Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2002-0614

    PHP-Survey 20000615 and earlier stores the global.inc file under the web root, which allows remote attackers to obtain sensitive information, including database credentials, if .inc files are not preprocessed by the server.... Read more

    Affected Products : php-survey
    • EPSS Score: %0.81
    • Published: Jun. 18, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0604

    Snapgear Lite+ firewall 1.5.3 and 1.5.4 allows remote attackers to cause a denial of service (crash) via a large number of packets with malformed IP options.... Read more

    Affected Products : snapgear_lite\+_firewall
    • EPSS Score: %0.91
    • Published: Jun. 18, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0601

    ISS RealSecure Network Sensor 5.x through 6.5 allows remote attackers to cause a denial of service (crash) via malformed DHCP packets that cause RealSecure to dereference a null pointer.... Read more

    • EPSS Score: %1.31
    • Published: Jun. 18, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0588

    PVote before 1.9 does not authenticate users for restricted operations, which allows remote attackers to add or delete polls by modifying parameters to (1) add.php or (2) del.php.... Read more

    Affected Products : pvote
    • EPSS Score: %5.05
    • Published: Jun. 18, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0592

    AOL Instant Messenger (AIM) allows remote attackers to steal files that are being transferred to other clients by connecting to port 4443 (Direct Connection) or port 5190 (file transfer) before the intended user.... Read more

    Affected Products : instant_messenger
    • EPSS Score: %0.72
    • Published: Jun. 18, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0575

    Buffer overflow in OpenSSH before 2.9.9, and 3.x before 3.2.1, with Kerberos/AFS support and KerberosTgtPassing or AFSTokenPassing enabled, allows remote and local authenticated users to gain privileges.... Read more

    Affected Products : openssh
    • EPSS Score: %3.40
    • Published: Jun. 18, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0403

    DNS dissector in Ethereal before 0.9.3 allows remote attackers to cause a denial of service (CPU consumption) via a malformed packet that causes Ethereal to enter an infinite loop.... Read more

    Affected Products : ethereal
    • EPSS Score: %1.82
    • Published: Jun. 18, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0404

    Vulnerability in GIOP dissector in Ethereal before 0.9.3 allows remote attackers to cause a denial of service (memory consumption).... Read more

    Affected Products : ethereal
    • EPSS Score: %1.82
    • Published: Jun. 18, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0400

    ISC BIND 9 before 9.2.1 allows remote attackers to cause a denial of service (shutdown) via a malformed DNS packet that triggers an error condition that is not properly handled when the rdataset parameter to the dns_message_findtype() function in message.... Read more

    Affected Products : bind
    • EPSS Score: %27.73
    • Published: Jun. 18, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0591

    Directory traversal vulnerability in AOL Instant Messenger (AIM) 4.8 beta and earlier allows remote attackers to create arbitrary files and execute commands via a Direct Connection with an IMG tag with a SRC attribute that specifies the target filename.... Read more

    Affected Products : instant_messenger
    • EPSS Score: %9.74
    • Published: Jun. 18, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0611

    Directory traversal vulnerability in FileSeek.cgi allows remote attackers to read arbitrary files via a ....// (modified dot dot) in the (1) head or (2) foot parameters, which are not properly filtered.... Read more

    Affected Products : fileseek
    • EPSS Score: %5.45
    • Published: Jun. 18, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-0389

    Pipermail in Mailman stores private mail messages with predictable filenames in a world-executable directory, which allows local users to read private mailing list archives.... Read more

    Affected Products : mailman
    • EPSS Score: %0.17
    • Published: Jun. 18, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0603

    Snapgear Lite+ firewall 1.5.3 allows remote attackers to cause a denial of service (IPSEC crash) via a zero length packet to UDP port 500.... Read more

    Affected Products : snapgear_lite\+_firewall
    • EPSS Score: %0.91
    • Published: Jun. 18, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0590

    Cross-site scripting (CSS) vulnerability in IcrediBB 1.1 Beta allows remote attackers to execute arbitrary script and steal cookies as other IcrediBB users via the (1) title or (2) body of posts.... Read more

    Affected Products : icredibb
    • EPSS Score: %3.06
    • Published: Jun. 18, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-0577

    Vulnerability in passwd for HP-UX 11.00 and 11.11 allows local users to corrupt the password file and cause a denial of service.... Read more

    Affected Products : hp-ux
    • EPSS Score: %0.10
    • Published: Jun. 18, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0598

    Format string vulnerability in Foundstone FScan 1.12 with banner grabbing enabled allows remote attackers to execute arbitrary code on the scanning system via format string specifiers in the server banner.... Read more

    Affected Products : fscan
    • EPSS Score: %4.33
    • Published: Jun. 18, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-0599

    Blahz-DNS 0.2 and earlier allows remote attackers to bypass authentication and modify configuration by directly requesting CGI programs such as dostuff.php instead of going through the login screen.... Read more

    Affected Products : blahz-dns
    • EPSS Score: %4.75
    • Published: Jun. 18, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0587

    Buffer overflow in Ns_PdLog function for the external database driver proxy daemon library (libnspd.a) of AOLServer 3.0 through 3.4.2 allows remote attackers to cause a denial of service or execute arbitrary code via the Error or Notice parameters.... Read more

    Affected Products : aol_server
    • EPSS Score: %1.90
    • Published: Jun. 18, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-0357

    Unknown vulnerability in rpc.passwd in the nfs.sw.nis subsystem of SGI IRIX 6.5.15 and earlier allows local users to gain root privileges.... Read more

    Affected Products : irix
    • EPSS Score: %0.09
    • Published: Jun. 18, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0581

    WorkforceROI Xpede 4.1 allows remote attackers to execute arbitrary SQL commands and read, modify, or steal credentials from the database via the Qry parameter in the sprc.asp script.... Read more

    Affected Products : xpede
    • EPSS Score: %1.65
    • Published: Jun. 18, 2002
    • Modified: Apr. 03, 2025
Showing 20 of 291400 Results