Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2002-0558

    Directory traversal vulnerability in TYPSoft FTP server 0.97.1 and earlier allows a remote authenticated user (possibly anonymous) to list arbitrary directories via a .. in a LIST (ls) command ending in wildcard *.* characters.... Read more

    Affected Products : typsoft_ftp_server
    • EPSS Score: %2.26
    • Published: Jul. 03, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0545

    Cisco Aironet before 11.21 with Telnet enabled allows remote attackers to cause a denial of service (reboot) via a series of login attempts with invalid usernames and passwords.... Read more

    Affected Products : aironet_ap350 aironet_ap340
    • EPSS Score: %0.87
    • Published: Jul. 03, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0563

    The default configuration of Oracle 9i Application Server 1.0.2.x allows remote anonymous users to access sensitive services without authentication, including Dynamic Monitoring Services (1) dms0, (2) dms/DMSDump, (3) servlet/DMSDump, (4) servlet/Spy, (5)... Read more

    • EPSS Score: %34.45
    • Published: Jul. 03, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0573

    Format string vulnerability in RPC wall daemon (rpc.rwalld) for Solaris 2.5.1 through 8 allows remote attackers to execute arbitrary code via format strings in a message that is not properly provided to the syslog function when the wall command cannot be ... Read more

    Affected Products : solaris sunos
    • EPSS Score: %47.42
    • Published: Jul. 03, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-0539

    Demarc PureSecure 1.05 allows remote attackers to gain administrative privileges via a SQL injection attack in a session ID that is stored in the s_key cookie.... Read more

    Affected Products : puresecure
    • EPSS Score: %0.70
    • Published: Jul. 03, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0535

    Cross-site scripting vulnerabilities in PostBoard 2.0.1 and earlier allows remote attackers to execute script as other users via (1) an [IMG] tag when BBCode is enabled, or (2) in a topic title.... Read more

    Affected Products : postnuke postboard
    • EPSS Score: %7.92
    • Published: Jul. 03, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0552

    Multiple buffer overflows in Melange Chat server 2.02 allow remote or local attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) a long argument in the /yell command, (2) long lines in the /etc/melange.conf configurat... Read more

    Affected Products : melange_chat_system
    • EPSS Score: %1.56
    • Published: Jul. 03, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-0572

    FreeBSD 4.5 and earlier, and possibly other BSD-based operating systems, allows local users to write to or read from restricted files by closing the file descriptors 0 (standard input), 1 (standard output), or 2 (standard error), which may then be reused ... Read more

    Affected Products : solaris sunos freebsd openbsd
    • EPSS Score: %0.28
    • Published: Jul. 03, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-0570

    The encrypted loop device in Linux kernel 2.4.10 and earlier does not authenticate the entity that is encrypting data, which allows local users to modify encrypted data without knowing the key.... Read more

    Affected Products : linux_kernel linux
    • EPSS Score: %0.12
    • Published: Jul. 03, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-0537

    The admin.html file in StepWeb Search Engine (SWS) 2.5 stores passwords in links to manager.pl, which allows remote attackers who can access the admin.html file to gain administrative privileges to SWS.... Read more

    Affected Products : sws
    • EPSS Score: %1.27
    • Published: Jul. 03, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-0542

    mail in OpenBSD 2.9 and 3.0 processes a tilde (~) escape character in a message even when it is not in interactive mode, which could allow local users to gain root privileges via calls to mail in cron.... Read more

    Affected Products : openbsd
    • EPSS Score: %0.36
    • Published: Jul. 03, 2002
    • Modified: Apr. 03, 2025

  • 5.4

    MEDIUM
    CVE-2002-0337

    RealPlayer 8 allows remote attackers to cause a denial of service (CPU utilization) via malformed .mp3 files.... Read more

    Affected Products : realplayer
    • EPSS Score: %1.02
    • Published: Jun. 25, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0319

    Cross-site scripting vulnerability in edituser.php for pforum 1.14 and earlier allows remote attackers to execute script and steal cookies from other users via Javascript in a username.... Read more

    Affected Products : pforum
    • EPSS Score: %8.22
    • Published: Jun. 25, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0347

    Directory traversal vulnerability in Cobalt RAQ 4 allows remote attackers to read password-protected files, and possibly files outside the web root, via a .. (dot dot) in an HTTP request.... Read more

    • EPSS Score: %7.64
    • Published: Jun. 25, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0338

    The Bat! 1.53d and 1.54beta, and possibly other versions, allows remote attackers to cause a denial of service (crash) via an attachment whose name includes an MS-DOS device name.... Read more

    Affected Products : the_bat
    • EPSS Score: %9.00
    • Published: Jun. 25, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0329

    Cross-site scripting vulnerability in Snitz Forums 2000 3.3.03 and earlier allows remote attackers to execute arbitrary script as other Forums 2000 users via Javascript in an IMG tag.... Read more

    Affected Products : snitz_forums_2000
    • EPSS Score: %23.70
    • Published: Jun. 25, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0352

    Phorum 3.3.2 allows remote attackers to determine the email addresses of the 10 most active users via a direct HTTP request to the stats.php program, which does not require authentication.... Read more

    Affected Products : phorum
    • EPSS Score: %0.58
    • Published: Jun. 25, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0331

    Directory traversal vulnerability in the HTTP server for BPM Studio Pro 4.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTP request.... Read more

    Affected Products : bpm_studio_pro
    • EPSS Score: %3.06
    • Published: Jun. 25, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0353

    The ASN.1 parser in Ethereal 0.9.2 and earlier allows remote attackers to cause a denial of service (crash) via a certain malformed packet, which causes Ethereal to allocate memory incorrectly, possibly due to zero-length fields.... Read more

    Affected Products : ethereal
    • EPSS Score: %1.48
    • Published: Jun. 25, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0332

    Buffer overflows in xtell (xtelld) 1.91.1 and earlier, and 2.x before 2.7, allows remote attackers to execute arbitrary code via (1) a long DNS hostname that is determined using reverse DNS lookups, (2) a long AUTH string, or (3) certain data in the xtell... Read more

    Affected Products : xtell
    • EPSS Score: %5.34
    • Published: Jun. 25, 2002
    • Modified: Apr. 03, 2025
Showing 20 of 291398 Results