Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2002-0118

    Cross-site scripting vulnerability in Infopop Ultimate Bulletin Board (UBB) 6.2.0 Beta Release 1.0 allows remote attackers to execute arbitrary script and steal cookies via a message containing encoded Javascript in an IMG tag.... Read more

    Affected Products : ultimate_bulletin_board
    • EPSS Score: %3.06
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-0120

    Apple Palm Desktop 4.0b76 and 4.0b77 creates world-readable backup files and folders when a hotsync is performed, which could allow a local user to obtain sensitive information.... Read more

    Affected Products : palm_desktop
    • EPSS Score: %0.10
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0119

    Alcatel Speed Touch Home ADSL Modem allows remote attackers to cause a denial of service (reboot) via a network scan with unusual packets, such as nmap with OS detection.... Read more

    Affected Products : speed_touch_home
    • EPSS Score: %0.87
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0115

    Snort 1.8.3 does not properly define the minimum ICMP header size, which allows remote attackers to cause a denial of service (crash and core dump) via a malformed ICMP packet.... Read more

    Affected Products : snort
    • EPSS Score: %5.79
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0111

    Directory traversal vulnerability in Funsoft Dino's Webserver 1.2 and earlier allows remote attackers to read files or execute arbitrary commands via a .. (dot dot) in the URL.... Read more

    Affected Products : dinos_webserver
    • EPSS Score: %1.14
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0145

    chuid 1.2 and earlier does not properly verify the ownership of files that will be changed, which allows remote attackers to change files owned by other users, such as root.... Read more

    Affected Products : chuid
    • EPSS Score: %0.72
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0122

    Siemens 3568i WAP mobile phones allows remote attackers to cause a denial of service (crash) via an SMS message containing unusual characters.... Read more

    Affected Products : 3568i_wap
    • EPSS Score: %1.32
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0140

    Domain Name Relay Daemon (dnrd) 2.10 and earlier allows remote malicious DNS sites to cause a denial of service and possibly execute arbitrary code via a long or malformed DNS reply, which is not handled properly by parse_query, get_objectname, and possib... Read more

    Affected Products : dnrd
    • EPSS Score: %4.80
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-0130

    Buffer overflow in efax 0.9 and earlier, when installed setuid root, allows local users to execute arbitrary code via a long -x argument.... Read more

    Affected Products : efax
    • EPSS Score: %0.05
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0117

    Cross-site scripting vulnerability in Yet Another Bulletin Board (YaBB) 1 Gold SP 1 and earlier allows remote attackers to execute arbitrary script and steal cookies via a message containing encoded Javascript in an IMG tag.... Read more

    Affected Products : yabb
    • EPSS Score: %6.89
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0100

    AOL AOLserver 3.4.2 Win32 allows remote attackers to bypass authentication and read password-protected files via a URL that directly references the file.... Read more

    Affected Products : aol_server
    • EPSS Score: %0.66
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2002-0114

    EMC NetWorker (formerly Legato NetWorker) before 7.0 stores passwords in plaintext in the daemon.log file, which allows local users to gain privileges by reading the password from the file. NOTE: this was originally reported for Legato NetWorker 6.1 on t... Read more

    Affected Products : networker
    • EPSS Score: %0.07
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0097

    Geeklog 1.3 allows remote attackers to hijack user accounts, including the administrator account, by modifying the UID of a user's permanent cookie to the target account.... Read more

    Affected Products : geeklog
    • EPSS Score: %0.74
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-0137

    CDRDAO 1.1.4 and 1.1.5 allows local users to overwrite arbitrary files via a symlink attack on the $HOME/.cdrdao configuration file.... Read more

    Affected Products : cdrdao
    • EPSS Score: %0.12
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-0096

    The installation of Geeklog 1.3 creates an extra group_assignments record which is not properly deleted, which causes the first newly created user to be added to the GroupAdmin and UserAdmin groups, which could provide that user with administrative privil... Read more

    Affected Products : geeklog
    • EPSS Score: %0.05
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0101

    Microsoft Internet Explorer 6.0 and earlier allows local users to cause a denial of service via an infinite loop for modeless dialogs showModelessDialog, which causes CPU usage while the focus for the dialog is not released.... Read more

    Affected Products : internet_explorer
    • EPSS Score: %10.62
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2002-0103

    An installer program for Oracle9iAS Web Cache 2.0.0.x creates executable and configuration files with insecure permissions, which allows local users to gain privileges by (1) running webcached or (2) obtaining the administrator password from webcache.xml.... Read more

    • EPSS Score: %0.09
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0106

    BEA Systems Weblogic Server 6.1 allows remote attackers to cause a denial of service via a series of requests to .JSP files that contain an MS-DOS device name.... Read more

    Affected Products : weblogic_server
    • EPSS Score: %6.04
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0094

    config_converters.py in BSCW (Basic Support for Cooperative Work) 3.x and versions before 4.06 allows remote attackers to execute arbitrary commands via shell metacharacters in the file name during filename conversion.... Read more

    Affected Products : bscw
    • EPSS Score: %1.20
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1222

    Plesk Server Administrator (PSA) 1.0 allows remote attackers to obtain PHP source code via an HTTP request containing the target's IP address and a valid account name for the domain.... Read more

    Affected Products : plesk_server_administrator
    • EPSS Score: %2.26
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025
Showing 20 of 291384 Results