Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2002-0331

    Directory traversal vulnerability in the HTTP server for BPM Studio Pro 4.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTP request.... Read more

    Affected Products : bpm_studio_pro
    • EPSS Score: %3.06
    • Published: Jun. 25, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0352

    Phorum 3.3.2 allows remote attackers to determine the email addresses of the 10 most active users via a direct HTTP request to the stats.php program, which does not require authentication.... Read more

    Affected Products : phorum
    • EPSS Score: %0.58
    • Published: Jun. 25, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0324

    Greymatter 1.21c and earlier with the Bookmarklet feature enabled allows remote attackers to read a cleartext password and gain administrative privileges by guessing the name of a gmrightclick-*.reg file which contains the administrator name and password ... Read more

    Affected Products : graymatter
    • EPSS Score: %1.05
    • Published: Jun. 25, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1300

    Directory traversal vulnerability in Dynu FTP server 1.05 and earlier allows remote attackers to read arbitrary files via a .. in the CD (CWD) command.... Read more

    Affected Products : dynu_ftp_server
    • EPSS Score: %0.40
    • Published: Jun. 25, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0340

    Windows Media Player (WMP) 8.00.00.4477, and possibly other versions, automatically detects and executes .wmf and other content, even when the file's extension or content type does not specify .wmf, which could make it easier for attackers to conduct unau... Read more

    Affected Products : windows_media_player
    • EPSS Score: %4.11
    • Published: Jun. 25, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0312

    Directory traversal vulnerability in Essentia Web Server 2.1 allows remote attackers to read arbitrary files via a .. (dot dot) in a URL.... Read more

    Affected Products : essentia_web_server
    • EPSS Score: %3.01
    • Published: Jun. 25, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0347

    Directory traversal vulnerability in Cobalt RAQ 4 allows remote attackers to read password-protected files, and possibly files outside the web root, via a .. (dot dot) in an HTTP request.... Read more

    • EPSS Score: %7.64
    • Published: Jun. 25, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0325

    Directory traversal vulnerability in BadBlue before 1.6.1 allows remote attackers to read arbitrary files via a ... (modified dot dot) in the URL.... Read more

    Affected Products : badblue
    • EPSS Score: %6.72
    • Published: Jun. 25, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0319

    Cross-site scripting vulnerability in edituser.php for pforum 1.14 and earlier allows remote attackers to execute script and steal cookies from other users via Javascript in a username.... Read more

    Affected Products : pforum
    • EPSS Score: %8.22
    • Published: Jun. 25, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0338

    The Bat! 1.53d and 1.54beta, and possibly other versions, allows remote attackers to cause a denial of service (crash) via an attachment whose name includes an MS-DOS device name.... Read more

    Affected Products : the_bat
    • EPSS Score: %9.00
    • Published: Jun. 25, 2002
    • Modified: Apr. 03, 2025

  • 5.4

    MEDIUM
    CVE-2002-0337

    RealPlayer 8 allows remote attackers to cause a denial of service (CPU utilization) via malformed .mp3 files.... Read more

    Affected Products : realplayer
    • EPSS Score: %1.02
    • Published: Jun. 25, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0323

    comment2.jse in ScriptEase:WebServer allows remote attackers to read arbitrary files by specifying the target file as an argument in the URL.... Read more

    Affected Products : scriptease_webserver
    • EPSS Score: %0.38
    • Published: Jun. 25, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0329

    Cross-site scripting vulnerability in Snitz Forums 2000 3.3.03 and earlier allows remote attackers to execute arbitrary script as other Forums 2000 users via Javascript in an IMG tag.... Read more

    Affected Products : snitz_forums_2000
    • EPSS Score: %23.70
    • Published: Jun. 25, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0320

    Buffer overflow in Yahoo! Messenger 5.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long (1) message or (2) IMvironment field.... Read more

    Affected Products : messenger
    • EPSS Score: %10.31
    • Published: Jun. 25, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0314

    fasttrack p2p, as used in (1) KaZaA before 1.5, (2) grokster, and (3) morpheus allows remote attackers to cause a denial of service (memory exhaustion) via a series of client-to-client messages, which pops up new windows per message.... Read more

    Affected Products : grokster kazaa morpheus
    • EPSS Score: %0.74
    • Published: Jun. 25, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0317

    Gator ActiveX component (IEGator.dll) 3.0.6.1 allows remote web sites to install arbitrary software by specifying a Trojan Gator installation file (setup.ex_) in the src parameter.... Read more

    Affected Products : gator
    • EPSS Score: %0.44
    • Published: Jun. 25, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0354

    The XMLHttpRequest object (XMLHTTP) in Netscape 6.1 and Mozilla 0.9.7 allows remote attackers to read arbitrary files and list directories on a client system by opening a URL that redirects the browser to the file on the client, then reading the result us... Read more

    Affected Products : mozilla navigator
    • EPSS Score: %0.38
    • Published: Jun. 25, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-0335

    Buffer overflow in Galacticomm Worldgroup web server 3.20 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long HTTP GET request.... Read more

    • EPSS Score: %8.65
    • Published: Jun. 25, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0348

    service.cgi in Cobalt RAQ 4 allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long service argument.... Read more

    • EPSS Score: %5.59
    • Published: Jun. 25, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0313

    Buffer overflow in Essentia Web Server 2.1 allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long URL.... Read more

    Affected Products : essentia_web_server
    • EPSS Score: %10.21
    • Published: Jun. 25, 2002
    • Modified: Apr. 03, 2025
Showing 20 of 291634 Results