Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2002-0721

    Microsoft SQL Server 7.0 and 2000 installs with weak permissions for extended stored procedures that are associated with helper functions, which could allow unprivileged users, and possibly remote attackers, to run stored procedures with administrator pri... Read more

    Affected Products : sql_server sql_server data_engine
    • EPSS Score: %54.35
    • Published: Sep. 05, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1605

    Buffer overflow in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows attackers to execute arbitrary code via a long _XKB_CHARSET environment variable to (1) dxpause, (2) dxconsole, or (3) dtsession.... Read more

    Affected Products : hp-ux tru64
    • EPSS Score: %27.59
    • Published: Sep. 02, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1604

    Multiple buffer overflows in HP Tru64 UNIX allow local and possibly remote attackers to execute arbitrary code via a long NLSPATH environment variable to (1) csh, (2) dtsession, (3) dxsysinfo, (4) imapd, (5) inc, (6) uucp, (7) uux, (8) rdist, or (9) deliv... Read more

    Affected Products : hp-ux tru64
    • EPSS Score: %46.02
    • Published: Sep. 02, 2002
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2002-1607

    Buffer overflow in ypmatch in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to execute arbitrary code.... Read more

    Affected Products : hp-ux tru64
    • EPSS Score: %0.15
    • Published: Aug. 31, 2002
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2002-1608

    Buffer overflow in traceroute in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to execute arbitrary code.... Read more

    Affected Products : hp-ux tru64
    • EPSS Score: %0.15
    • Published: Aug. 31, 2002
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2002-1609

    Buffer overflow in binmail in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gain privileges.... Read more

    Affected Products : hp-ux tru64
    • EPSS Score: %0.13
    • Published: Aug. 30, 2002
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2002-1611

    Buffer overflow in quot in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gain privileges.... Read more

    Affected Products : hp-ux tru64
    • EPSS Score: %0.14
    • Published: Aug. 30, 2002
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2002-1606

    Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allow local users to gain privileges via (1) lpc, (2) lpd, (3) lpq, (4) lpr, or (5) lprm.... Read more

    Affected Products : hp-ux tru64
    • EPSS Score: %0.20
    • Published: Aug. 30, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-1610

    Unknown vulnerability in ping in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to cause a denial of service.... Read more

    Affected Products : hp-ux tru64
    • EPSS Score: %0.13
    • Published: Aug. 30, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1353

    LocalWEB2000 HTTP server 2.1.0 stores passwords in plain text under the web document root in users.lst, which allows remote attackers to obtain the passwords via a direct request to users.lst.... Read more

    Affected Products : localweb2000
    • EPSS Score: %0.36
    • Published: Aug. 29, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1451

    Blazix before 1.2.2 allows remote attackers to read source code of JSP scripts or list restricted web directories via an HTTP request that ends in a (1) "+" or (2) "\" (backslash) character.... Read more

    Affected Products : blazix
    • EPSS Score: %5.78
    • Published: Aug. 24, 2002
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2002-1444

    The Google toolbar 1.1.60, when running on Internet Explorer 5.5 and 6.0, allows remote attackers to cause a denial of service (crash with an exception in oleaut32.dll) via malicious HTML, possibly related to small width and height parameters or an incorr... Read more

    Affected Products : internet_explorer toolbar
    • EPSS Score: %17.10
    • Published: Aug. 15, 2002
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2002-1453

    Cross-site scripting (XSS) vulnerability in MyWebServer 1.0.2 allows remote attackers to insert script and HTML via a long request followed by the malicious script, which is echoed back to the user in an error message.... Read more

    Affected Products : mywebserver
    • EPSS Score: %0.66
    • Published: Aug. 14, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1452

    Buffer overflow in the search capability for MyWebServer 1.0.2 allows remote attackers to execute arbitrary code via a long searchTarget parameter.... Read more

    Affected Products : mywebserver
    • EPSS Score: %5.58
    • Published: Aug. 14, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0461

    Internet Explorer 5.01 through 6 allows remote attackers to cause a denial of service (application crash) via Javascript in a web page that calls location.replace on itself, causing a loop.... Read more

    Affected Products : internet_explorer
    • EPSS Score: %12.07
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-0469

    Ecartis (formerly Listar) 1.0.0 in snapshot 20020125 and earlier does not properly drop privileges when Ecartis is installed setuid-root, "lock-to-user" is not set, and ecartis is called by certain MTA's, which could allow local users to gain privileges.... Read more

    Affected Products : ecartis listar
    • EPSS Score: %0.15
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-0480

    ISS RealSecure for Nokia devices before IPSO build 6.0.2001.141d is configured to allow a user "skank" on a machine "starscream" to become a key manager when the "first time connection" feature is enabled and before any legitimate administrators have conn... Read more

    Affected Products : realsecure_nokia
    • EPSS Score: %0.99
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0520

    Cross-site scripting vulnerability in functions-inc.asp for ASP-Nuke RC1 allows remote attackers to execute script as other ASP-Nuke users by embedding it within an IMG tag.... Read more

    Affected Products : asp-nuke
    • EPSS Score: %1.08
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0731

    Cross-site scripting vulnerability in demonstration scripts for vqServer allows remote attackers to execute arbitrary script via a link that contains the script in arguments to demo scripts such as respond.pl.... Read more

    Affected Products : vqserver
    • EPSS Score: %3.06
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0735

    Format string vulnerability in the logging() function in C-Note Squid LDAP authentication module (squid_auth_LDAP) 2.0.2 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code by triggering log messages.... Read more

    Affected Products : nss_ldap pam_ldap squid_auth_ldap
    • EPSS Score: %2.34
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025
Showing 20 of 291722 Results