Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.4

    MEDIUM
    CVE-2002-0932

    SQL injection vulnerability in index.php for MyHelpDesk 20020509, and possibly other versions, allows remote attackers to conduct unauthorized activities via SQL code in the "id" parameter for the operations (1) detailticket, (2) editticket, or (3) update... Read more

    Affected Products : myhelpdesk
    • EPSS Score: %0.33
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2002-1054

    Directory traversal vulnerability in Pablo FTP server 1.0 build 9 and earlier allows remote authenticated users to list arbitrary directories via "..\" (dot-dot backslash) sequences in a LIST command.... Read more

    Affected Products : pablo_ftp_server
    • EPSS Score: %6.68
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0964

    Half-Life Server 1.1.1.0 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via multiple responses to the initial challenge with different cd_key values, which reaches the player limit and prevents other players from co... Read more

    • EPSS Score: %6.28
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0933

    Datalex PLC BookIt! Consumer before 2.2 stores usernames and passwords in plaintext in a cookie, which could allow remote attackers to gain privileges via Cross-site scripting or sniffing attacks.... Read more

    Affected Products : bookit_consumer
    • EPSS Score: %1.40
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0908

    Directory traversal vulnerability in the web server for Cisco IDS Device Manager before 3.1.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTPS request.... Read more

    Affected Products : ids_device_manager
    • EPSS Score: %16.60
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0696

    Microsoft Visual FoxPro 6.0 does not register its associated files with Internet Explorer, which allows remote attackers to execute Visual FoxPro applications without warning via HTML that references specially-crafted filenames.... Read more

    Affected Products : visual_foxpro
    • EPSS Score: %18.25
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0945

    Buffer overflow in SeaNox Devwex allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP GET request.... Read more

    Affected Products : devwex
    • EPSS Score: %2.44
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1085

    Multiple cross-site scripting vulnerabilities in ezContents 1.41 and earlier allow remote attackers to execute script and steal cookies via the diary and other capabilities.... Read more

    Affected Products : ezcontents
    • EPSS Score: %0.72
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1134

    Unknown vulnerability in Compaq WEBES Service Tools 2.0 through WEBES 4.0 (Service Pack 5) allows local users to read privileged files.... Read more

    Affected Products : webes_service_tools
    • EPSS Score: %1.25
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0878

    SQL injection vulnerability in the login form for LogiSense software including (1) Hawk-i Billing, (2) Hawk-i ASP and (3) DNS Manager allows remote attackers to bypass authentication via SQL code in the password field.... Read more

    Affected Products : dns_manager_system hawk-i
    • EPSS Score: %0.81
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-1128

    Buffer overflow in inc mail utility for Compaq Tru64/OSF1 3.x allows local users to execute arbitrary code via a long MH environment variable.... Read more

    Affected Products : osf_1 ultrix
    • EPSS Score: %0.15
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0948

    Scripts For Educators MakeBook 2.2 CGI program allows remote attackers to execute script as other visitors, or execute server-side includes (SSI) as the web server, via the (1) Name or (2) Email parameters, which are not properly filtered.... Read more

    Affected Products : makebook
    • EPSS Score: %7.50
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2002-1105

    Cisco Virtual Private Network (VPN) Client software 2.x.x, and 3.x before 3.5.1C, allows local users to use a utility program to obtain the group password.... Read more

    Affected Products : vpn_client
    • EPSS Score: %0.10
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0960

    Multiple cross-site scripting vulnerabilities in Voxel Dot Net CBMS 0.7 and earlier allows remote attackers to execute arbitrary script as other CBMS users.... Read more

    Affected Products : cbms
    • EPSS Score: %1.68
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1099

    Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, allows remote attackers to obtain potentially sensitive information without authentication by directly accessing certain HTML pages.... Read more

    • EPSS Score: %0.51
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2002-1084

    The VerifyLogin function in ezContents 1.41 and earlier does not properly halt program execution if a user fails to log in properly, which allows remote attackers to modify and view restricted information via HTTP POST requests.... Read more

    Affected Products : ezcontents
    • EPSS Score: %1.31
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1076

    Buffer overflow in the Web Messaging daemon for Ipswitch IMail before 7.12 allows remote attackers to execute arbitrary code via a long HTTP GET request for HTTP/1.0.... Read more

    Affected Products : imail
    • EPSS Score: %28.49
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1075

    Buffer overflow in Pegasus mail client 4.01 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long (1) To or (2) From headers.... Read more

    Affected Products : pegasus_mail
    • EPSS Score: %11.42
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1072

    ZyXEL Prestige 642R 2.50(FA.1) and Prestige 310 V3.25(M.01), allows remote attackers to cause a denial of service via an oversized, fragmented "jolt" style ICMP packet.... Read more

    Affected Products : prestige
    • EPSS Score: %5.42
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1070

    Cross-site scripting vulnerability in PHPWiki Postnuke wiki module allows remote attackers to execute script as other PHPWiki users via the pagename parameter.... Read more

    Affected Products : php-wiki
    • EPSS Score: %3.99
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025
Showing 20 of 291822 Results