Published: Nov. 17, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0835

    Multiple buffer overflows in asf_http_request of MPlayer before 0.92 allows remote attackers to execute arbitrary code via an ASX header with a long hostname.... Read more

    Affected Products : mplayer
    • Published: Nov. 17, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0866

    The Catalina org.apache.catalina.connector.http package in Tomcat 4.0.x up to 4.0.3 allows remote attackers to cause a denial of service via several requests that do not follow the HTTP protocol, which causes Tomcat to reject later requests.... Read more

    Affected Products : tomcat
    • Published: Nov. 17, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2003-0860

    Buffer overflows in PHP before 4.3.3 have unknown impact and unknown attack vectors.... Read more

    Affected Products : php
    • Published: Nov. 17, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0544

    OpenSSL 0.9.6 and 0.9.7 does not properly track the number of characters in certain ASN.1 inputs, which allows remote attackers to cause a denial of service (crash) via an SSL client certificate that causes OpenSSL to read past the end of a buffer when th... Read more

    Affected Products : openssl
    • Published: Nov. 17, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0711

    Stack-based buffer overflow in the PCHealth system in the Help and Support Center function in Windows XP and Windows Server 2003 allows remote attackers to execute arbitrary code via a long query in an HCP URL.... Read more

    • Published: Nov. 17, 2003
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-1412

    nidump on MacOS X before 10.3 allows local users to read the encrypted passwords from the password file by specifying passwd as a command line argument.... Read more

    Affected Products : mac_os_x
    • Published: Nov. 17, 2003
    • Modified: Apr. 03, 2025

  • 7.1

    HIGH
    CVE-2003-0844

    mod_gzip 1.3.26.1a and earlier, and possibly later official versions, when running in debug mode without the Apache log, allows local users to overwrite arbitrary files via (1) a symlink attack on predictable temporary filenames on Unix systems, or (2) an... Read more

    Affected Products : mod_gzip
    • Published: Nov. 17, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0839

    Directory traversal vulnerability in the "Shell Folders" capability in Microsoft Windows Server 2003 allows remote attackers to read arbitrary files via .. (dot dot) sequences in a "shell:" link.... Read more

    Affected Products : windows_2003_server
    • Published: Nov. 17, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0543

    Integer overflow in OpenSSL 0.9.6 and 0.9.7 allows remote attackers to cause a denial of service (crash) via an SSL client certificate with certain ASN.1 tag values.... Read more

    Affected Products : openssl
    • Published: Nov. 17, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0660

    The Authenticode capability in Microsoft Windows NT through Server 2003 does not prompt the user to download and install ActiveX controls when the system is low on memory, which could allow remote attackers to execute arbitrary code without user approval.... Read more

    • Published: Nov. 17, 2003
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2003-0847

    SuSEconfig.susewm in the susewm package on SuSE Linux 8.2Pro allows local users to overwrite arbitrary files via a symlink attack on the susewm.$$ temporary file.... Read more

    Affected Products : suse_linux
    • Published: Nov. 17, 2003
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2003-0712

    Cross-site scripting (XSS) vulnerability in the HTML encoding for the Compose New Message form in Microsoft Exchange Server 5.5 Outlook Web Access (OWA) allows remote attackers to execute arbitrary web script.... Read more

    Affected Products : exchange_server
    • Published: Nov. 17, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-0840

    Buffer overflow in dtprintinfo on HP-UX 11.00, and possibly other operating systems, allows local users to gain root privileges via a long DISPLAY environment variable.... Read more

    Affected Products : hp-ux
    • Published: Nov. 17, 2003
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2003-0894

    Buffer overflow in the (1) oracle and (2) oracleO programs in Oracle 9i Database 9.0.x and 9.2.x before 9.2.0.4 allows local users to execute arbitrary code via a long command line argument.... Read more

    Affected Products : database_server oracle9i
    • Published: Nov. 17, 2003
    • Modified: Apr. 03, 2025
Showing 20 of 293609 Results