Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2002-0319

    Cross-site scripting vulnerability in edituser.php for pforum 1.14 and earlier allows remote attackers to execute script and steal cookies from other users via Javascript in a username.... Read more

    Affected Products : pforum
    • EPSS Score: %8.22
    • Published: Jun. 25, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0336

    Buffer overflow in Galacticomm Worldgroup FTP server 3.20 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a LIST command containing a large number of / (slash), * (wildcard), and .. characters.... Read more

    • EPSS Score: %7.31
    • Published: Jun. 25, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0321

    Yahoo! Messenger 5.0 allows remote attackers to spoof other users by modifying the username and using the spoofed username for social engineering or denial of service (flooding) attacks.... Read more

    Affected Products : messenger
    • EPSS Score: %2.33
    • Published: Jun. 25, 2002
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2002-0349

    Tiny Personal Firewall (TPF) 2.0.15, under certain configurations, will pop up an alert to the system even when the screen is locked, which could allow an attacker with physical access to the machine to hide activities or bypass access restrictions.... Read more

    Affected Products : tiny_personal_firewall
    • EPSS Score: %0.07
    • Published: Jun. 25, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0322

    Yahoo! Messenger 4.0 sends user passwords in cleartext, which could allow remote attackers to gain privileges of other users via sniffing.... Read more

    Affected Products : messenger
    • EPSS Score: %0.72
    • Published: Jun. 25, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-0327

    Buffer overflow in Century Software TERM allows local users to gain root privileges via a long tty argument to the callin program.... Read more

    Affected Products : term
    • EPSS Score: %0.13
    • Published: Jun. 25, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0344

    Symantec LiveUpdate 1.5 and earlier in Norton Antivirus stores usernames and passwords for a local LiveUpdate server in cleartext in the registry, which may allow remote attackers to impersonate the LiveUpdate server.... Read more

    Affected Products : liveupdate
    • EPSS Score: %1.15
    • Published: Jun. 25, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0345

    Symantec Ghost 7.0 stores usernames and passwords in plaintext in the NGServer\params registry key, which could allow an attacker to gain privileges.... Read more

    Affected Products : norton_ghost
    • EPSS Score: %0.61
    • Published: Jun. 25, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0006

    XChat 1.8.7 and earlier, including default configurations of 1.4.2 and 1.4.3, allows remote attackers to execute arbitrary IRC commands as other clients via encoded characters in a PRIVMSG command that calls CTCP PING, which expands the characters in the ... Read more

    Affected Products : xchat linux
    • EPSS Score: %8.63
    • Published: Jun. 25, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0611

    Directory traversal vulnerability in FileSeek.cgi allows remote attackers to read arbitrary files via a ....// (modified dot dot) in the (1) head or (2) foot parameters, which are not properly filtered.... Read more

    Affected Products : fileseek
    • EPSS Score: %5.45
    • Published: Jun. 18, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-0577

    Vulnerability in passwd for HP-UX 11.00 and 11.11 allows local users to corrupt the password file and cause a denial of service.... Read more

    Affected Products : hp-ux
    • EPSS Score: %0.10
    • Published: Jun. 18, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0590

    Cross-site scripting (CSS) vulnerability in IcrediBB 1.1 Beta allows remote attackers to execute arbitrary script and steal cookies as other IcrediBB users via the (1) title or (2) body of posts.... Read more

    Affected Products : icredibb
    • EPSS Score: %3.06
    • Published: Jun. 18, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0591

    Directory traversal vulnerability in AOL Instant Messenger (AIM) 4.8 beta and earlier allows remote attackers to create arbitrary files and execute commands via a Direct Connection with an IMG tag with a SRC attribute that specifies the target filename.... Read more

    Affected Products : instant_messenger
    • EPSS Score: %9.74
    • Published: Jun. 18, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0603

    Snapgear Lite+ firewall 1.5.3 allows remote attackers to cause a denial of service (IPSEC crash) via a zero length packet to UDP port 500.... Read more

    Affected Products : snapgear_lite\+_firewall
    • EPSS Score: %0.91
    • Published: Jun. 18, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0588

    PVote before 1.9 does not authenticate users for restricted operations, which allows remote attackers to add or delete polls by modifying parameters to (1) add.php or (2) del.php.... Read more

    Affected Products : pvote
    • EPSS Score: %5.05
    • Published: Jun. 18, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0592

    AOL Instant Messenger (AIM) allows remote attackers to steal files that are being transferred to other clients by connecting to port 4443 (Direct Connection) or port 5190 (file transfer) before the intended user.... Read more

    Affected Products : instant_messenger
    • EPSS Score: %0.72
    • Published: Jun. 18, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0608

    Buffer overflow in Matu FTP client 1.74 allows remote FTP servers to execute arbitrary code via a long "220" banner.... Read more

    Affected Products : matu_ftp
    • EPSS Score: %3.81
    • Published: Jun. 18, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0612

    FileSeek.cgi allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) head or (2) foot parameters.... Read more

    Affected Products : fileseek
    • EPSS Score: %9.92
    • Published: Jun. 18, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0589

    PVote before 1.9 allows remote attackers to change the administrative password and gain privileges by directly calling ch_info.php with the newpass and confirm parameters both set to the new password.... Read more

    Affected Products : pvote
    • EPSS Score: %6.41
    • Published: Jun. 18, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0598

    Format string vulnerability in Foundstone FScan 1.12 with banner grabbing enabled allows remote attackers to execute arbitrary code on the scanning system via format string specifiers in the server banner.... Read more

    Affected Products : fscan
    • EPSS Score: %4.33
    • Published: Jun. 18, 2002
    • Modified: Apr. 03, 2025
Showing 20 of 291625 Results