Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2002-0982

    Microsoft SQL Server 2000 SP2, when configured as a distributor, allows attackers to execute arbitrary code via the @scriptfile parameter to the sp_MScopyscript stored procedure.... Read more

    Affected Products : sql_server
    • EPSS Score: %8.64
    • Published: Sep. 24, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0989

    The URL handler in the manual browser option for Gaim before 0.59.1 allows remote attackers to execute arbitrary script via shell metacharacters in a link.... Read more

    Affected Products : linux gaim
    • EPSS Score: %4.95
    • Published: Sep. 24, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0974

    Help and Support Center for Windows XP allows remote attackers to delete arbitrary files via a link to the hcp: protocol that accesses uplddrvinfo.htm.... Read more

    Affected Products : windows_xp
    • EPSS Score: %53.64
    • Published: Sep. 24, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-1124

    Multiple buffer overflows in purity 1-16 allow local users to gain privileges and modify high scores tables.... Read more

    Affected Products : purity
    • EPSS Score: %0.14
    • Published: Sep. 24, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0648

    The legacy <script> data-island capability for XML in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to read arbitrary XML files, and portions of other files, via a URL whose "src" attribute redirects to a local file.... Read more

    Affected Products : internet_explorer
    • EPSS Score: %59.28
    • Published: Sep. 24, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1123

    Buffer overflow in the authentication function for Microsoft SQL Server 2000 and Microsoft Desktop Engine (MSDE) 2000 allows remote attackers to execute arbitrary code via a long request to TCP port 1433, aka the "Hello" overflow.... Read more

    Affected Products : sql_server sql_server data_engine
    • EPSS Score: %89.14
    • Published: Sep. 24, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0723

    Microsoft Internet Explorer 5.5 and 6.0 does not properly verify the domain of a frame within a browser window, which allows remote attackers to read client files or invoke executable objects via the Object tag, aka "Cross Domain Verification in Object Ta... Read more

    Affected Products : internet_explorer
    • EPSS Score: %24.17
    • Published: Sep. 24, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-0981

    Buffer overflow in ndcfg command for UnixWare 7.1.1 and Open UNIX 8.0.0 allows local users to execute arbitrary code via a long command line.... Read more

    Affected Products : unixware openunix
    • EPSS Score: %0.34
    • Published: Sep. 24, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0978

    Microsoft File Transfer Manager (FTM) ActiveX control before 4.0 allows remote attackers to upload or download arbitrary files to arbitrary locations via a man-in-the-middle attack with modified TGT and TGN parameters in a call to the "Persist" function.... Read more

    Affected Products : file_transfer_manager
    • EPSS Score: %3.61
    • Published: Sep. 24, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0977

    Buffer overflow in Microsoft File Transfer Manager (FTM) ActiveX control before 4.0 allows remote attackers to execute arbitrary code via a long TS value.... Read more

    Affected Products : file_transfer_manager
    • EPSS Score: %5.38
    • Published: Sep. 24, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1120

    Buffer overflow in Savant Web Server 3.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request.... Read more

    Affected Products : savant_web_server
    • EPSS Score: %76.54
    • Published: Sep. 24, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-0988

    Buffer overflow in X server (Xsco) in OpenUNIX 8.0.0 and UnixWare 7.1.1, possibly related to XBM/xkbcomp capabilities.... Read more

    Affected Products : unixware openunix
    • EPSS Score: %1.00
    • Published: Sep. 24, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-1612

    Buffer overflow in mailcv in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gain privileges.... Read more

    Affected Products : hp-ux tru64
    • EPSS Score: %0.08
    • Published: Sep. 13, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-1615

    Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allow local users to execute arbitrary code via (1) msgchk or (2) .upd..loader.... Read more

    Affected Products : hp-ux tru64
    • EPSS Score: %0.09
    • Published: Sep. 13, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-1613

    Buffer overflow in ps in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gain privileges.... Read more

    Affected Products : hp-ux tru64
    • EPSS Score: %0.08
    • Published: Sep. 10, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-1614

    Buffer overflow in HP Tru64 UNIX allows local users to execute arbitrary code via a long argument to /usr/bin/at.... Read more

    Affected Products : hp-ux tru64
    • EPSS Score: %0.90
    • Published: Sep. 09, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-0851

    Format string vulnerability in ISDN Point to Point Protocol (PPP) daemon (ipppd) in the ISDN4Linux (i4l) package allows local users to gain root privileges via format strings in the device name command line argument, which is not properly handled in a cal... Read more

    Affected Products : isdn4linux
    • EPSS Score: %0.64
    • Published: Sep. 05, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0857

    Format string vulnerabilities in Oracle Listener Control utility (lsnrctl) for Oracle 9.2 and 9.0, 8.1, and 7.3.4, allow remote attackers to execute arbitrary code on the Oracle DBA system by placing format strings into certain entries in the listener.ora... Read more

    Affected Products : database_server oracle8i
    • EPSS Score: %2.31
    • Published: Sep. 05, 2002
    • Modified: Apr. 03, 2025

  • 5.5

    MEDIUM
    CVE-2002-0725

    NTFS file system in Windows NT 4.0 and Windows 2000 SP2 allows local attackers to hide file usage activities via a hard link to the target file, which causes the link to be recorded in the audit trail instead of the target file.... Read more

    Affected Products : windows_2000 windows_nt
    • EPSS Score: %0.66
    • Published: Sep. 05, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-0854

    Buffer overflows in ISDN Point to Point Protocol (PPP) daemon (ipppd) in the i4l package on SuSE 7.3, 8.0, and possibly other operating systems, may allow local users to gain privileges.... Read more

    Affected Products : suse_linux
    • EPSS Score: %0.06
    • Published: Sep. 05, 2002
    • Modified: Apr. 03, 2025
Showing 20 of 291659 Results