Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2002-0008

    Bugzilla before 2.14.1 allows remote attackers to (1) spoof a user comment via an HTTP request to process_bug.cgi using the "who" parameter, instead of the Bugzilla_login cookie, or (2) post a bug as another user by modifying the reporter parameter to ent... Read more

    Affected Products : bugzilla
    • EPSS Score: %2.14
    • Published: Jan. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0046

    Linux kernel, and possibly other operating systems, allows remote attackers to read portions of memory via a series of fragmented ICMP packets that generate an ICMP TTL Exceeded response, which includes portions of the memory in the response packet.... Read more

    Affected Products : linux_kernel linux
    • EPSS Score: %1.20
    • Published: Jan. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0011

    Information leak in doeditvotes.cgi in Bugzilla before 2.14.1 may allow remote attackers to more easily conduct attacks on the login.... Read more

    Affected Products : bugzilla
    • EPSS Score: %0.93
    • Published: Jan. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2001-0891

    Format string vulnerability in NQS daemon (nqsdaemon) in NQE 3.3.0.16 for CRAY UNICOS and SGI IRIX allows a local user to gain root privileges by using qsub to submit a batch job whose name contains formatting characters.... Read more

    Affected Products : unicos nqsdaemon
    • EPSS Score: %0.05
    • Published: Jan. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0009

    show_bug.cgi in Bugzilla before 2.14.1 allows a user with "Bugs Access" privileges to see other products that are not accessible to the user, by submitting a bug and reading the resulting Product pulldown menu.... Read more

    Affected Products : bugzilla
    • EPSS Score: %0.86
    • Published: Jan. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1457

    Buffer overflow in CrazyWWWBoard 2000p4 and 2000LEp5 allows remote attackers to execute arbitrary code via a long HTTP_USER_AGENT CGI environment variable.... Read more

    Affected Products : crazywwwboard
    • EPSS Score: %6.03
    • Published: Jan. 30, 2002
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2001-0887

    xSANE 0.81 and earlier allows local users to modify files of other xSANE users via a symlink attack on temporary files.... Read more

    Affected Products : linux xsane
    • EPSS Score: %0.08
    • Published: Jan. 15, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-1999-1091

    UNIX news readers tin and rtin create the /tmp/.tin_log file with insecure permissions and follow symlinks, which allows attackers to modify the permissions of files writable by the user via a symlink attack.... Read more

    Affected Products : tin rtin
    • EPSS Score: %0.52
    • Published: Jan. 15, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-1999-1081

    Vulnerability in files.pl script in Novell WebServer Examples Toolkit 2 allows remote attackers to read arbitrary files.... Read more

    Affected Products : web_server
    • EPSS Score: %1.77
    • Published: Jan. 15, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0077

    Microsoft Internet Explorer 5.01, 5.5 and 6.0 treats objects invoked on an HTML page with the codebase property as part of Local Computer zone, which allows remote attackers to invoke executables present on the local system through objects such as the pop... Read more

    Affected Products : internet_explorer
    • EPSS Score: %8.14
    • Published: Jan. 13, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-0061

    Buffer overflow in passwd for HP UX B.10.20 allows local users to execute arbitrary commands with root privileges via a long LANG environment variable.... Read more

    Affected Products : hp-ux
    • EPSS Score: %0.08
    • Published: Jan. 11, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1595

    Cisco SN 5420 Storage Router 1.1(5) and earlier allows attackers to read configuration files without authorization.... Read more

    Affected Products : sn_5420_storage_router_firmware
    • EPSS Score: %0.39
    • Published: Jan. 09, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1596

    Cisco SN 5420 Storage Router 1.1(5) and earlier allows remote attackers to cause a denial of service (router crash) via an HTTP request with large headers.... Read more

    Affected Products : sn_5420_storage_router_firmware
    • EPSS Score: %0.84
    • Published: Jan. 09, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1600

    Directory traversal vulnerability in Mike Spice's My Classifieds (classifieds.cgi) before 1.3 allows remote attackers to overwrite arbitrary files via the category parameter.... Read more

    Affected Products : my_classifieds
    • EPSS Score: %1.16
    • Published: Jan. 09, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1597

    Cisco SN 5420 Storage Router 1.1(5) and earlier allows remote attackers to cause a denial of service (halt) via a fragmented packet to the Gigabit interface.... Read more

    Affected Products : sn_5420_storage_router_firmware
    • EPSS Score: %1.00
    • Published: Jan. 09, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-1594

    Buffer overflow in (1) grpck and (2) pwck, if installed setuid on a system as recommended in some AIX documentation, may allow local users to gain privileges via a long command line argument.... Read more

    Affected Products : grpck pwck
    • EPSS Score: %0.14
    • Published: Jan. 02, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1540

    IPRoute 0.973, 0.974 and 1.18 allows remote attackers to cause a denial of service via fragmented IP packets that split the TCP header.... Read more

    Affected Products : iproute
    • EPSS Score: %0.66
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-1578

    Unknown vulnerability in SCO OpenServer 5.0.6 and earlier allows local users to modify critical information such as certain CPU registers and segment descriptors.... Read more

    Affected Products : openserver
    • EPSS Score: %0.08
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-1527

    easyNews 1.5 and earlier stores administration passwords in cleartext in settings.php, which allows local users to obtain the passwords and gain access.... Read more

    Affected Products : easynews
    • EPSS Score: %0.06
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1525

    Directory traversal vulnerability in the comments action in easyNews 1.5 and earlier allows remote attackers to modify news.dat, template.dat and possibly other files via a ".." in the cid parameter.... Read more

    Affected Products : easynews
    • EPSS Score: %4.43
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025
Showing 20 of 291384 Results