Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2003-0075

    Integer signedness error in the myFseek function of samplein.c for Blade encoder (BladeEnc) 0.94.2 and earlier allows remote attackers to execute arbitrary code via a negative offset value following a "fmt" wave chunk.... Read more

    Affected Products : bladeenc
    • Published: Feb. 19, 2003
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2003-0046

    AbsoluteTelnet SSH2 client does not clear logon credentials from memory, including plaintext passwords, which could allow attackers with access to memory to steal the SSH credentials.... Read more

    Affected Products : absolutetelnet
    • Published: Feb. 19, 2003
    • Modified: Apr. 03, 2025

  • 3.6

    LOW
    CVE-2003-0018

    Linux kernel 2.4.10 through 2.4.21-pre4 does not properly handle the O_DIRECT feature, which allows local attackers with write privileges to read portions of previously deleted files, or cause file system corruption.... Read more

    Affected Products : linux_kernel linux
    • Published: Feb. 19, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-0074

    Format string vulnerability in mpmain.c for plpnfsd of the plptools package allows remote attackers to execute arbitrary code via the functions (1) debuglog, (2) errorlog, and (3) infolog.... Read more

    Affected Products : plptools
    • Published: Feb. 19, 2003
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2002-1508

    slapd in OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allows local users to overwrite arbitrary files via a race condition during the creation of a log file for rejected replication requests.... Read more

    Affected Products : openldap
    • Published: Feb. 19, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-1328

    The showHelp() function in Microsoft Internet Explorer 5.01, 5.5, and 6.0 supports certain types of pluggable protocols that allow remote attackers to bypass the cross-domain security model and execute arbitrary code, aka "Improper Cross Domain Security V... Read more

    Affected Products : internet_explorer ie
    • Published: Feb. 19, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0040

    SQL injection vulnerability in the PostgreSQL auth module for courier 0.40 and earlier allows remote attackers to execute SQL code via the user name.... Read more

    Affected Products : courier_mta courier-imap
    • Published: Feb. 19, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0669

    The web interface for Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 allows administrators to cause a denial of service by modifying the SIP_AUTHENTICATE_SCHEME value to force authentication of incoming calls, which does not notify th... Read more

    Affected Products : xpressa
    • Published: Feb. 19, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-1079

    Unknown vulnerability in UDP RPC for Solaris 2.5.1 through 9 for SPARC, and 2.5.1 through 8 for x86, allows remote attackers to cause a denial of service (memory consumption) via certain arguments in RPC calls that cause large amounts of memory to be allo... Read more

    Affected Products : solaris sunos
    • Published: Feb. 18, 2003
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2003-1080

    Unknown vulnerability in mail for Solaris 2.6 through 9 allows local users to read the email of other users.... Read more

    Affected Products : solaris sunos
    • Published: Feb. 11, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-0035

    Buffer overflow in escputil, as included in the printer-drivers package in Mandrake Linux, allows local users to execute arbitrary code via a long printer-name command line argument.... Read more

    Affected Products : escputil
    • Published: Feb. 07, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0003

    Buffer overflow in the RPC Locator service for Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows local users to execute arbitrary code via an RPC call to the service containing certain parameter informat... Read more

    • Published: Feb. 07, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0017

    Apache 2.0 before 2.0.44 on Windows platforms allows remote attackers to obtain certain files via an HTTP request that ends in certain illegal characters such as ">", which causes a different filename to be processed and served.... Read more

    Affected Products : http_server
    • Published: Feb. 07, 2003
    • Modified: Apr. 03, 2025

  • 6.2

    MEDIUM
    CVE-2003-0036

    ml85p, as included in the printer-drivers package for Mandrake Linux, allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable filenames of the form "mlg85p%d".... Read more

    Affected Products : ml85p
    • Published: Feb. 07, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0027

    Directory traversal vulnerability in Sun Kodak Color Management System (KCMS) library service daemon (kcms_server) allows remote attackers to read arbitrary files via the KCS_OPEN_PROFILE procedure.... Read more

    Affected Products : solaris sunos
    • Published: Feb. 07, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0015

    Double-free vulnerability in CVS 1.11.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed Directory request, as demonstrated by bypassing write checks to execute Update-prog and Checkin-pr... Read more

    Affected Products : freebsd cvs
    • Published: Feb. 07, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0016

    Apache before 2.0.44, when running on unpatched Windows 9x and Me operating systems, allows remote attackers to cause a denial of service or execute arbitrary code via an HTTP request containing MS-DOS device names.... Read more

    Affected Products : http_server
    • Published: Feb. 07, 2003
    • Modified: Apr. 03, 2025

  • 6.8

    MEDIUM
    CVE-2003-0044

    Multiple cross-site scripting (XSS) vulnerabilities in the (1) examples and (2) ROOT web applications for Jakarta Tomcat 3.x through 3.3.1a allow remote attackers to insert arbitrary web script or HTML.... Read more

    Affected Products : tomcat
    • Published: Feb. 07, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0007

    Microsoft Outlook 2002 does not properly handle requests to encrypt email messages with V1 Exchange Server Security certificates, which causes Outlook to send the email in plaintext, aka "Flaw in how Outlook 2002 handles V1 Exchange Server Security Certif... Read more

    Affected Products : outlook
    • Published: Feb. 07, 2003
    • Modified: Apr. 03, 2025

  • 6.8

    MEDIUM
    CVE-2003-0002

    Cross-site scripting vulnerability (XSS) in ManualLogin.asp script for Microsoft Content Management Server (MCMS) 2001 allows remote attackers to execute arbitrary script via the REASONTXT parameter.... Read more

    Affected Products : content_management_server
    • Published: Feb. 07, 2003
    • Modified: Apr. 03, 2025
Showing 20 of 293609 Results