Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2003-0863

    The php_check_safe_mode_include_dir function in fopen_wrappers.c of PHP 4.3.x returns a success value (0) when the safe_mode_include_dir variable is not specified in configuration, which differs from the previous failure value and may allow remote attacke... Read more

    Affected Products : php
    • Published: Nov. 17, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1568

    OpenSSL 0.9.6e uses assertions when detecting buffer overflow attacks instead of less severe mechanisms, which allows remote attackers to cause a denial of service (crash) via certain messages that cause OpenSSL to abort from a failed assertion, as demons... Read more

    Affected Products : openssl
    • Published: Nov. 17, 2003
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-1412

    nidump on MacOS X before 10.3 allows local users to read the encrypted passwords from the password file by specifying passwd as a command line argument.... Read more

    Affected Products : mac_os_x
    • Published: Nov. 17, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0626

    psdoccgi.exe in PeopleSoft PeopleTools 8.4 through 8.43 allows remote attackers to read arbitrary files via the (1) headername or (2) footername arguments.... Read more

    Affected Products : peopletools
    • Published: Nov. 13, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2003-1144

    Buffer overflow in the log viewing interface in Perception LiteServe 1.25 through 2.2 allows remote attackers to execute arbitrary code via a GET request with a long file name.... Read more

    Affected Products : liteserve
    • Published: Nov. 04, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-1141

    Buffer overflow in NIPrint 4.10 allows remote attackers to execute arbitrary code via a long string to TCP port 515.... Read more

    Affected Products : niprint_lpd-lpr_print_server
    • Published: Nov. 04, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-1193

    Multiple SQL injection vulnerabilities in the Portal DB (1) List of Values (LOVs), (2) Forms, (3) Hierarchy, and (4) XML components packages in Oracle Oracle9i Application Server 9.0.2.00 through 3.0.9.8.5 allow remote attackers to execute arbitrary SQL c... Read more

    Affected Products : oracle9i application_server_portal
    • Published: Nov. 03, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0901

    Buffer overflow in to_ascii for PostgreSQL 7.2.x, and 7.3.x before 7.3.4, allows remote attackers to execute arbitrary code.... Read more

    Affected Products : postgresql
    • Published: Nov. 03, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-0542

    Multiple stack-based buffer overflows in (1) mod_alias and (2) mod_rewrite for Apache before 1.3.29 allow attackers to create configuration files to cause a denial of service (crash) or execute arbitrary code via a regular expression with more than 9 capt... Read more

    Affected Products : http_server
    • Published: Nov. 03, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1570

    Heap-based buffer overflow in snmpnetstat for ucd-snmp 4.2.3 and earlier, and net-snmp, allows remote attackers to execute arbitrary code via multiple getnextrequest PDU messages with conflicting ifindex variables, which cause snmpnetstat to write variabl... Read more

    Affected Products : ucd-snmp
    • Published: Nov. 03, 2003
    • Modified: Apr. 03, 2025

  • 6.8

    MEDIUM
    CVE-2003-1145

    Cross-site scripting (XSS) vulnerability in friendmail.php in OpenAutoClassifieds 1.0 allows remote attackers to inject arbitrary web script or HTML via the listing parameter.... Read more

    Affected Products : openautoclassifieds
    • Published: Nov. 03, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0871

    Unknown vulnerability in QuickTime Java in Mac OS X v10.3 and Mac OS X Server 10.3 allows attackers to gain "unauthorized access to a system."... Read more

    Affected Products : mac_os_x mac_os_x_server
    • Published: Nov. 03, 2003
    • Modified: Apr. 03, 2025

  • 7.8

    HIGH
    CVE-2003-0855

    Pan 0.13.3 and earlier allows remote attackers to cause a denial of service (crash) via a news post with a long author email address.... Read more

    Affected Products : linux pan
    • Published: Nov. 03, 2003
    • Modified: Apr. 03, 2025

  • 6.8

    MEDIUM
    CVE-2003-1182

    Cross-site scripting (XSS) vulnerability in MPM Guestbook 1.2 allows remote attackers to inject arbitrary web script or HTML via the lng parameter.... Read more

    Affected Products : mpm_guestbook
    • Published: Nov. 03, 2003
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2003-1190

    Cross-site scripting (XSS) vulnerability in PHPRecipeBook 1.24 through 2.17 allows remote attackers to inject arbitrary web script or HTML via a recipe.... Read more

    Affected Products : phprecipebook
    • Published: Nov. 03, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0683

    NFS in SGI 6.5.21m and 6.5.21f does not perform access checks in certain configurations when an /etc/exports entry uses wildcards without any hostnames or groups, which could allow attackers to bypass intended restrictions.... Read more

    Affected Products : irix
    • Published: Nov. 03, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-1185

    Multiple SQL injection vulnerabilities in ThWboard before Beta 2.8.2 allow remote attackers to inject arbitrary SQL commands via various vectors including (1) Admin-Center, (2) Announcements, (3) admin/calendar.php, and (4) showevent.php.... Read more

    Affected Products : thwboard
    • Published: Nov. 03, 2003
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2003-0876

    Finder in Mac OS X 10.2.8 and earlier sets global read/write/execute permissions on directories when they are dragged (copied) from a mounted volume such as a disk image (DMG), which could cause the directories to have less restrictive permissions than in... Read more

    Affected Products : mac_os_x mac_os_x_server
    • Published: Nov. 03, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-1196

    SQL injection vulnerability in viewtopic.asp in VieBoard 2.6 allows remote attackers to execute arbitrary SQL commands via the forumid parameter.... Read more

    Affected Products : vieboard
    • Published: Nov. 03, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2003-1142

    Help in NIPrint LPD-LPR Print Server 4.10 and earlier executes Windows Explorer with SYSTEM privileges, which allows local users to gain privileges.... Read more

    Affected Products : niprint_lpd-lpr_print_server
    • Published: Nov. 03, 2003
    • Modified: Apr. 03, 2025
Showing 20 of 293624 Results