Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2002-1123

    Buffer overflow in the authentication function for Microsoft SQL Server 2000 and Microsoft Desktop Engine (MSDE) 2000 allows remote attackers to execute arbitrary code via a long request to TCP port 1433, aka the "Hello" overflow.... Read more

    Affected Products : sql_server sql_server data_engine
    • EPSS Score: %89.14
    • Published: Sep. 24, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0982

    Microsoft SQL Server 2000 SP2, when configured as a distributor, allows attackers to execute arbitrary code via the @scriptfile parameter to the sp_MScopyscript stored procedure.... Read more

    Affected Products : sql_server
    • EPSS Score: %8.64
    • Published: Sep. 24, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0722

    Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to misrepresent the source of a file in the File Download dialogue box to trick users into thinking that the file type is safe to download, aka "File Origin Spoofing."... Read more

    Affected Products : internet_explorer
    • EPSS Score: %5.73
    • Published: Sep. 24, 2002
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2002-0971

    Vulnerability in VNC, TightVNC, and TridiaVNC allows local users to execute arbitrary code as LocalSystem by using the Win32 Messaging System to bypass the VNC GUI and access the "Add new clients" dialogue box.... Read more

    Affected Products : tightvnc winvnc_server tridiavnc
    • EPSS Score: %0.09
    • Published: Sep. 24, 2002
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2002-0976

    Internet Explorer 4.0 and later allows remote attackers to read arbitrary files via a web page that accesses a legacy XML Datasource applet (com.ms.xml.dso.XMLDSO.class) and modifies the base URL to point to the local system, which is trusted by the apple... Read more

    Affected Products : internet_explorer
    • EPSS Score: %57.72
    • Published: Sep. 24, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-1612

    Buffer overflow in mailcv in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gain privileges.... Read more

    Affected Products : hp-ux tru64
    • EPSS Score: %0.08
    • Published: Sep. 13, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-1615

    Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allow local users to execute arbitrary code via (1) msgchk or (2) .upd..loader.... Read more

    Affected Products : hp-ux tru64
    • EPSS Score: %0.09
    • Published: Sep. 13, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-1613

    Buffer overflow in ps in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gain privileges.... Read more

    Affected Products : hp-ux tru64
    • EPSS Score: %0.08
    • Published: Sep. 10, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-1614

    Buffer overflow in HP Tru64 UNIX allows local users to execute arbitrary code via a long argument to /usr/bin/at.... Read more

    Affected Products : hp-ux tru64
    • EPSS Score: %0.90
    • Published: Sep. 09, 2002
    • Modified: Apr. 03, 2025

  • 5.5

    MEDIUM
    CVE-2002-0725

    NTFS file system in Windows NT 4.0 and Windows 2000 SP2 allows local attackers to hide file usage activities via a hard link to the target file, which causes the link to be recorded in the audit trail instead of the target file.... Read more

    Affected Products : windows_2000 windows_nt
    • EPSS Score: %0.66
    • Published: Sep. 05, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0858

    catsnmp in Oracle 9i and 8i is installed with a dbsnmp user with a default dbsnmp password, which allows attackers to perform restricted database operations and possibly gain other privileges.... Read more

    Affected Products : oracle8i oracle9i
    • EPSS Score: %0.40
    • Published: Sep. 05, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0852

    Buffer overflows in Cisco Virtual Private Network (VPN) Client 3.5.4 and earlier allows remote attackers to cause a denial of service via (1) an Internet Key Exchange (IKE) with a large Security Parameter Index (SPI) payload, or (2) an IKE packet with a l... Read more

    Affected Products : vpn_client
    • EPSS Score: %0.71
    • Published: Sep. 05, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0857

    Format string vulnerabilities in Oracle Listener Control utility (lsnrctl) for Oracle 9.2 and 9.0, 8.1, and 7.3.4, allow remote attackers to execute arbitrary code on the Oracle DBA system by placing format strings into certain entries in the listener.ora... Read more

    Affected Products : database_server oracle8i
    • EPSS Score: %2.31
    • Published: Sep. 05, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-0851

    Format string vulnerability in ISDN Point to Point Protocol (PPP) daemon (ipppd) in the ISDN4Linux (i4l) package allows local users to gain root privileges via format strings in the device name command line argument, which is not properly handled in a cal... Read more

    Affected Products : isdn4linux
    • EPSS Score: %0.64
    • Published: Sep. 05, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-0871

    xinetd 2.3.4 leaks file descriptors for the signal pipe to services that are launched by xinetd, which could allow those services to cause a denial of service via the pipe.... Read more

    Affected Products : linux xinetd
    • EPSS Score: %0.11
    • Published: Sep. 05, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-0721

    Microsoft SQL Server 7.0 and 2000 installs with weak permissions for extended stored procedures that are associated with helper functions, which could allow unprivileged users, and possibly remote attackers, to run stored procedures with administrator pri... Read more

    Affected Products : sql_server sql_server data_engine
    • EPSS Score: %54.35
    • Published: Sep. 05, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0874

    Vulnerability in Interchange 4.8.6, 4.8.3, and other versions, when running in INET mode, allows remote attackers to read arbitrary files.... Read more

    Affected Products : interchange
    • EPSS Score: %4.30
    • Published: Sep. 05, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0859

    Buffer overflow in the OpenDataSource function of the Jet engine on Microsoft SQL Server 2000 allows remote attackers to execute arbitrary code.... Read more

    Affected Products : sql_server jet
    • EPSS Score: %35.66
    • Published: Sep. 05, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0632

    Vulnerability in SGI BDS (Bulk Data Service) BDSPro 2.4 and earlier allows clients to read arbitrary files on a BDS server.... Read more

    Affected Products : irix
    • EPSS Score: %0.71
    • Published: Sep. 05, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-0093

    Buffer overflow in ipcs for HP Tru64 UNIX 4.0f through 5.1a may allow attackers to execute arbitrary code, a different vulnerability than CVE-2001-0423.... Read more

    Affected Products : tru64
    • EPSS Score: %0.46
    • Published: Sep. 05, 2002
    • Modified: Apr. 03, 2025
Showing 20 of 291712 Results