Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2002-0171

    IRISconsole 2.0 may allow users to log into the icadmin account with an incorrect password in some circumstances, which could allow users to gain privileges.... Read more

    Affected Products : irisconsole
    • EPSS Score: %1.53
    • Published: May. 16, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-0198

    Buffer overflow in plDaniels ripMime 1.2.6 and earlier, as used in other programs such as xamime and inflex, allows remote attackers to execute arbitrary code via an attachment in a long filename.... Read more

    Affected Products : ripmime inflex
    • EPSS Score: %5.63
    • Published: May. 16, 2002
    • Modified: Apr. 03, 2025

  • 7.8

    HIGH
    CVE-2002-0184

    Sudo before 1.6.6 contains an off-by-one error that can result in a heap-based buffer overflow that may allow local users to gain root privileges via special characters in the -p (prompt) argument, which are not properly expanded.... Read more

    Affected Products : debian_linux sudo
    • EPSS Score: %0.21
    • Published: May. 16, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0230

    Cross-site scripting vulnerability in fom.cgi of Faq-O-Matic 2.712 allows remote attackers to execute arbitrary Javascript on other clients via the cmd parameter, which causes the script to be inserted into an error message.... Read more

    Affected Products : faq-o-matic
    • EPSS Score: %4.38
    • Published: May. 16, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0217

    Cross-site scripting (CSS) vulnerabilities in the Private Message System for XOOPS 1.0 RC1 allow remote attackers to execute Javascript on other web clients via (1) the Title field or a Private Message Box or (2) the image field parameter in pmlite.php.... Read more

    Affected Products : xoops
    • EPSS Score: %1.29
    • Published: May. 16, 2002
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2002-0196

    GetRelativePath in ACD Incorporated CwpAPI 1.1 only verifies if the server root is somewhere within the path, which could allow remote attackers to read or write files outside of the web root, in other directories whose path includes the web root.... Read more

    Affected Products : cwpapi
    • EPSS Score: %0.44
    • Published: May. 16, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-0210

    setlicense for TOLIS Group Backup and Restore Utility (BRU) 17.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/brutest.$$ temporary file.... Read more

    Affected Products : bru
    • EPSS Score: %0.14
    • Published: May. 16, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0200

    Cyberstop Web Server for Windows 0.1 allows remote attackers to cause a denial of service via an HTTP request for an MS-DOS device name.... Read more

    Affected Products : cyberstop_web_server
    • EPSS Score: %2.57
    • Published: May. 16, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0154

    Buffer overflows in extended stored procedures for Microsoft SQL Server 7.0 and 2000 allow remote attackers to cause a denial of service or execute arbitrary code via a database query with certain long arguments.... Read more

    Affected Products : sql_server sql_server
    • EPSS Score: %27.95
    • Published: May. 16, 2002
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2002-0157

    Nautilus 1.0.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on the .nautilus-metafile.xml metadata file.... Read more

    Affected Products : nautilus
    • EPSS Score: %0.07
    • Published: May. 16, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0197

    psyBNC 2.3 beta and earlier allows remote attackers to spoof encrypted, trusted messages by sending lines that begin with the "[B]" sequence, which makes the message appear legitimate.... Read more

    Affected Products : psybnc
    • EPSS Score: %0.87
    • Published: May. 16, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0231

    Buffer overflow in mIRC 5.91 and earlier allows a remote server to execute arbitrary code on the client via a long nickname.... Read more

    Affected Products : mirc
    • EPSS Score: %1.80
    • Published: May. 16, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0223

    Infopop UBB.Threads 5.4 and Wired Community Software WWWThreads 5.0 through 5.0.9 allows remote attackers to upload arbitrary files by using a filename that contains an accepted extension, but ends in a different extension.... Read more

    Affected Products : ultimate_bulletin_board wwwthreads
    • EPSS Score: %0.86
    • Published: May. 16, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0221

    Etype Eserv 2.97 allows remote attackers to cause a denial of service (resource exhaustion) via a large number of PASV commands that consume ports 1024 through 5000, which prevents the server from accepting valid PASV.... Read more

    Affected Products : eserv
    • EPSS Score: %0.74
    • Published: May. 16, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0227

    KICQ 2.0.0b1 allows remote attackers to cause a denial of service (crash) via a malformed message.... Read more

    Affected Products : kde kicq
    • EPSS Score: %4.72
    • Published: May. 16, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0215

    Agora.cgi 3.2r through 4.0 while in debug mode allows remote attackers to determine the full pathname of the agora.cgi file by requesting a non-existent .html file, which leaks the pathname in an error message.... Read more

    Affected Products : agora.cgi
    • EPSS Score: %8.20
    • Published: May. 16, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1056

    Microsoft Outlook 2000 and 2002, when configured to use Microsoft Word as the email editor, does not block scripts that are used while editing email messages in HTML or Rich Text Format (RTF), which could allow remote attackers to execute arbitrary script... Read more

    Affected Products : word outlook
    • EPSS Score: %16.38
    • Published: May. 16, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0203

    ttawebtop.cgi in Tarantella Enterprise 3.20 on SPARC Solaris and Linux, and 3.1x and 3.0x including 3.11.903, allows remote attackers to view directory contents via an empty pg parameter.... Read more

    Affected Products : tarantella_enterprise
    • EPSS Score: %0.71
    • Published: May. 16, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0229

    Safe Mode feature (safe_mode) in PHP 3.0 through 4.1.0 allows attackers with access to the MySQL database to bypass Safe Mode access restrictions and read arbitrary files using "LOAD DATA INFILE LOCAL" SQL statements.... Read more

    Affected Products : php
    • EPSS Score: %7.72
    • Published: May. 16, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0185

    mod_python version 2.7.6 and earlier allows a module indirectly imported by a published module to then be accessed via the publisher, which allows remote attackers to call possibly dangerous functions from the imported module.... Read more

    Affected Products : mod_python
    • EPSS Score: %4.63
    • Published: May. 16, 2002
    • Modified: Apr. 03, 2025
Showing 20 of 291401 Results