Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2003-0201

    Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code.... Read more

    • Published: May. 05, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-0173

    xfsdq in xfsdump does not create quota information files securely, which allows local users to gain root privileges.... Read more

    Affected Products : irix xfsdump
    • Published: May. 05, 2003
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2003-0207

    ps2epsi creates insecure temporary files when calling ghostscript, which allows local attackers to overwrite arbitrary files.... Read more

    Affected Products : gs-common
    • Published: May. 05, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2003-0209

    Integer overflow in the TCP stream reassembly module (stream4) for Snort 2.0 and earlier allows remote attackers to execute arbitrary code via large sequence numbers in packets, which enable a heap-based buffer overflow.... Read more

    Affected Products : snort smoothwall
    • Published: May. 05, 2003
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2003-0208

    Cross-site scripting (XSS) vulnerability in Macromedia Flash ad user tracking capability allows remote attackers to insert arbitrary Javascript via the clickTAG field.... Read more

    Affected Products : flash
    • Published: May. 05, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0211

    Memory leak in xinetd 2.3.10 allows remote attackers to cause a denial of service (memory consumption) via a large number of rejected connections.... Read more

    Affected Products : xinetd
    • Published: May. 05, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0111

    The ByteCode Verifier component of Microsoft Virtual Machine (VM) build 5.0.3809 and earlier, as used in Windows and Internet Explorer, allows remote attackers to bypass security checks and execute arbitrary code via a malicious Java applet, aka "Flaw in ... Read more

    • Published: May. 05, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2003-0196

    Multiple buffer overflows in Samba before 2.2.8a may allow remote attackers to execute arbitrary code or cause a denial of service, as discovered by the Samba team and a different vulnerability than CVE-2003-0201.... Read more

    • Published: May. 05, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-0171

    DirectoryServices in MacOS X trusts the PATH environment variable to locate and execute the touch command, which allows local users to execute arbitrary commands by modifying the PATH to point to a directory containing a malicious touch program.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • Published: May. 05, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0204

    KDE 2 and KDE 3.1.1 and earlier 3.x versions allows attackers to execute arbitrary commands via (1) PostScript (PS) or (2) PDF files, related to missing -dPARANOIDSAFER and -dSAFER arguments when using the kghostview Ghostscript viewer.... Read more

    Affected Products : kde
    • Published: May. 05, 2003
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2003-0198

    Mac OS X before 10.2.5 allows guest users to modify the permissions of the DropBox folder and read unauthorized files.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • Published: May. 05, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-1070

    Unknown vulnerability in rpcbind for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (rpcbind crash).... Read more

    Affected Products : solaris sunos
    • Published: Apr. 28, 2003
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2003-1072

    Memory leak in lofiadm in Solaris 8 allows local users to cause a denial of service (kernel memory consumption).... Read more

    Affected Products : solaris sunos
    • Published: Apr. 28, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1471

    The camel component for Ximian Evolution 1.0.x and earlier does not verify certificates when it establishes a new SSL connection after previously verifying a certificate, which could allow remote attackers to monitor or modify sessions via a man-in-the-mi... Read more

    Affected Products : evolution
    • Published: Apr. 22, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1465

    SQL injection vulnerability in CafeLog b2 Weblog Tool allows remote attackers to execute arbitrary SQL code via the tablehosts variable.... Read more

    Affected Products : b2
    • Published: Apr. 22, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1467

    Macromedia Flash Plugin before 6,0,47,0 allows remote attackers to bypass the same-domain restriction and read arbitrary files via (1) an HTTP redirect, (2) a "file://" base in a web document, or (3) a relative URL from a web archive (mht file).... Read more

    Affected Products : flash_player shockwave
    • Published: Apr. 22, 2003
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-1470

    SHOUTcast 1.8.9 and earlier allows local users to obtain the cleartext administrative password via a GET request to port 8001, which causes the password to be logged in the world-readable sc_serv.log file.... Read more

    Affected Products : shoutcast_server
    • Published: Apr. 22, 2003
    • Modified: Apr. 03, 2025

  • 6.8

    MEDIUM
    CVE-2002-1464

    Cross-site scripting (XSS) vulnerability in CafeLog b2 Weblog Tool allows remote attackers to insert arbitrary HTML or script via the GPC variable.... Read more

    Affected Products : b2
    • Published: Apr. 22, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1469

    scponly does not properly verify the path when finding the (1) scp or (2) sftp-server programs, which could allow remote authenticated users to bypass access controls by uploading malicious programs and modifying the PATH variable in $HOME/.ssh/environmen... Read more

    Affected Products : scponly
    • Published: Apr. 22, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1481

    savesettings.php in phpGB 1.20 and earlier does not require authentication, which allows remote attackers to cause a denial of service or execute arbitrary PHP code by using savesettings.php to modify config.php.... Read more

    Affected Products : phpgb
    • Published: Apr. 22, 2003
    • Modified: Apr. 03, 2025
Showing 20 of 293953 Results