Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2002-1527

    emumail.cgi in EMU Webmail 5.0 allows remote attackers to determine the full pathname for emumail.cgi via a malformed string containing script, which generates a regular expression matching error that includes the pathname in the resulting error message.... Read more

    Affected Products : emu_webmail
    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2002-1517

    fsr_efs in IRIX 6.5 allows local users to conduct unauthorized file activities via a symlink attack, possibly via the .fsrlast file.... Read more

    Affected Products : irix freeware
    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-1506

    Buffer overflow in Linuxconf before 1.28r4 allows local users to execute arbitrary code via a long LINUXCONF_LANG environment variable, which overflows an error string that is generated.... Read more

    Affected Products : linuxconf
    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1498

    Directory traversal vulnerability in SWServer 2.2 and earlier allows remote attackers to read arbitrary files via a URL containing .. sequences with "/" or "\" characters.... Read more

    Affected Products : swserver
    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1505

    SQL injection vulnerability in board.php for WoltLab Burning Board (wBB) 2.0 RC 1 and earlier allows remote attackers to modify the database and possibly gain privileges via the boardid parameter.... Read more

    Affected Products : burning_board
    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-1521

    Web Server 4D (WS4D) 3.6 stores passwords in plaintext in the Ws4d.4DD file, which allows attackers to gain privileges.... Read more

    Affected Products : web_server_4d
    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1522

    Buffer overflow in PowerFTP FTP server 2.24, and possibly other versions, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long USER argument.... Read more

    Affected Products : powerftp
    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1524

    Buffer overflow in XML parser in wsabi.dll of Winamp 3 (1.0.0.488) allows remote attackers to execute arbitrary code via a skin file (.wal) with a long include file tag.... Read more

    Affected Products : winamp
    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0162

    Ecartis 1.0.0 (formerly listar) before snapshot 20030227 allows remote attackers to reset passwords of other users and gain privileges by modifying hidden form fields in the HTML page.... Read more

    Affected Products : ecartis
    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1561

    The RPC component in Windows 2000, Windows NT 4.0, and Windows XP allows remote attackers to cause a denial of service (disabled RPC service) via a malformed packet to the RPC Endpoint Mapper at TCP port 135, which triggers a null pointer dereference.... Read more

    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-1520

    The CLI interface for WatchGuard Firebox Vclass 3.2 and earlier, and RSSA Appliance 3.0.2, does not properly close the SSH connection when a -N option is provided during authentication, which allows remote attackers to access CLI with administrator privil... Read more

    Affected Products : firebox rapidstream
    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-0091

    Stack-based buffer overflow in the bsd_queue() function for lpq on Solaris 2.6 and 7 allows local users to gain root privilege.... Read more

    Affected Products : solaris sunos
    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-0092

    Heap-based buffer overflow in dtsession for Solaris 2.5.1 through Solaris 9 allows local users to gain root privileges via a long HOME environment variable.... Read more

    Affected Products : solaris sunos
    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2002-1516

    rpcbind in SGI IRIX, when using the -w command line switch, allows local users to overwrite arbitrary files via a symlink attack.... Read more

    Affected Products : irix
    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0166

    Integer signedness error in emalloc() function for PHP before 4.3.2 allow remote attackers to cause a denial of service (memory consumption) and possibly execute arbitrary code via negative arguments to functions such as (1) socket_recv, (2) socket_recvfr... Read more

    Affected Products : php
    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2002-0030

    The digital signature mechanism for the Adobe Acrobat PDF viewer only verifies the PE header of executable code for a plug-in, which can allow attackers to execute arbitrary code in certified mode by making the plug-in appear to be signed by Adobe.... Read more

    Affected Products : acrobat acrobat_reader
    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0168

    Buffer overflow in Apple QuickTime Player 5.x and 6.0 for Windows allows remote attackers to execute arbitrary code via a long QuickTime URL.... Read more

    Affected Products : quicktime
    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0153

    bonsai Mozilla CVS query tool leaks the absolute pathname of the tool in certain error messages generated by (1) cvslog.cgi, (2) cvsview2.cgi, or (3) multidiff.cgi.... Read more

    Affected Products : bonsai
    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0181

    Lotus Domino Web Server (nhttp.exe) before 6.0.1 allows remote attackers to cause a denial of service via a "Fictionary Value Field POST request" as demonstrated using the s_Validation form with a long, unknown parameter name.... Read more

    Affected Products : lotus_domino_web_server
    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025

  • 3.6

    LOW
    CVE-2002-1518

    mv in IRIX 6.5 creates a directory with world-writable permissions while moving a directory, which could allow local users to modify files and directories.... Read more

    Affected Products : irix
    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025
Showing 20 of 293508 Results