Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2004-0095

    McAfee ePolicy Orchestrator agent allows remote attackers to cause a denial of service (memory consumption and crash) and possibly execute arbitrary code via an HTTP POST request with an invalid Content-Length value, possibly triggering a buffer overflow.... Read more

    Affected Products : epolicy_orchestrator
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0989

    tcpdump before 3.8.1 allows remote attackers to cause a denial of service (infinite loop) via certain ISAKMP packets, a different vulnerability than CVE-2004-0057.... Read more

    Affected Products : linux tcpdump
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2003-1031

    Cross-site scripting (XSS) vulnerability in register.php for vBulletin 3.0 Beta 2 allows remote attackers to inject arbitrary HTML or web script via optional fields such as (1) "Interests-Hobbies", (2) "Biography", or (3) "Occupation."... Read more

    Affected Products : vbulletin
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0065

    Multiple SQL injection vulnerabilities in phpGedView before 2.65 allow remote attackers to execute arbitrary SQL via (1) timeline.php and (2) placelist.php.... Read more

    Affected Products : phpgedview
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0072

    Directory traversal vulnerability in Accipiter Direct Server 6.0 allows remote attackers to read arbitrary files via encoded \.. (backslash .., "%5c%2e%2e") sequences in an HTTP request.... Read more

    Affected Products : accipiter_direct_server
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2003-0819

    Buffer overflow in the H.323 filter of Microsoft Internet Security and Acceleration Server 2000 allows remote attackers to execute arbitrary code in the Microsoft Firewall Service via certain H.323 traffic, as demonstrated by the NISCC/OUSPG PROTOS test s... Read more

    Affected Products : proxy_server
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 6.8

    MEDIUM
    CVE-2003-0965

    Cross-site scripting (XSS) vulnerability in the admin CGI script for Mailman before 2.1.4 allows remote attackers to steal session cookies and conduct unauthorized activities.... Read more

    Affected Products : mailman
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2004-0074

    Multiple buffer overflows in xsok 1.02 allows local users to gain privileges via (1) a long LANG environment variable, or (2) a long -xsokdir command line argument, a different vulnerability than CVE-2003-0949.... Read more

    Affected Products : xsok
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 3.7

    LOW
    CVE-2003-0924

    netpbm 9.25 and earlier does not properly create temporary files, which allows local users to overwrite arbitrary files.... Read more

    Affected Products : netpbm
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0988

    Buffer overflow in the VCF file information reader for KDE Personal Information Management (kdepim) suite in KDE 3.1.0 through 3.1.4 allows attackers to execute arbitrary code via a VCF file.... Read more

    Affected Products : linux kde
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2004-0064

    The SuSEconfig.gnome-filesystem script for YaST in SuSE 9.0 allows local users to overwrite arbitrary files via a symlink attack on files within the tmp.SuSEconfig.gnome-filesystem.$RANDOM temporary directory.... Read more

    Affected Products : suse_linux
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2004-0001

    Unknown vulnerability in the eflags checking in the 32-bit ptrace emulation for the Linux kernel on AMD64 systems allows local users to gain privileges.... Read more

    Affected Products : linux_kernel
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 6.8

    MEDIUM
    CVE-2004-0049

    Helix Universal Server/Proxy 9 and Mobile Server 10 allow remote attackers to cause a denial of service via certain HTTP POST messages to the Administration System port.... Read more

    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0054

    Multiple vulnerabilities in the H.323 protocol implementation for Cisco IOS 11.3T through 12.2T allow remote attackers to cause a denial of service and possibly execute arbitrary code, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 pro... Read more

    Affected Products : ios
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2004-0091

    NOTE: this issue has been disputed by the vendor. Cross-site scripting (XSS) vulnerability in register.php for unknown versions of vBulletin allows remote attackers to inject arbitrary HTML or web script via the reg_site (or possibly regsite) parameter. ... Read more

    Affected Products : vbulletin
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0070

    PHP remote file inclusion vulnerability in module.php for ezContents allows remote attackers to execute arbitrary PHP code by modifying the link parameter to reference a URL on a remote web server that contains the code.... Read more

    Affected Products : ezcontents
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0061

    WWW File Share Pro 2.42 and earlier allows remote attackers to bypass directory access restrictions via (1) a URL with a trailing . (dot), or (2) a URI with a leading slash or backslash character.... Read more

    Affected Products : www_file_share_pro
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2004-0057

    The rawprint function in the ISAKMP decoding routines (print-isakmp.c) for tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (segmentation fault) via malformed ISAKMP packets that cause invalid "len" or "loc" values to be used... Read more

    Affected Products : tcpdump
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0063

    The SPP_VerifyPVV function in nCipher payShield SPP library 1.3.12, 1.5.18 and 1.6.18 returns a Status_OK value even if the HSM returns a different status code, which could cause applications to make incorrect security-critical decisions, e.g. by acceptin... Read more

    Affected Products : payshield_spp_library
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2004-0073

    PHP remote file inclusion vulnerability in (1) config.php and (2) config_page.php for EasyDynamicPages 2.0 allows remote attackers to execute arbitrary PHP code by modifying the edp_relative_path parameter to reference a URL on a remote web server that co... Read more

    Affected Products : easydynamicpages
    • Published: Feb. 17, 2004
    • Modified: Apr. 03, 2025
Showing 20 of 294824 Results