Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.3

    MEDIUM
    CVE-2002-2321

    Cross-site scripting (XSS) vulnerability in (1) showcat.php and (2) addyoursite.php in phpLinkat 0.1.0 allows remote attackers to inject arbitrary web script or HTML via the catid parameter.... Read more

    Affected Products : phplinkat
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2002-2423

    Sendmail 8.12.0 through 8.12.6 truncates log messages longer than 100 characters, which allows remote attackers to prevent the IP address from being logged via a long IDENT response.... Read more

    Affected Products : sendmail
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2002-2414

    Opera 6.0.3, when using Squid 2.4 for HTTPS proxying, does not properly handle when accepting a non-global certificate authority (CA) certificate from a site and establishing a subsequent HTTPS connection, which allows remote attackers to cause a denial o... Read more

    Affected Products : squid opera
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 4.9

    MEDIUM
    CVE-2002-2405

    Check Point FireWall-1 4.1 and Next Generation (NG), with UserAuth configured to proxy HTTP traffic only, allows remote attackers to pass unauthorized HTTPS, FTP and possibly other traffic through the firewall.... Read more

    Affected Products : firewall-1
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-1927

    Aquonics File Manager 1.5 allows users with edit privileges to modify user accounts by editing the userlist.cgi file.... Read more

    Affected Products : aquonics_file_manager
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1730

    ASPjar Guestbook 1.00 allows remote attackers to delete arbitrary messages accessing the delete.asp administrative script with certain cookie values set to "true".... Read more

    Affected Products : aspjar_guestbook
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.8

    MEDIUM
    CVE-2002-2312

    Opera 6.0.1 allows remote attackers to upload arbitrary file contents when users press a key corresponding to the JavaScript (1) event.ctrlKey or (2) event.shiftKey onkeydown event contained in a webpage.... Read more

    Affected Products : opera
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-1854

    Rlaj whois CGI script (whois.cgi) 1.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the domain name field.... Read more

    Affected Products : rlaj_whois
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-2383

    SQL injection vulnerability in f2html.pl 0.1 through 0.4 allows remote attackers to execute arbitrary SQL commands via file names.... Read more

    Affected Products : f2html.pl
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-2034

    The Email Sanitizer before 1.133 for Procmail allows remote attackers to bypass the mail filter and execute arbitrary code via crafted recursive multipart MIME attachments.... Read more

    Affected Products : procmail_email_sanitizer
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-1980

    Buffer overflow in Volume Manager daemon (vold) of Sun Solaris 2.5.1 through 8 allows local users to execute arbitrary code via unknown attack vectors.... Read more

    Affected Products : solaris sunos
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2002-2318

    Cross-site scripting (XSS) vulnerability in Falcon web server 2.0.0.1009 through 2.0.0.1021 allows remote attackers to inject arbitrary web script or HTML via the URI, which is inserted into 301 error messages and executed by 404 error messages.... Read more

    Affected Products : falcon_web_server
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-1573

    Unspecified vulnerability in the pcilynx ieee1394 firewire driver (pcilynx.c) in Linux kernel before 2.4.20 has unknown impact and attack vectors, related to "wrap handling."... Read more

    Affected Products : linux_kernel
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1665

    Buffer overflow in Yahoo! Messenger before February 2002 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long set_buddygrp field.... Read more

    Affected Products : messenger
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1987

    Directory traversal vulnerability in view_source.jsp in Resin 2.1.2 allows remote attackers to read arbitrary files via a "\.." (backslash dot dot).... Read more

    Affected Products : resin
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1650

    The spell checker plugin (check_me.mod.php) for SquirrelMail before 1.2.3 allows remote attackers to execute arbitrary commands via a modified sqspell_command parameter.... Read more

    Affected Products : squirrelmail
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-2393

    Serv-U FTP server 3.0, 3.1 and 4.0.0.4 does not accept new connections while validating user folder access rights, which allows remote attackers to cause a denial of service (no new connections) via a series of MKD commands.... Read more

    Affected Products : serv-u_file_server
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2002-2341

    Cross-site scripting (XSS) vulnerability in content blocking in SonicWALL SOHO3 6.3.0.0 allows remote attackers to inject arbitrary web script or HTML via a blocked URL.... Read more

    Affected Products : soho3
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2002-1954

    Cross-site scripting (XSS) vulnerability in the phpinfo function in PHP 4.2.3 allows remote attackers to inject arbitrary web script or HTML via the query string argument, as demonstrated using soinfo.php.... Read more

    Affected Products : php
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2002-2107

    Cross-site scripting (XSS) vulnerability in the lookup script in Veridis OpenKeyServer (OKS) 1.2 allows remote attackers to inject arbitrary web script or HTML via the search parameter.... Read more

    Affected Products : openkeyserver
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025
Showing 20 of 293261 Results