Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2002-0580

    WorkforceROI Xpede 4.1 allows remote attackers to obtain the database username via a request to datasource.asp, which leaks the username in a form and allows the attacker to more easily conduct brute force password guessing attacks.... Read more

    Affected Products : xpede
    • EPSS Score: %0.85
    • Published: Jun. 18, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0604

    Snapgear Lite+ firewall 1.5.3 and 1.5.4 allows remote attackers to cause a denial of service (crash) via a large number of packets with malformed IP options.... Read more

    Affected Products : snapgear_lite\+_firewall
    • EPSS Score: %0.91
    • Published: Jun. 18, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0589

    PVote before 1.9 allows remote attackers to change the administrative password and gain privileges by directly calling ch_info.php with the newpass and confirm parameters both set to the new password.... Read more

    Affected Products : pvote
    • EPSS Score: %6.41
    • Published: Jun. 18, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0591

    Directory traversal vulnerability in AOL Instant Messenger (AIM) 4.8 beta and earlier allows remote attackers to create arbitrary files and execute commands via a Direct Connection with an IMG tag with a SRC attribute that specifies the target filename.... Read more

    Affected Products : instant_messenger
    • EPSS Score: %9.74
    • Published: Jun. 18, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0611

    Directory traversal vulnerability in FileSeek.cgi allows remote attackers to read arbitrary files via a ....// (modified dot dot) in the (1) head or (2) foot parameters, which are not properly filtered.... Read more

    Affected Products : fileseek
    • EPSS Score: %5.45
    • Published: Jun. 18, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0575

    Buffer overflow in OpenSSH before 2.9.9, and 3.x before 3.2.1, with Kerberos/AFS support and KerberosTgtPassing or AFSTokenPassing enabled, allows remote and local authenticated users to gain privileges.... Read more

    Affected Products : openssh
    • EPSS Score: %3.40
    • Published: Jun. 18, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-0389

    Pipermail in Mailman stores private mail messages with predictable filenames in a world-executable directory, which allows local users to read private mailing list archives.... Read more

    Affected Products : mailman
    • EPSS Score: %0.17
    • Published: Jun. 18, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0388

    Cross-site scripting vulnerabilities in Mailman before 2.0.11 allow remote attackers to execute script via (1) the admin login page, or (2) the Pipermail index summaries.... Read more

    Affected Products : mailman
    • EPSS Score: %3.15
    • Published: Jun. 18, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0603

    Snapgear Lite+ firewall 1.5.3 allows remote attackers to cause a denial of service (IPSEC crash) via a zero length packet to UDP port 500.... Read more

    Affected Products : snapgear_lite\+_firewall
    • EPSS Score: %0.91
    • Published: Jun. 18, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-0577

    Vulnerability in passwd for HP-UX 11.00 and 11.11 allows local users to corrupt the password file and cause a denial of service.... Read more

    Affected Products : hp-ux
    • EPSS Score: %0.10
    • Published: Jun. 18, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0590

    Cross-site scripting (CSS) vulnerability in IcrediBB 1.1 Beta allows remote attackers to execute arbitrary script and steal cookies as other IcrediBB users via the (1) title or (2) body of posts.... Read more

    Affected Products : icredibb
    • EPSS Score: %3.06
    • Published: Jun. 18, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0601

    ISS RealSecure Network Sensor 5.x through 6.5 allows remote attackers to cause a denial of service (crash) via malformed DHCP packets that cause RealSecure to dereference a null pointer.... Read more

    • EPSS Score: %1.31
    • Published: Jun. 18, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0578

    Buffer overflow in 4D WebServer 6.7.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an HTTP request with Basic Authentication containing a long (1) user name or (2) password.... Read more

    Affected Products : 4d_webserver
    • EPSS Score: %1.34
    • Published: Jun. 18, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0614

    PHP-Survey 20000615 and earlier stores the global.inc file under the web root, which allows remote attackers to obtain sensitive information, including database credentials, if .inc files are not preprocessed by the server.... Read more

    Affected Products : php-survey
    • EPSS Score: %0.81
    • Published: Jun. 18, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0608

    Buffer overflow in Matu FTP client 1.74 allows remote FTP servers to execute arbitrary code via a long "220" banner.... Read more

    Affected Products : matu_ftp
    • EPSS Score: %3.81
    • Published: Jun. 18, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0609

    Vulnerability in HP MPE/iX 6.0 through 7.0 allows attackers to cause a denial of service (system failure with "SA1457 out of i_port_timeout.fix_up_message_frame") via malformed IP packets.... Read more

    Affected Products : mpe_ix
    • EPSS Score: %1.52
    • Published: Jun. 18, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0607

    members.asp in Snitz Forums 2000 version 3.3.03 and earlier allows remote attackers to execute arbitrary code via a SQL injection attack on the parameters (1) M_NAME, (2) UserName, (3) FirstName, (4) LastName, or (5) INITIAL.... Read more

    Affected Products : snitz_forums_2000
    • EPSS Score: %1.74
    • Published: Jun. 18, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-0357

    Unknown vulnerability in rpc.passwd in the nfs.sw.nis subsystem of SGI IRIX 6.5.15 and earlier allows local users to gain root privileges.... Read more

    Affected Products : irix
    • EPSS Score: %0.09
    • Published: Jun. 18, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-0599

    Blahz-DNS 0.2 and earlier allows remote attackers to bypass authentication and modify configuration by directly requesting CGI programs such as dostuff.php instead of going through the login screen.... Read more

    Affected Products : blahz-dns
    • EPSS Score: %4.75
    • Published: Jun. 18, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0598

    Format string vulnerability in Foundstone FScan 1.12 with banner grabbing enabled allows remote attackers to execute arbitrary code on the scanning system via format string specifiers in the server banner.... Read more

    Affected Products : fscan
    • EPSS Score: %4.33
    • Published: Jun. 18, 2002
    • Modified: Apr. 03, 2025
Showing 20 of 291601 Results