Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2002-1478

    Cacti before 0.6.8 allows attackers to execute arbitrary commands via the "Data Input" option in console mode.... Read more

    Affected Products : cacti
    • Published: Apr. 22, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1477

    graphs.php in Cacti before 0.6.8 allows remote authenticated Cacti administrators to execute arbitrary commands via shell metacharacters in the title during edit mode.... Read more

    Affected Products : cacti
    • Published: Apr. 22, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-1482

    SQL injection vulnerability in login.php for phpGB 1.20 and earlier, when magic_quotes_gpc is not enabled, allows remote attackers to gain administrative privileges via SQL code in the password entry.... Read more

    Affected Products : phpgb
    • Published: Apr. 22, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-1466

    CafeLog b2 Weblog Tool 2.06pre4, with allow_fopen_url enabled, allows remote attackers to execute arbitrary PHP code via the b2inc variable.... Read more

    Affected Products : b2
    • Published: Apr. 22, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-1468

    Buffer overflow in errpt in AIX 4.3.3 allows local users to execute arbitrary code as root.... Read more

    Affected Products : aix
    • Published: Apr. 22, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1475

    Unknown vulnerability in the ARP component for HP Tru64 UNIX 4.0f, 4.0g, and 5.0a allows remote attackers to "take over packets destined for another host" and cause a denial of service.... Read more

    Affected Products : tru64
    • Published: Apr. 22, 2003
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2002-1473

    Multiple buffer overflows in lp subsystem for HP-UX 10.20 through 11.11 (11i) allow local users to cause a denial of service and possibly execute arbitrary code.... Read more

    Affected Products : hp-ux
    • Published: Apr. 22, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-1054

    mod_access_referer 1.0.2 allows remote attackers to cause a denial of service (crash) via a malformed Referer header that is missing a hostname, as parsed by the ap_parse_uri_components function in Apache, which triggers a null dereference.... Read more

    Affected Products : mod_access_referer
    • Published: Apr. 16, 2003
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2002-1439

    Unknown vulnerability related to stack corruption in the TGA daemon for HP-UX 11.04 (VVOS) Virtualvault 4.0, 4.5, and 4.6 may allow attackers to obtain access to system files.... Read more

    Affected Products : virtualvault vvos
    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-1406

    Unknown vulnerability in passwd for VVOS HP-UX 11.04, with unknown impact, related to "Unexpected behavior."... Read more

    Affected Products : hp-ux
    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2002-1414

    Buffer overflow in qmailadmin allows local users to gain privileges via a long QMAILADMIN_TEMPLATEDIR environment variable.... Read more

    Affected Products : qmailadmin
    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1441

    Multiple buffer overflows in Tomahawk SteelArrow before 4.5 allow remote attackers to execute arbitrary code via (1) the Steelarrow Service (Steelarrow.exe) using a long UserIdent Cookie header, (2) DLLHOST.EXE (Steelarrow.dll) via a request for a long .a... Read more

    Affected Products : steelarrow
    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-1409

    ptrace on HP-UX 11.00 through 11.11 allows local users to cause a denial of service (data page fault panic) via "an incorrect reference to thread register state."... Read more

    Affected Products : hp-ux
    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1418

    Buffer overflow in the interpreter for Novell NetBasic Scripting Server (NSN) for Netware 5.1 and 6, and Novell Small Business Suite 5.1 and 6, allows remote attackers to cause a denial of service (ABEND) via a long module name.... Read more

    Affected Products : netware small_business_suite
    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-1420

    Integer signedness error in select() on OpenBSD 3.1 and earlier allows local users to overwrite arbitrary kernel memory via a negative value for the size parameter, which satisfies the boundary check as a signed integer, but is later used as an unsigned i... Read more

    Affected Products : openbsd openbsd
    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-1440

    The Gateway GS-400 server has a default root password of "0001n" that can not be changed via the administrative interface, which can allow attackers to gain root privileges.... Read more

    Affected Products : gs-400
    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1435

    class.atkdateattribute.js.php in Achievo 0.7.0 through 0.9.1, except 0.8.2, allows remote attackers to execute arbitrary PHP code when the 'allow_url_fopen' setting is enabled via a URL in the config_atkroot parameter that points to the code.... Read more

    Affected Products : achievo
    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025

  • 6.8

    MEDIUM
    CVE-2002-1434

    Multiple cross-site scripting (XSS) vulnerabilities in the Web mail module of Kerio MailServer 5.0 allow remote attackers to execute HTML script as other users via certain URLs.... Read more

    Affected Products : kerio_mailserver
    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1443

    The Google toolbar 1.1.58 and earlier allows remote web sites to monitor a user's input into the toolbar via an "onkeydown" event handler.... Read more

    Affected Products : toolbar
    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1427

    The print_html_to_file function in edit.cgi for Easy Homepage Creator 1.0 does not check user credentials, which allows remote attackers to modify home pages of other users.... Read more

    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025
Showing 20 of 293507 Results