Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.2

    HIGH
    CVE-2002-0987

    X server (Xsco) in OpenUNIX 8.0.0 and UnixWare 7.1.1 does not drop privileges before calling programs such as xkbcomp using popen, which could allow local users to gain privileges.... Read more

    Affected Products : unixware openunix
    • EPSS Score: %0.15
    • Published: Sep. 24, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-1125

    FreeBSD port programs that use libkvm for FreeBSD 4.6.2-RELEASE and earlier, including (1) asmon, (2) ascpu, (3) bubblemon, (4) wmmon, and (5) wmnet2, leave open file descriptors for /dev/mem and /dev/kmem, which allows local users to read kernel memory.... Read more

    Affected Products : freebsd
    • EPSS Score: %0.21
    • Published: Sep. 24, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0975

    Buffer overflow in Microsoft DirectX Files Viewer ActiveX control (xweb.ocx) 2.0.6.15 and earlier allows remote attackers to execute arbitrary via a long File parameter.... Read more

    Affected Products : directx_files_viewer_control
    • EPSS Score: %9.98
    • Published: Sep. 24, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0727

    The Host function in Microsoft Office Web Components (OWC) 2000 and 2002 is exposed in components that are marked as safe for scripting, which allows remote attackers to execute arbitrary commands via the setTimeout method.... Read more

    Affected Products : project office_web_components
    • EPSS Score: %9.52
    • Published: Sep. 24, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0980

    The Web Folder component for Internet Explorer 5.5 and 6.0 writes an error message to a known location in the temporary folder, which allows remote attackers to execute arbitrary code by injecting it into the error message, then referring to the error mes... Read more

    Affected Products : internet_explorer outlook_express
    • EPSS Score: %40.45
    • Published: Sep. 24, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-0988

    Buffer overflow in X server (Xsco) in OpenUNIX 8.0.0 and UnixWare 7.1.1, possibly related to XBM/xkbcomp capabilities.... Read more

    Affected Products : unixware openunix
    • EPSS Score: %1.00
    • Published: Sep. 24, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0726

    Buffer overflow in Microsoft Terminal Services Advanced Client (TSAC) ActiveX control allows remote attackers to execute arbitrary code via a long server name field.... Read more

    Affected Products : tsac_activex_control
    • EPSS Score: %18.75
    • Published: Sep. 24, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0376

    Buffer overflow in Apple QuickTime 5.0 ActiveX component allows remote attackers to execute arbitrary code via a long pluginspage field.... Read more

    Affected Products : quicktime
    • EPSS Score: %3.82
    • Published: Sep. 24, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0861

    Microsoft Office Web Components (OWC) 2000 and 2002 allows remote attackers to bypass the "Allow paste operations via script" setting, even when it is disabled, via the (1) Copy method of the Cell object or (2) the Paste method of the Range object.... Read more

    Affected Products : project office_web_components
    • EPSS Score: %6.15
    • Published: Sep. 24, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0982

    Microsoft SQL Server 2000 SP2, when configured as a distributor, allows attackers to execute arbitrary code via the @scriptfile parameter to the sp_MScopyscript stored procedure.... Read more

    Affected Products : sql_server
    • EPSS Score: %8.64
    • Published: Sep. 24, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0989

    The URL handler in the manual browser option for Gaim before 0.59.1 allows remote attackers to execute arbitrary script via shell metacharacters in a link.... Read more

    Affected Products : linux gaim
    • EPSS Score: %4.95
    • Published: Sep. 24, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-1612

    Buffer overflow in mailcv in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gain privileges.... Read more

    Affected Products : hp-ux tru64
    • EPSS Score: %0.08
    • Published: Sep. 13, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-1615

    Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allow local users to execute arbitrary code via (1) msgchk or (2) .upd..loader.... Read more

    Affected Products : hp-ux tru64
    • EPSS Score: %0.09
    • Published: Sep. 13, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-1613

    Buffer overflow in ps in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gain privileges.... Read more

    Affected Products : hp-ux tru64
    • EPSS Score: %0.08
    • Published: Sep. 10, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-1614

    Buffer overflow in HP Tru64 UNIX allows local users to execute arbitrary code via a long argument to /usr/bin/at.... Read more

    Affected Products : hp-ux tru64
    • EPSS Score: %0.90
    • Published: Sep. 09, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-0851

    Format string vulnerability in ISDN Point to Point Protocol (PPP) daemon (ipppd) in the ISDN4Linux (i4l) package allows local users to gain root privileges via format strings in the device name command line argument, which is not properly handled in a cal... Read more

    Affected Products : isdn4linux
    • EPSS Score: %0.64
    • Published: Sep. 05, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0857

    Format string vulnerabilities in Oracle Listener Control utility (lsnrctl) for Oracle 9.2 and 9.0, 8.1, and 7.3.4, allow remote attackers to execute arbitrary code on the Oracle DBA system by placing format strings into certain entries in the listener.ora... Read more

    Affected Products : database_server oracle8i
    • EPSS Score: %2.31
    • Published: Sep. 05, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-0871

    xinetd 2.3.4 leaks file descriptors for the signal pipe to services that are launched by xinetd, which could allow those services to cause a denial of service via the pipe.... Read more

    Affected Products : linux xinetd
    • EPSS Score: %0.11
    • Published: Sep. 05, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0632

    Vulnerability in SGI BDS (Bulk Data Service) BDSPro 2.4 and earlier allows clients to read arbitrary files on a BDS server.... Read more

    Affected Products : irix
    • EPSS Score: %0.71
    • Published: Sep. 05, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0859

    Buffer overflow in the OpenDataSource function of the Jet engine on Microsoft SQL Server 2000 allows remote attackers to execute arbitrary code.... Read more

    Affected Products : sql_server jet
    • EPSS Score: %35.66
    • Published: Sep. 05, 2002
    • Modified: Apr. 03, 2025
Showing 20 of 291638 Results