Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2003-0072

    The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and earlier allows remote, authenticated attackers to cause a denial of service (crash) on KDCs within the same realm using a certain protocol request that causes an out-of-bounds read of an arr... Read more

    Affected Products : kerberos_5 kerberos
    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-2003-0141

    The PNG deflate algorithm in RealOne Player 6.0.11.x and earlier, RealPlayer 8/RealPlayer Plus 8 6.0.9.584, and other versions allows remote attackers to corrupt the heap and overwrite arbitrary memory via a PNG graphic file format containing compressed d... Read more

    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0083

    Apache 1.3 before 1.3.25 and Apache 2.0 before version 2.0.46 does not filter terminal escape sequences from its access logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to ... Read more

    Affected Products : http_server
    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0179

    Buffer overflow in the COM Object Control Handler for Lotus Domino 6.0.1 and earlier allows remote attackers to execute arbitrary code via multiple attack vectors, as demonstrated using the InitializeUsingNotesUserName method in the iNotes ActiveX control... Read more

    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0152

    Unknown vulnerability in bonsai Mozilla CVS query tool allows remote attackers to execute arbitrary commands as the www-data user.... Read more

    Affected Products : bonsai
    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0168

    Buffer overflow in Apple QuickTime Player 5.x and 6.0 for Windows allows remote attackers to execute arbitrary code via a long QuickTime URL.... Read more

    Affected Products : quicktime
    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0181

    Lotus Domino Web Server (nhttp.exe) before 6.0.1 allows remote attackers to cause a denial of service via a "Fictionary Value Field POST request" as demonstrated using the s_Validation form with a long, unknown parameter name.... Read more

    Affected Products : lotus_domino_web_server
    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0153

    bonsai Mozilla CVS query tool leaks the absolute pathname of the tool in certain error messages generated by (1) cvslog.cgi, (2) cvsview2.cgi, or (3) multidiff.cgi.... Read more

    Affected Products : bonsai
    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-0091

    Stack-based buffer overflow in the bsd_queue() function for lpq on Solaris 2.6 and 7 allows local users to gain root privilege.... Read more

    Affected Products : solaris sunos
    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-0092

    Heap-based buffer overflow in dtsession for Solaris 2.5.1 through Solaris 9 allows local users to gain root privileges via a long HOME environment variable.... Read more

    Affected Products : solaris sunos
    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025

  • 3.6

    LOW
    CVE-2002-1518

    mv in IRIX 6.5 creates a directory with world-writable permissions while moving a directory, which could allow local users to modify files and directories.... Read more

    Affected Products : irix
    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1485

    The AIM component of Trillian 0.73 and 0.74 allows remote attackers to cause a denial of service (crash) via certain strings such as "P > O < C".... Read more

    Affected Products : trillian
    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1498

    Directory traversal vulnerability in SWServer 2.2 and earlier allows remote attackers to read arbitrary files via a URL containing .. sequences with "/" or "\" characters.... Read more

    Affected Products : swserver
    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-1506

    Buffer overflow in Linuxconf before 1.28r4 allows local users to execute arbitrary code via a long LINUXCONF_LANG environment variable, which overflows an error string that is generated.... Read more

    Affected Products : linuxconf
    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1505

    SQL injection vulnerability in board.php for WoltLab Burning Board (wBB) 2.0 RC 1 and earlier allows remote attackers to modify the database and possibly gain privileges via the boardid parameter.... Read more

    Affected Products : burning_board
    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-1514

    gds_lock_mgr in Borland InterBase allows local users to overwrite files and gain privileges via a symlink attack on a "isc_init1.X" temporary file, as demonstrated by modifying the xinetdbd file.... Read more

    Affected Products : interbase
    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1523

    Directory traversal vulnerability in Daniel Arenz Mini Server 2.1.6 allows remote attackers to read arbitrary files via (1) ../ (dot-dot slash) or (2) ..\ (dot-dot backslash) sequences.... Read more

    Affected Products : mini_server
    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-1521

    Web Server 4D (WS4D) 3.6 stores passwords in plaintext in the Ws4d.4DD file, which allows attackers to gain privileges.... Read more

    Affected Products : web_server_4d
    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-1502

    Symbolic link vulnerability in xbreaky before 0.5.5 allows local users to overwrite arbitrary files via a symlink from the user's .breakyhighscores file to the target file.... Read more

    Affected Products : xbreaky
    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2002-1494

    Cross-site scripting (XSS) vulnerabilities in Aestiva HTML/OS allows remote attackers to insert arbitrary HTML or script by inserting the script after a trailing / character, which inserts the script into the resulting error message.... Read more

    Affected Products : html_os
    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025
Showing 20 of 293508 Results