Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2002-0473

    db.php in phpBB 2.0 (aka phpBB2) RC-3 and earlier allows remote attackers to execute arbitrary code from remote servers via the phpbb_root_path parameter.... Read more

    Affected Products : phpbb
    • EPSS Score: %14.54
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-0740

    Buffer overflow in slrnpull for the SLRN package, when installed setuid or setgid, allows local users to gain privileges via a long -d (SPOOLDIR) argument.... Read more

    Affected Products : slrn
    • EPSS Score: %0.19
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0494

    Cross-site scripting vulnerability in WebSight Directory System 0.1 allows remote attackers to execute arbitrary Javascript and gain access to the WebSight administrator via a new link submission containing the script in a website name.... Read more

    Affected Products : websight_directory_system
    • EPSS Score: %0.87
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-0471

    PHPNetToolpack 0.1 allows remote attackers to execute arbitrary code via shell metacharacters in the a_query variable.... Read more

    Affected Products : phpnettoolpack
    • EPSS Score: %3.76
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0420

    Vulnerability in PureTLS before 0.9b2 related to injection attacks, which could possibly allow remote attackers to corrupt or hijack user sessions.... Read more

    Affected Products : puretls
    • EPSS Score: %1.40
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 6.9

    MEDIUM
    CVE-2002-0824

    BSD pppd allows local users to change the permissions of arbitrary files via a symlink attack on a file that is specified as a tty device.... Read more

    Affected Products : point-to-point_protocol_daemon
    • EPSS Score: %0.08
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2002-1445

    Cross-site scripting (XSS) vulnerability in CERN Proxy Server allows remote attackers to execute script as other users via a link to a non-existent page whose name contains the script, which is inserted into the resulting error page.... Read more

    Affected Products : cern_httpd
    • EPSS Score: %0.52
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0830

    Network File System (NFS) in FreeBSD 4.6.1 RELEASE-p7 and earlier, NetBSD 1.5.3 and earlier, and possibly other operating systems, allows remote attackers to cause a denial of service (hang) via an RPC message with a zero length payload, which causes NFS ... Read more

    Affected Products : freebsd
    • EPSS Score: %1.27
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0781

    RTSP proxy for Novell BorderManager 3.6 SP 1a allows remote attackers to cause a denial of service via a GET request to port 9090 followed by a series of carriage returns, which causes proxy.nlm to ABEND.... Read more

    Affected Products : bordermanager
    • EPSS Score: %0.68
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-0774

    Hosting Controller creates a default user AdvWebadmin with a default password, which could allow remote attackers to gain privileges if the password is not changed.... Read more

    Affected Products : hosting_controller
    • EPSS Score: %1.30
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-0532

    EMU Webmail allows local users to execute arbitrary programs via a .. (dot dot) in the HTTP Host header that points to a Trojan horse configuration file that contains a pageroot specifier that contains shell metacharacters.... Read more

    • EPSS Score: %0.05
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0531

    Directory traversal vulnerability in emumail.cgi in EMU Webmail 4.5.x and 5.1.0 allows remote attackers to read arbitrary files or list arbitrary directories via a .. (dot dot) in the type parameter.... Read more

    • EPSS Score: %2.30
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-2002-0521

    Cross-site scripting vulnerabilities in ASP-Nuke RC2 and earlier allow remote attackers to execute script or gain privileges as other ASP-Nuke users via script in (1) the name parameter in downloads.asp, (2) the message parameter in Post.asp, or (3) a web... Read more

    Affected Products : asp-nuke
    • EPSS Score: %1.41
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-0508

    wwwisis 3.45 and earlier allows remote attackers to execute arbitrary commands and read files via the parameters (1) prolog or (2) epilog.... Read more

    Affected Products : wwwisis
    • EPSS Score: %4.43
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0451

    filemanager_forms.php in PHProjekt 3.1 and 3.1a allows remote attackers to execute arbitrary PHP code by specifying the URL to the code in the lib_path parameter.... Read more

    Affected Products : phpprojekt
    • EPSS Score: %5.77
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-0777

    Buffer overflow in the LDAP component of Ipswitch IMail 7.1 and earlier allows remote attackers to execute arbitrary code via a long "bind DN" parameter.... Read more

    Affected Products : imail
    • EPSS Score: %42.29
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0426

    VPN Server module in Linksys EtherFast BEFVP41 Cable/DSL VPN Router before 1.40.1 reduces the key lengths for keys that are supplied via manual key entry, which makes it easier for attackers to crack the keys.... Read more

    Affected Products : befvp41
    • EPSS Score: %0.72
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0505

    Memory leak in the Call Telephony Integration (CTI) Framework authentication for Cisco CallManager 3.0 and 3.1 before 3.1(3) allows remote attackers to cause a denial of service (crash and reload) via a series of authentication failures, e.g. via incorrec... Read more

    Affected Products : call_manager
    • EPSS Score: %0.82
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0660

    Buffer overflow in libpng 1.0.12-3.woody.2 and libpng3 1.2.1-1.1.woody.2 on Debian GNU/Linux 3.0, and other operating systems, may allow attackers to cause a denial of service and possibly execute arbitrary code, a different vulnerability than CVE-2002-07... Read more

    Affected Products : linux libpng libpng3
    • EPSS Score: %0.96
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0825

    Buffer overflow in the DNS SRV code for nss_ldap before nss_ldap-198 allows remote attackers to cause a denial of service and possibly execute arbitrary code.... Read more

    Affected Products : nss_ldap
    • EPSS Score: %1.58
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025
Showing 20 of 291722 Results