Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2002-1143

    Microsoft Word and Excel allow remote attackers to steal sensitive information via certain field codes that insert the information when the document is returned to the attacker, as demonstrated in Word using (1) INCLUDETEXT or (2) INCLUDEPICTURE, aka "Fla... Read more

    Affected Products : word excel
    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-1420

    Integer signedness error in select() on OpenBSD 3.1 and earlier allows local users to overwrite arbitrary kernel memory via a negative value for the size parameter, which satisfies the boundary check as a signed integer, but is later used as an unsigned i... Read more

    Affected Products : openbsd openbsd
    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-1440

    The Gateway GS-400 server has a default root password of "0001n" that can not be changed via the administrative interface, which can allow attackers to gain root privileges.... Read more

    Affected Products : gs-400
    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1429

    Cross-site scripting vulnerability in board.php of endity.com ShoutBOX allows remote attackers to inject arbitrary HTML into the shoutbox page via the site parameter.... Read more

    Affected Products : shoutbox
    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1436

    The web handler for Perl 5.003 on Novell NetWare 5.1 and NetWare 6 allows remote attackers to execute arbitrary Perl code via an HTTP POST request.... Read more

    Affected Products : netware netware
    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1417

    Directory traversal vulnerability in Novell NetBasic Scripting Server (NSN) for Netware 5.1 and 6, and Novell Small Business Suite 5.1 and 6, allows remote attackers to read arbitrary files via a URL containing a "..%5c" sequence (modified dot-dot), which... Read more

    Affected Products : netware small_business_suite
    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0135

    vsftpd FTP daemon in Red Hat Linux 9 is not compiled against TCP wrappers (tcp_wrappers) but is installed as a standalone service, which inadvertently prevents vsftpd from restricting access as intended.... Read more

    Affected Products : linux
    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1410

    Easy Guestbook CGI programs do not authenticate the administrator, which allows remote attackers to (1) delete entries via direct access of admin.cgi, or (2) reconfigure Guestbook via direct access of config.cgi.... Read more

    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025

  • 7.8

    HIGH
    CVE-2002-1426

    HP ProCurve Switch 4000M C.07.23 allows remote attackers to cause a denial of service (crash) via an SNMP write request containing 85 characters, possibly triggering a buffer overflow.... Read more

    Affected Products : procurve_switch_4000m
    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1415

    Format string vulnerability in SMTP service for WebEasyMail 3.4.2.2 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format strings in SMTP requests.... Read more

    Affected Products : webeasymail
    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0203

    Buffer overflow in moxftp 2.2 and earlier allows remote malicious FTP servers to execute arbitrary code via a long FTP banner.... Read more

    Affected Products : moxftp xftp
    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0169

    hpnst.exe in the GoAhead-Webs webserver for HP Instant TopTools before 5.55 allows remote attackers to cause a denial of service (CPU consumption) via a request to hpnst.exe that calls itself, which causes an infinite loop.... Read more

    Affected Products : instant_toptools
    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1432

    MidiCart stores the midicart.mdb database file under the Web document root, which allows remote attackers to steal sensitive information by directly requesting the database.... Read more

    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0132

    A memory leak in Apache 2.0 through 2.0.44 allows remote attackers to cause a denial of service (memory consumption) via large chunks of linefeed characters, which causes Apache to allocate 80 bytes for each linefeed.... Read more

    Affected Products : http_server
    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-0197

    Buffer overflow gds_lock_mgr of Interbase Database 6.x allows local users to gain privileges via a long ISC_LOCK_ENV environment variable (INTERBASE_LOCK).... Read more

    Affected Products : firebird interbase
    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1442

    The Google toolbar 1.1.58 and earlier allows remote web sites to perform unauthorized toolbar operations including script execution and file reading in other zones such as "My Computer" by opening a window to tools.google.com or the res: protocol, then us... Read more

    Affected Products : toolbar
    • Published: Apr. 11, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1515

    Directory traversal vulnerability in avatar.php in CoolForum 0.5 beta allows remote attackers to read arbitrary files via .. (dot dot) sequences in the img parameter.... Read more

    Affected Products : coolforum
    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025

  • 6.2

    MEDIUM
    CVE-2002-1512

    xbru in BRU Workstation 17.0 allows local users to overwrite arbitrary files and gain root privileges via a symlink attack on the xbru_dscheck.dd temporary file.... Read more

    Affected Products : bru
    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-1500

    Buffer overflow in (1) mrinfo, (2) mtrace, and (3) pppd in NetBSD 1.4.x through 1.6 allows local users to gain privileges by executing the programs after filling the file descriptor tables, which produces file descriptors larger than FD_SETSIZE, which are... Read more

    Affected Products : netbsd
    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1496

    Heap-based buffer overflow in Null HTTP Server 0.5.0 and earlier allows remote attackers to execute arbitrary code via a negative value in the Content-Length HTTP header.... Read more

    Affected Products : null_httpd
    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025
Showing 20 of 293929 Results