Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2002-0209

    Nortel Alteon ACEdirector WebOS 9.0, with the Server Load Balancing (SLB) and Cookie-Based Persistence features enabled, allows remote attackers to determine the real IP address of a web server with a half-closed session, which causes ACEdirector to send ... Read more

    Affected Products : alteon_acedirector
    • EPSS Score: %6.75
    • Published: May. 16, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-0219

    Buffer overflow in (1) sastcpd in SAS/Base 8.0 and 8.1 or (2) objspawn in SAS/Integration Technologies 8.0 and 8.1 allows local users to execute arbitrary code via large command line argument.... Read more

    • EPSS Score: %0.15
    • Published: May. 16, 2002
    • Modified: Apr. 03, 2025

  • 6.2

    MEDIUM
    CVE-2002-0211

    Race condition in the installation script for Tarantella Enterprise 3 3.01 through 3.20 creates a world-writeable temporary "gunzip" program before executing it, which could allow local users to execute arbitrary commands by modifying the program before i... Read more

    Affected Products : tarantella_enterprise
    • EPSS Score: %0.17
    • Published: May. 16, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0205

    Cross-site scripting (CSS) vulnerability in error.asp for Plumtree Corporate Portal 3.5 through 4.5 allows remote attackers to execute arbitrary script on other clients via the "Description" parameter.... Read more

    Affected Products : plumtree_corporate_portal
    • EPSS Score: %0.74
    • Published: May. 16, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0216

    userinfo.php in XOOPS 1.0 RC1 allows remote attackers to obtain sensitive information via a SQL injection attack in the "uid" parameter.... Read more

    Affected Products : xoops
    • EPSS Score: %0.83
    • Published: May. 16, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0221

    Etype Eserv 2.97 allows remote attackers to cause a denial of service (resource exhaustion) via a large number of PASV commands that consume ports 1024 through 5000, which prevents the server from accepting valid PASV.... Read more

    Affected Products : eserv
    • EPSS Score: %0.74
    • Published: May. 16, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0154

    Buffer overflows in extended stored procedures for Microsoft SQL Server 7.0 and 2000 allow remote attackers to cause a denial of service or execute arbitrary code via a database query with certain long arguments.... Read more

    Affected Products : sql_server sql_server
    • EPSS Score: %27.95
    • Published: May. 16, 2002
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2002-0157

    Nautilus 1.0.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on the .nautilus-metafile.xml metadata file.... Read more

    Affected Products : nautilus
    • EPSS Score: %0.07
    • Published: May. 16, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-0172

    /dev/ipfilter on SGI IRIX 6.5 is installed by /dev/MAKEDEV with insecure default permissions (644), which could allow a local user to cause a denial of service (traffic disruption).... Read more

    Affected Products : irix
    • EPSS Score: %0.22
    • Published: May. 16, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0222

    Etype Eserv 2.97 allows remote attackers to redirect traffic to other sites (aka FTP bounce) via the PORT command.... Read more

    Affected Products : eserv
    • EPSS Score: %0.72
    • Published: May. 16, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1592

    The ap_log_rerror function in Apache 2.0 through 2.035, when a CGI application encounters an error, sends error messages to the client that include the full path for the server, which allows remote attackers to obtain sensitive information.... Read more

    Affected Products : http_server
    • EPSS Score: %4.84
    • Published: May. 06, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-1999-1570

    Buffer overflow in sar for OpenServer 5.0.5 allows local users to gain root privileges via a long -o parameter.... Read more

    Affected Products : openserver
    • EPSS Score: %0.05
    • Published: May. 01, 2002
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2002-1602

    Buffer overflow in the Braille module for GNU screen 3.9.11, when HAVE_BRAILLE is defined, allows local users to execute arbitrary code.... Read more

    Affected Products : screen
    • EPSS Score: %0.12
    • Published: Apr. 23, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0152

    Buffer overflow in various Microsoft applications for Macintosh allows remote attackers to cause a denial of service (crash) or execute arbitrary code by invoking the file:// directive with a large number of / characters, which affects Internet Explorer 5... Read more

    • EPSS Score: %22.55
    • Published: Apr. 22, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0159

    Format string vulnerability in the administration function in Cisco Secure Access Control Server (ACS) for Windows, 2.6.x and earlier and 3.x through 3.01 (build 40), allows remote attackers to crash the CSADMIN module only (denial of service of administ... Read more

    Affected Products : secure_access_control_server
    • EPSS Score: %2.34
    • Published: Apr. 22, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0037

    Lotus Domino Servers 5.x, 4.6x, and 4.5x allows attackers to bypass the intended Reader and Author access list for a document's object via a Notes API call (NSFDbReadObject) that directly accesses the object.... Read more

    Affected Products : lotus_domino_server
    • EPSS Score: %0.60
    • Published: Apr. 22, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-1621

    Buffer overflow in the file_comp function in rcp for IBM AIX 4.3.x and 5.1 allows remote attackers to execute arbitrary code.... Read more

    Affected Products : aix
    • EPSS Score: %26.37
    • Published: Apr. 22, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0147

    Buffer overflow in the ASP data transfer mechanism in Internet Information Server (IIS) 4.0, 5.0, and 5.1 allows remote attackers to cause a denial of service or execute code, aka "Microsoft-discovered variant of Chunked Encoding buffer overrun."... Read more

    • EPSS Score: %34.35
    • Published: Apr. 22, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0071

    Buffer overflow in the ism.dll ISAPI extension that implements HTR scripting in Internet Information Server (IIS) 4.0 and 5.0 allows attackers to cause a denial of service or execute arbitrary code via HTR requests with long variable names.... Read more

    • EPSS Score: %43.30
    • Published: Apr. 22, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0150

    Buffer overflow in Internet Information Server (IIS) 4.0, 5.0, and 5.1 allows remote attackers to spoof the safety check for HTTP headers and cause a denial of service or execute arbitrary code via HTTP header field values.... Read more

    • EPSS Score: %43.26
    • Published: Apr. 22, 2002
    • Modified: Apr. 03, 2025
Showing 20 of 291589 Results