Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
  • 5.0

    MEDIUM
    CVE-2002-0794

    The accept_filter mechanism in FreeBSD 4 through 4.5 does not properly remove entries from the incomplete listen queue when adding a syncache, which allows remote attackers to cause a denial of service (network service availability) via a large number of ... Read more

    Affected Products : freebsd
    • EPSS Score: %0.90
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025
  • 5.0

    MEDIUM
    CVE-2002-0785

    AOL Instant Messenger (AIM) allows remote attackers to cause a denial of service (crash) via an "AddBuddy" link with the ScreenName parameter set to a large number of comma-separated values, possibly triggering a buffer overflow.... Read more

    Affected Products : instant_messenger
    • EPSS Score: %2.24
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025
  • 7.5

    HIGH
    CVE-2002-0764

    Phorum 3.3.2a allows remote attackers to execute arbitrary commands via an HTTP request to (1) plugin.php, (2) admin.php, or (3) del.php that modifies the PHORUM[settings_dir] variable to point to a directory that contains a PHP file with the commands.... Read more

    Affected Products : phorum
    • EPSS Score: %20.92
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025
  • 7.5

    HIGH
    CVE-2002-0758

    ifup-dhcp script in the sysconfig package for SuSE 8.0 allows remote attackers to execute arbitrary commands via spoofed DHCP responses, which are stored and executed in a file.... Read more

    Affected Products : suse_linux
    • EPSS Score: %1.09
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025
  • 10.0

    HIGH
    CVE-2002-0697

    Microsoft Metadirectory Services (MMS) 2.2 allows remote attackers to bypass authentication and modify sensitive data by using an LDAP client to directly connect to MMS and bypass the checks for MMS credentials.... Read more

    Affected Products : windows_2000 metadirectory_services
    • EPSS Score: %17.12
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025
  • 7.5

    HIGH
    CVE-2002-0825

    Buffer overflow in the DNS SRV code for nss_ldap before nss_ldap-198 allows remote attackers to cause a denial of service and possibly execute arbitrary code.... Read more

    Affected Products : nss_ldap
    • EPSS Score: %1.58
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025
  • 7.5

    HIGH
    CVE-2002-0660

    Buffer overflow in libpng 1.0.12-3.woody.2 and libpng3 1.2.1-1.1.woody.2 on Debian GNU/Linux 3.0, and other operating systems, may allow attackers to cause a denial of service and possibly execute arbitrary code, a different vulnerability than CVE-2002-07... Read more

    Affected Products : linux libpng libpng3
    • EPSS Score: %0.96
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025
  • 7.1

    HIGH
    CVE-2002-0813

    Heap-based buffer overflow in the TFTP server capability in Cisco IOS 11.1, 11.2, and 11.3 allows remote attackers to cause a denial of service (reset) or modify configuration via a long filename.... Read more

    Affected Products : ios
    • EPSS Score: %10.05
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025
  • 10.0

    HIGH
    CVE-2002-0427

    Buffer overflows in fpexec in mod_frontpage before 1.6.1 may allow attackers to gain root privileges.... Read more

    Affected Products : improved_mod_frontpage
    • EPSS Score: %0.47
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025
  • 7.5

    HIGH
    CVE-2002-0765

    sshd in OpenSSH 3.2.2, when using YP with netgroups and under certain conditions, may allow users to successfully authenticate and log in with another user's password.... Read more

    Affected Products : openssh openbsd
    • EPSS Score: %0.60
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025
  • 7.5

    HIGH
    CVE-2002-0738

    MHonArc 2.5.2 and earlier does not properly filter Javascript from archived e-mail messages, which could allow remote attackers to execute script in web clients by (1) splitting the SCRIPT tag into smaller pieces, (2) including the script in a SRC argumen... Read more

    Affected Products : mhonarc
    • EPSS Score: %1.14
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025
  • 7.5

    HIGH
    CVE-2002-0822

    Ethereal 0.9.4 and earlier allows remote attackers to cause a denial of service and possibly excecute arbitrary code via the (1) SOCKS, (2) RSVP, (3) AFS, or (4) LMP dissectors, which can be caused to core dump.... Read more

    Affected Products : linux ethereal
    • EPSS Score: %0.64
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025
  • 7.5

    HIGH
    CVE-2002-0749

    CGIscript.net csMailto.cgi allows remote attackers to execute arbitrary commands via shell metacharacters in the form-attachment field.... Read more

    Affected Products : csmailto
    • EPSS Score: %6.61
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025
  • 10.0

    HIGH
    CVE-2002-0495

    csSearch.cgi in csSearch 2.3 and earlier allows remote attackers to execute arbitrary Perl code via the savesetup command and the setup parameter, which overwrites the setup.cgi configuration file that is loaded by csSearch.cgi.... Read more

    Affected Products : cssearch_professional
    • EPSS Score: %15.15
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025
  • 5.0

    MEDIUM
    CVE-2002-0466

    Hosting Controller 1.4.1 and earlier allows remote attackers to browse arbitrary directories via a full C: style pathname in the filepath arguments to (1) Statsbrowse.asp, (2) servubrowse.asp, (3) browsedisk.asp, (4) browsewebalizerexe.asp, or (5) sqlbrow... Read more

    Affected Products : hosting_controller
    • EPSS Score: %0.77
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025
  • 7.5

    HIGH
    CVE-2002-0695

    Buffer overflow in the Transact-SQL (T-SQL) OpenRowSet component of Microsoft Data Access Components (MDAC) 2.5 through 2.7 for SQL Server 7.0 or 2000 allows remote attackers to execute arbitrary code via a query that calls the OpenRowSet command.... Read more

    • EPSS Score: %13.25
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025
  • 6.2

    MEDIUM
    CVE-2002-0638

    setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race conditio... Read more

    • EPSS Score: %0.08
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025
  • 7.2

    HIGH
    CVE-2000-1208

    Format string vulnerability in startprinting() function of printjob.c in BSD-based lpr lpd package may allow local users to gain privileges via an improper syslog call that uses format strings from the checkremote() call.... Read more

    Affected Products : netbsd openbsd linux immunix
    • EPSS Score: %0.05
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025
  • 7.5

    HIGH
    CVE-2002-0657

    Buffer overflow in OpenSSL 0.9.7 before 0.9.7-beta3, with Kerberos enabled, allows attackers to execute arbitrary code via a long master key.... Read more

    Affected Products : openssl
    • EPSS Score: %5.41
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025
  • 10.0

    HIGH
    CVE-2002-0467

    Buffer overflows in Ecartis (formerly Listar) 1.0.0 before snapshot 20020125 allows remote attackers to execute arbitrary code via (1) address_match() of mystring.c or (2) other functions in tolist.c.... Read more

    Affected Products : ecartis listar
    • EPSS Score: %21.83
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025
Showing 20 of 291562 Results