Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.4

    MEDIUM
    CVE-2002-0710

    Directory traversal vulnerability in sendform.cgi 1.44 and earlier allows remote attackers to read arbitrary files by specifying the desired files in the BlurbFilePath parameter.... Read more

    Affected Products : sendform.cgi
    • EPSS Score: %4.60
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0698

    Buffer overflow in Internet Mail Connector (IMC) for Microsoft Exchange Server 5.5 allows remote attackers to execute arbitrary code via an EHLO request from a system with a long name as obtained through a reverse DNS lookup, which triggers the overflow i... Read more

    Affected Products : exchange_server
    • EPSS Score: %17.12
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0650

    The keep-alive mechanism for Microsoft SQL Server 2000 allows remote attackers to cause a denial of service (bandwidth consumption) via a "ping" style packet to the Resolution Service (UDP port 1434) with a spoofed IP address of another SQL Server system,... Read more

    Affected Products : sql_server sql_server
    • EPSS Score: %25.22
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0649

    Multiple buffer overflows in the Resolution Service for Microsoft SQL Server 2000 and Microsoft Desktop Engine 2000 (MSDE) allow remote attackers to cause a denial of service or execute arbitrary code via UDP packets to port 1434 in which (1) a 0x04 byte ... Read more

    Affected Products : sql_server sql_server data_engine
    • EPSS Score: %86.64
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0618

    The Macro Security Model in Microsoft Excel 2000 and 2002 for Windows allows remote attackers to execute code in the Local Computer zone by embedding HTML scripts within an Excel workbook that contains an XSL stylesheet, aka "Excel XSL Stylesheet Script E... Read more

    Affected Products : office excel
    • EPSS Score: %17.28
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-2002-0616

    The Macro Security Model in Microsoft Excel 2000 and 2002 for Windows allows remote attackers to execute code by attaching an inline macro to an object within an Excel workbook, aka the "Excel Inline Macros Vulnerability."... Read more

    Affected Products : office excel
    • EPSS Score: %10.82
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0814

    Buffer overflow in VMware Authorization Service for VMware GSX Server 2.0.0 build-2050 allows remote authenticated users to execute arbitrary code via a long GLOBAL argument.... Read more

    Affected Products : gsx_server
    • EPSS Score: %14.02
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0510

    The UDP implementation in Linux 2.4.x kernels keeps the IP Identification field at 0 for all non-fragmented packets, which could allow remote attackers to determine that a target system is running Linux.... Read more

    Affected Products : linux_kernel linux
    • EPSS Score: %1.04
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0504

    Cross-site scripting vulnerability in Citrix NFuse 1.6 and earlier does not quote results from the getLastError method, which allows remote attackers to execute script in other clients via the NFuse_Application parameter to (1) launch.jsp or (2) launch.as... Read more

    Affected Products : nfuse
    • EPSS Score: %6.16
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0483

    index.php for PHP-Nuke 5.4 and earlier allows remote attackers to determine the physical pathname of the web server when the file parameter is set to index.php, which triggers an error message that leaks the pathname.... Read more

    Affected Products : php-nuke
    • EPSS Score: %0.11
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0454

    Qpopper (aka in.qpopper or popper) 4.0.3 and earlier allows remote attackers to cause a denial of service (CPU consumption) via a very large string, which causes an infinite loop.... Read more

    Affected Products : qpopper
    • EPSS Score: %5.48
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2002-0422

    IIS 5 and 5.1 supporting WebDAV methods allows remote attackers to determine the internal IP address of the system (which may be obscured by NAT) via (1) a PROPFIND HTTP request with a blank Host header, which leaks the address in an HREF property in a 20... Read more

    Affected Products : internet_information_services
    • EPSS Score: %48.52
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0419

    Information leaks in IIS 4 through 5.1 allow remote attackers to obtain potentially sensitive information or more easily conduct brute force attacks via responses from the server in which (2) in certain configurations, the server IP address is provided as... Read more

    • EPSS Score: %47.26
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0413

    Cross-site scripting vulnerability in ReBB allows remote attackers to execute arbitrary Javascript and steal cookies via an IMG tag whose URL includes the malicious script.... Read more

    Affected Products : rebb
    • EPSS Score: %3.06
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-0416

    Buffer overflow in SH39 MailServer 1.21 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long command to the SMTP port.... Read more

    Affected Products : mailserver
    • EPSS Score: %5.38
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0428

    Check Point FireWall-1 SecuRemote/SecuClient 4.0 and 4.1 allows clients to bypass the "authentication timeout" by modifying the to_expire or expire values in the client's users.C configuration file.... Read more

    • EPSS Score: %0.46
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0411

    Cross-site scripting vulnerability in message.php for AeroMail before 1.45 allows remote attackers to execute Javascript as an AeroMail user via an email message with the script in the Subject line.... Read more

    Affected Products : aeromail
    • EPSS Score: %0.89
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0463

    home.php in ARSC (Really Simple Chat) 1.0.1 and earlier allows remote attackers to determine the full pathname of the web server via an invalid language in the arsc_language parameter, which leaks the pathname in an error message.... Read more

    Affected Products : arsc_really_simple_chat
    • EPSS Score: %0.66
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 7.6

    HIGH
    CVE-2002-0457

    Cross-site scripting vulnerability in signgbook.php for BG GuestBook 1.0 allows remote attackers to execute arbitrary Javascript via encoded tags such as <, >, and & in fields such as (1) name, (2) email, (3) AIM screen name, (4) website, (5) lo... Read more

    Affected Products : bg_guestbook
    • EPSS Score: %1.30
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0619

    The Mail Merge Tool in Microsoft Word 2002 for Windows, when Microsoft Access is present on a system, allows remote attackers to execute Visual Basic (VBA) scripts within a mail merge document that is saved in HTML format, aka a "Variant of MS00-071, Word... Read more

    Affected Products : office
    • EPSS Score: %19.69
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025
Showing 20 of 291756 Results