Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2003-0974

    Applied Watch Command Center allows remote attackers to conduct unauthorized activities without authentication, such as (1) add new users to a console, as demonstrated using appliedsnatch.c, or (2) add spurious IDS rules to sensors, as demonstrated using ... Read more

    Affected Products : applied_watch_command_center
    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0939

    eo420_GetStringFromVarPart in veo420.c for SAP database server (SAP DB) 7.4.03.27 and earlier may allow remote attackers to execute arbitrary code via a connect packet with a 256 byte segment to the niserver (aka serv.exe) process on TCP port 7269, which ... Read more

    Affected Products : sap_db
    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0945

    The Web Database Manager in web-tools for SAP DB before 7.4.03.30 generates predictable session IDs, which allows remote attackers to conduct unauthorized activities.... Read more

    Affected Products : sap_db
    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0971

    GnuPG (GPG) 1.0.2, and other versions up to 1.2.3, creates ElGamal type 20 (sign+encrypt) keys using the same key component for encryption as for signing, which allows attackers to determine the private key from a signature.... Read more

    Affected Products : privacy_guard
    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-0961

    Integer overflow in the do_brk function for the brk system call in Linux kernel 2.4.22 and earlier allows local users to gain root privileges.... Read more

    Affected Products : linux_kernel
    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0824

    Unknown vulnerability in the SmartHTML interpreter (shtml.dll) in Microsoft FrontPage Server Extensions 2000 and 2002, and Microsoft SharePoint Team Services 2002, allows remote attackers to cause a denial of service (response failure) via a certain reque... Read more

    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0962

    Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail.... Read more

    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0812

    Stack-based buffer overflow in a logging function for Windows Workstation Service (WKSSVC.DLL) allows remote attackers to execute arbitrary code via RPC calls that cause long entries to be written to a debug log file ("NetSetup.LOG"), as demonstrated usin... Read more

    Affected Products : windows_2000 windows_xp
    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0795

    The vty layer in Quagga before 0.96.4, and Zebra 0.93b and earlier, does not verify that sub-negotiation is taking place when processing the SE marker, which allows remote attackers to cause a denial of service (crash) via a malformed telnet command to th... Read more

    Affected Products : quagga linux propack zebra
    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-0938

    vos24u.c in SAP database server (SAP DB) 7.4.03.27 and earlier allows local users to gain SYSTEM privileges via a malicious "NETAPI32.DLL" in the current working directory, which is found and loaded by SAP DB before the real DLL, as demonstrated using the... Read more

    Affected Products : sap_db
    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-0947

    Buffer overflow in iwconfig, when installed setuid, allows local users to execute arbitrary code via a long OUT environment variable.... Read more

    Affected Products : wireless_tools
    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0970

    The Network Management Port on Sun Fire B1600 systems allows remote attackers to cause a denial of service (packet loss) via ARP packets, which cause all ports to become temporarily disabled.... Read more

    Affected Products : sun_fire
    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-0936

    Symantec PCAnywhere 10.x and 11, when started as a service, allows attackers to gain SYSTEM privileges via the help interface using AWHOST32.exe.... Read more

    Affected Products : pcanywhere
    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-1056

    The ed editor for Sun Solaris 2.6, 7, and 8 allows local users to create or overwrite arbitrary files via a symlink attack on temporary files.... Read more

    Affected Products : solaris sunos
    • Published: Dec. 11, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-1057

    Unknown vulnerability in CDE Print Viewer (dtprintinfo) for Sun Solaris 2.6 through 9 may allow local users to execute arbitrary code.... Read more

    Affected Products : solaris sunos
    • Published: Dec. 08, 2003
    • Modified: Apr. 03, 2025

  • 3.7

    LOW
    CVE-2003-1058

    The Xsun server for Sun Solaris 2.6 through 9, when running in Direct Graphics Access (DGA) mode, allows local users to cause a denial of service (Xsun crash) or to create or overwrite arbitrary files on the system, probably via a symlink attack on tempor... Read more

    Affected Products : solaris sunos
    • Published: Dec. 03, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-0834

    Buffer overflow in CDE libDtHelp library allows local users to execute arbitrary code via (1) a modified DTHELPUSERSEARCHPATH environment variable and the Help feature, (2) DTSEARCHPATH, or (3) LOGNAME.... Read more

    Affected Products : unixware open_unix
    • Published: Dec. 01, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0622

    The Administration Console for BEA Tuxedo 8.1 and earlier allows remote attackers to cause a denial of service (hang) via pathname arguments that contain MS-DOS device names such as CON and AUX.... Read more

    Affected Products : weblogic_server tuxedo
    • Published: Dec. 01, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0927

    Heap-based buffer overflow in Ethereal 0.9.15 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the SOCKS dissector.... Read more

    Affected Products : linux ethereal
    • Published: Dec. 01, 2003
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2003-0935

    Net-SNMP before 5.0.9 allows a user or community to access data in MIB objects, even if that data is not allowed to be viewed.... Read more

    Affected Products : net-snmp linux
    • Published: Dec. 01, 2003
    • Modified: Apr. 03, 2025
Showing 20 of 294537 Results