Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2003-1150

    Buffer overflow in the portmapper service (PMAP.NLM) in Novell NetWare 6 SP3 and ZenWorks for Desktops 3.2 SP2 through 4.0.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via unknown attack vectors.... Read more

    Affected Products : netware zenworks_desktops
    • Published: Oct. 27, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-1138

    The default configuration of Apache 2.0.40, as shipped with Red Hat Linux 9.0, allows remote attackers to list directory contents, even if auto indexing is turned off and there is a default web page configured, via a GET request containing a double slash ... Read more

    Affected Products : linux interchange
    • Published: Oct. 27, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-1139

    Musicqueue 1.2.0 allows local users to overwrite arbitrary files by triggering a segmentation fault and using a symlink attack on the resulting musicqueue.crash file.... Read more

    Affected Products : musicqueue
    • Published: Oct. 27, 2003
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2003-1149

    Cross-site scripting (XSS) vulnerability in Symantec Norton Internet Security 2003 6.0.4.34 allows remote attackers to inject arbitrary web script or HTML via a URL to a blocked site, which is displayed on the blocked sites error page.... Read more

    Affected Products : norton_internet_security
    • Published: Oct. 27, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-1060

    The NFS Server for Solaris 7, 8, and 9 allows remote attackers to cause a denial of service (UFS panic) via certain invalid UFS requests, which triggers a null dereference.... Read more

    Affected Products : solaris sunos
    • Published: Oct. 27, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2003-1140

    Buffer overflow in Musicqueue 1.2.0 allows local users to execute arbitrary code via a long language variable in the configuration file.... Read more

    Affected Products : musicqueue
    • Published: Oct. 27, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-1181

    Advanced Poll 2.0.2 allows remote attackers to obtain sensitive information via an HTTP request to info.php, which invokes the phpinfo() function.... Read more

    Affected Products : advanced_poll
    • Published: Oct. 25, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-1148

    Multiple PHP remote file inclusion vulnerabilities in J-Pierre DEZELUS Les Visiteurs 2.0.1, as used in phpMyConferences (phpMyConference) 8.0.2 and possibly other products, allow remote attackers to execute arbitrary PHP code via a URL in the lvc_include_... Read more

    Affected Products : les_visiteurs
    • Published: Oct. 25, 2003
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2003-1136

    Cross-site scripting (XSS) vulnerability in Chi Kien Uong Guestbook 1.51 allows remote attackers to inject arbitrary web script or HTML via (1) HTML in a posted message or (2) Javascript in an onmouseover attribute in an e-mail address or URL.... Read more

    Affected Products : chi_kien_uong_guestbook
    • Published: Oct. 23, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2003-0755

    Buffer overflow in sys_cmd.c for gtkftpd 1.0.4 and earlier allows remote attackers to execute arbitrary code by creating long directory names and listing them with a LIST command.... Read more

    Affected Products : gtkftp
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2003-0745

    SNMPc 6.0.8 and earlier performs authentication to the server on the client side, which allows remote attackers to gain privileges by decrypting the password that is returned by the server.... Read more

    Affected Products : snmpc
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 6.8

    MEDIUM
    CVE-2003-0733

    Multiple cross-site scripting (XSS) vulnerabilities in WebLogic Integration 7.0 and 2.0, Liquid Data 1.1, and WebLogic Server and Express 5.1 through 7.0, allow remote attackers to execute arbitrary web script and steal authentication credentials via (1) ... Read more

    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0665

    Buffer overflow in the ActiveX control for Microsoft Access Snapshot Viewer for Access 97, 2000, and 2002 allows remote attackers to execute arbitrary code via long parameters to the control.... Read more

    Affected Products : access
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2003-0739

    VMware Workstation 4.0.1 for Linux, build 5289 and earlier, allows local users to delete arbitrary files via a symlink attack.... Read more

    Affected Products : workstation
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0756

    Directory traversal vulnerability in sitebuilder.cgi in SiteBuilder 1.4 allows remote attackers to read arbitrary files via .. (dot dot) sequences in the selectedpage parameter.... Read more

    Affected Products : sitebuilder
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0752

    SQL injection vulnerability in global.php3 of AttilaPHP 3.0, and possibly earlier versions, allows remote attackers to bypass authentication via a modified cook_id parameter.... Read more

    Affected Products : attilaphp
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 6.8

    MEDIUM
    CVE-2003-0749

    Cross-site scripting (XSS) vulnerability in wgate.dll for SAP Internet Transaction Server (ITS) 4620.2.0.323011 allows remote attackers to insert arbitrary web script and steal cookies via the ~service parameter.... Read more

    Affected Products : internet_transaction_server
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0747

    wgate.dll in SAP Internet Transaction Server (ITS) 4620.2.0.323011 allows remote attackers to obtain potentially sensitive information such as directory structure and operating system via incorrect parameters (1) ~service, (2) ~templatelanguage, (3) ~lang... Read more

    Affected Products : internet_transaction_server
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0753

    nphpd.php in newsPHP 216 and earlier allows remote attackers to read arbitrary files via a full pathname to the target file in the nphp_config[LangFile] parameter.... Read more

    Affected Products : newsphp
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0746

    Various Distributed Computing Environment (DCE) implementations, including HP OpenView, allow remote attackers to cause a denial of service (process hang or termination) via certain malformed inputs, as triggered by attempted exploits against the vulnerab... Read more

    Affected Products : openview
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025
Showing 20 of 293620 Results