Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.2

    HIGH
    CVE-2003-0631

    VMware GSX Server 2.5.1 build 4968 and earlier, and Workstation 4.0 and earlier, allows local users to gain root privileges via certain enivronment variables that are used when launching a virtual machine session.... Read more

    Affected Products : workstation gsx_server
    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0646

    Multiple buffer overflows in ActiveX controls used by Trend Micro HouseCall 5.5 and 5.7, and Damage Cleanup Server 1.0, allow remote attackers to execute arbitrary code via long parameter strings.... Read more

    Affected Products : housecall damage_cleanup_server
    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2003-0642

    WatchGuard ServerLock for Windows 2000 before SL 2.0.4 allows local users to access kernel memory via a symlink attack on \Device\PhysicalMemory.... Read more

    Affected Products : serverlock
    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2003-0645

    man-db 2.3.12 and 2.3.18 to 2.4.1 uses certain user-controlled DEFINE directives from the ~/.manpath file, even when running setuid, which could allow local users to gain privileges.... Read more

    Affected Products : man
    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0651

    Buffer overflow in the mylo_log logging function for mod_mylo 0.2.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request.... Read more

    Affected Products : mod_mylo
    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0657

    Multiple SQL injection vulnerabilities in the infolog module for phpgroupware 0.9.14 and earlier could allow remote attackers to conduct unauthorized database actions.... Read more

    Affected Products : phpgroupware
    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0672

    Format string vulnerability in pam-pgsql 0.5.2 and earlier allows remote attackers to execute arbitrary code via the username that isp rovided during authentication, which is not properly handled when recording a log message.... Read more

    Affected Products : pam-pgsql
    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2003-0652

    Buffer overflow in xtokkaetama allows local users to gain privileges via a long -nickname command line argument, a different vulnerability than CVE-2003-0611.... Read more

    Affected Products : xtokkaetama
    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0677

    Cisco CSS 11000 routers on the CS800 chassis allow remote attackers to cause a denial of service (CPU consumption or reboot) via a large number of TCP SYN packets to the circuit IP address, aka "ONDM Ping failure."... Read more

    Affected Products : webns
    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2003-0462

    A race condition in the way env_start and env_end pointers are initialized in the execve system call and used in fs/proc/base.c on Linux 2.4 allows local users to cause a denial of service (crash).... Read more

    • Published: Aug. 27, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-1063

    The patches (1) 105693-13, (2) 108800-02, (3) 105694-13, and (4) 108801-02 for cachefs on Solaris 2.6 and 7 overwrite the inetd.conf file, which may silently reenable services and allow remote attackers to bypass the intended security policy.... Read more

    Affected Products : solaris sunos
    • Published: Aug. 20, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2003-1202

    The checklogin function in omail.pl for omail webmail 0.98.4 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a (1) password, (2) domainname, or (3) username.... Read more

    Affected Products : omail_webmail
    • Published: Aug. 19, 2003
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2003-0177

    SGI IRIX 6.5.x through 6.5.20f, and possibly earlier versions, does not follow "-" entries in the /etc/group file, which may cause subsequent group membership entries to be processed inadvertently.... Read more

    Affected Products : irix
    • Published: Aug. 18, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0516

    cnd.c in mgetty 1.1.28 and earlier does not properly filter non-printable characters and quotes, which may allow remote attackers to execute arbitrary commands via shell metacharacters in (1) caller ID or (2) caller name strings.... Read more

    Affected Products : mgetty
    • Published: Aug. 18, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-0496

    Microsoft SQL Server before Windows 2000 SP4 allows local users to gain privileges as the SQL Server user by calling the xp_fileexist extended stored procedure with a named pipe as an argument instead of a normal file.... Read more

    • Published: Aug. 18, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0557

    SQL injection vulnerability in login.asp for StoreFront 6.0, and possibly earlier versions, allows remote attackers to obtain sensitive user information via SQL statements in the password field.... Read more

    Affected Products : storefront
    • Published: Aug. 18, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0519

    Certain versions of Internet Explorer 5 and 6, in certain Windows environments, allow remote attackers to cause a denial of service (freeze) via a URL to C:\aux (MS-DOS device name) and possibly other devices.... Read more

    Affected Products : internet_explorer
    • Published: Aug. 18, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0581

    X Fontserver for Truetype fonts (xfstt) 1.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a (1) FS_QueryXExtents8 or (2) FS_QueryXBitmaps8 packet, and possibly other types of packets, with a large num_ranges ... Read more

    Affected Products : xfstt
    • Published: Aug. 18, 2003
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2003-0192

    Apache 2 before 2.0.47, and certain versions of mod_ssl for Apache 1.3, do not properly handle "certain sequences of per-directory renegotiations and the SSLCipherSuite directive being used to upgrade from a weak ciphersuite to a strong one," which could ... Read more

    Affected Products : http_server
    • Published: Aug. 18, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0577

    mpg123 0.59r allows remote attackers to cause a denial of service and possibly execute arbitrary code via an MP3 file with a zero bitrate, which creates a negative frame size.... Read more

    Affected Products : mpg123
    • Published: Aug. 18, 2003
    • Modified: Apr. 03, 2025
Showing 20 of 293639 Results