Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2002-0482

    Directory traversal vulnerability in PCI Netsupport Manager before version 7, when running web extensions, allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTP GET request.... Read more

    Affected Products : netsupport_manager
    • EPSS Score: %1.33
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 3.6

    LOW
    CVE-2002-0429

    The iBCS routines in arch/i386/kernel/traps.c for Linux kernels 2.4.18 and earlier on x86 systems allow local users to kill arbitrary processes via a a binary compatibility interface (lcall).... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.08
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2002-0512

    startkde in KDE for Caldera OpenLinux 2.3 through 3.1.1 sets the LD_LIBRARY_PATH environment variable to include the current working directory, which could allow local users to gain privileges of other users running startkde via Trojan horse libraries.... Read more

    • EPSS Score: %0.16
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0534

    PostBoard 2.0.1 and earlier with BBcode allows remote attackers to cause a denial of service (CPU consumption) and corrupt the database via null \0 characters within [code] tags.... Read more

    Affected Products : postboard
    • EPSS Score: %0.89
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-0744

    namerslv in AIX 4.3.3 core dumps when called with a very long argument, possibly as a result of a buffer overflow.... Read more

    Affected Products : aix
    • EPSS Score: %0.61
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0660

    Buffer overflow in libpng 1.0.12-3.woody.2 and libpng3 1.2.1-1.1.woody.2 on Debian GNU/Linux 3.0, and other operating systems, may allow attackers to cause a denial of service and possibly execute arbitrary code, a different vulnerability than CVE-2002-07... Read more

    Affected Products : linux libpng libpng3
    • EPSS Score: %0.96
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0825

    Buffer overflow in the DNS SRV code for nss_ldap before nss_ldap-198 allows remote attackers to cause a denial of service and possibly execute arbitrary code.... Read more

    Affected Products : nss_ldap
    • EPSS Score: %1.58
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-0427

    Buffer overflows in fpexec in mod_frontpage before 1.6.1 may allow attackers to gain root privileges.... Read more

    Affected Products : improved_mod_frontpage
    • EPSS Score: %0.47
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 7.1

    HIGH
    CVE-2002-0813

    Heap-based buffer overflow in the TFTP server capability in Cisco IOS 11.1, 11.2, and 11.3 allows remote attackers to cause a denial of service (reset) or modify configuration via a long filename.... Read more

    Affected Products : ios
    • EPSS Score: %10.05
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0656

    Buffer overflows in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allow remote attackers to execute arbitrary code via (1) a large client master key in SSL2 or (2) a large session ID in SSL3.... Read more

    • EPSS Score: %82.49
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0809

    Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, does not properly handle URL-encoded field names that are generated by some browsers, which could cause certain fields to appear to be unset, which has the effect of removing group permissions on bugs ... Read more

    Affected Products : bugzilla
    • EPSS Score: %0.41
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0452

    Foundry Networks ServerIron switches do not decode URIs when applying "url-map" rules, which could make it easier for attackers to cause the switch to forward traffic to a different server than intended and exploit vulnerabilities that would otherwise be ... Read more

    Affected Products : serveriron
    • EPSS Score: %0.53
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0655

    OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, does not properly handle ASCII representations of integers on 64 bit platforms, which could allow attackers to cause a denial of service and possibly execute arbitrary code.... Read more

    • EPSS Score: %0.61
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2000-1208

    Format string vulnerability in startprinting() function of printjob.c in BSD-based lpr lpd package may allow local users to gain privileges via an improper syslog call that uses format strings from the checkremote() call.... Read more

    Affected Products : netbsd openbsd linux immunix
    • EPSS Score: %0.05
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 6.2

    MEDIUM
    CVE-2002-0638

    setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race conditio... Read more

    • EPSS Score: %0.08
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0466

    Hosting Controller 1.4.1 and earlier allows remote attackers to browse arbitrary directories via a full C: style pathname in the filepath arguments to (1) Statsbrowse.asp, (2) servubrowse.asp, (3) browsedisk.asp, (4) browsewebalizerexe.asp, or (5) sqlbrow... Read more

    Affected Products : hosting_controller
    • EPSS Score: %0.77
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0644

    Buffer overflow in several Database Consistency Checkers (DBCCs) for Microsoft SQL Server 2000 and Microsoft Desktop Engine (MSDE) 2000 allows members of the db_owner and db_ddladmin roles to execute arbitrary code.... Read more

    Affected Products : sql_server sql_server data_engine
    • EPSS Score: %9.07
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-0467

    Buffer overflows in Ecartis (formerly Listar) 1.0.0 before snapshot 20020125 allows remote attackers to execute arbitrary code via (1) address_match() of mystring.c or (2) other functions in tolist.c.... Read more

    Affected Products : ecartis listar
    • EPSS Score: %21.83
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0657

    Buffer overflow in OpenSSL 0.9.7 before 0.9.7-beta3, with Kerberos enabled, allows attackers to execute arbitrary code via a long master key.... Read more

    Affected Products : openssl
    • EPSS Score: %5.41
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0847

    tinyproxy HTTP proxy 1.5.0, 1.4.3, and earlier allows remote attackers to execute arbitrary code via memory that is freed twice (double-free).... Read more

    Affected Products : tinyproxy
    • EPSS Score: %2.12
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025
Showing 20 of 291638 Results