Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2002-2111

    Fwmon before 1.0.10 allows remote attackers to cause a denial of service (crash) by causing the kernel to return a large packet.... Read more

    Affected Products : fwmon
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-2101

    Microsoft Outlook 2002 allows remote attackers to execute arbitrary JavaScript code, even when scripting is disabled, via an "about:" or "javascript:" URI in the href attribute of an "a" tag.... Read more

    Affected Products : outlook
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-2095

    Joe Testa hellbent 01 webserver allows attackers to read files that are specified in the hellbent.prefs file by creating a file with a similar name in the web root, as demonstrated using (1) index.webroot and (2) index.ipallow.... Read more

    Affected Products : hellbent
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-2127

    Integrity Protection Driver (IPD) 1.2 and earlier blocks access to \Device\PhysicalMemory by its name, which could allow local privileged processes to overwrite kernel memory by accessing the device through a symlink.... Read more

    Affected Products : integrity_protection_driver
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-2108

    Unknown vulnerability in the "VAIO Manual" software in certain Sony VAIO personal computers sold from November 2001 to January 2002, allows remote attackers to modify data via a web page or HTML e-mail.... Read more

    Affected Products : vaio_manual_cybersupport
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2002-2089

    Buffer overflow in rcp in Solaris 9.0 allows local users to execute arbitrary code via a long command line argument.... Read more

    Affected Products : solaris
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-2143

    The admin.html file in MySimple News 1.0 stores its administrative password in plaintext, which allows remote attackers to gain unauthorized access to the web server by viewing the source of admin.html.... Read more

    Affected Products : mysimplenews
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-2106

    PHP remote file inclusion vulnerability in WikkiTikkiTavi before 0.21 allows remote attackers to execute arbitrary PHP code via the TemplateDir variable, as demonstrated using conflict.php.... Read more

    Affected Products : wikkitikkitavi
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-2094

    Joe Testa hellbent 01 allows remote attackers to determine the full path of the web root directory via a GET request with a relative path that includes the root's parent, which generates a 403 error message if the parent is incorrect, but a normal respons... Read more

    Affected Products : hellbent
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-2083

    The Novell Netware client running on Windows 95 allows local users to bypass the login and open arbitrary files via the "What is this?" help feature, which can be launched from the Novell Netware login screen.... Read more

    Affected Products : netware
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-2130

    publish_xp_docs.php in Gallery 1.3.2 allows remote attackers to execute arbitrary PHP code by modifying the GALLERY_BASEDIR parameter to reference a URL on a remote web server that contains the code.... Read more

    Affected Products : gallery
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2002-2086

    Multiple cross-site scripting (XSS) vulnerabilities in magicHTML of SquirrelMail before 1.2.6 allow remote attackers to inject arbitrary web script or HTML via (1) "<<script" in unspecified input fields or (2) a javascript: URL in the src attribute of an ... Read more

    Affected Products : squirrelmail
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-2113

    search.cgi in AGH HTMLsearch 1.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the template parameter.... Read more

    Affected Products : htmlsearch
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2002-2087

    Buffer overflow in Borland InterBase 6.0 allows local users to execute arbitrary code via a long INTERBASE environment variable when calling (1) gds_drop, (2) gds_lock_mgr, or (3) gds_inet_server.... Read more

    Affected Products : interbase
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2002-2107

    Cross-site scripting (XSS) vulnerability in the lookup script in Veridis OpenKeyServer (OKS) 1.2 allows remote attackers to inject arbitrary web script or HTML via the search parameter.... Read more

    Affected Products : openkeyserver
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-2085

    Directory traversal vulnerability in page.cgi of WWWeBBB Forum 3.82 beta and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP request.... Read more

    Affected Products : wwwebbb_forum
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-2114

    Artekopia Netjuke before 1.0 b7 allows remote attackers to execute arbitrary code on the web server, possibly via the section parameter, which is passed to an eval call.... Read more

    Affected Products : netjuke
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-2093

    The Video Control Panel on SGI O2/IRIX 6.5, when the Default Input is set to "Output Video", allows attackers to access a console session by running videoout then videoin.... Read more

    Affected Products : irix
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-2065

    WebCalendar 0.9.34 and earlier with 'browsing in includes directory' enabled allows remote attackers to read arbitrary include files with .inc extensions from the web root.... Read more

    Affected Products : webcalendar
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-2117

    Microsoft Windows XP allows remote attackers to cause a denial of service (CPU consumption) by flooding UDP port 500 (ISAKMP).... Read more

    Affected Products : windows_xp
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025
Showing 20 of 292763 Results