Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2002-0234

    NetScreen ScreenOS before 2.6.1 does not support a maximum number of concurrent sessions for a system, which allows an attacker on the trusted network to cause a denial of service (resource exhaustion) via a port scan to an external network, which consume... Read more

    Affected Products : netscreen_screenos
    • EPSS Score: %0.08
    • Published: May. 29, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-0255

    The default configuration of Arescom NetDSL 800 does not require authentication, which allows remote attackers to cause a denial of service or reconfigure the router.... Read more

    Affected Products : netdsl
    • EPSS Score: %0.49
    • Published: May. 29, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0256

    The telnet port in Arescom NetDSL 1000 router allows remote attackers to cause a denial of service via a series of connections with long strings, which causes a large number of login failures and causes the telnet service to stop.... Read more

    Affected Products : netdsl
    • EPSS Score: %4.19
    • Published: May. 29, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0189

    Cross-site scripting vulnerability in Internet Explorer 6.0 allows remote attackers to execute scripts in the Local Computer zone via a URL that exploits a local HTML resource file, aka the "Cross-Site Scripting in Local HTML Resource" vulnerability.... Read more

    Affected Products : internet_explorer
    • EPSS Score: %15.37
    • Published: May. 29, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-0247

    Buffer overflows in wmtv 0.6.5 and earlier may allow local users to gain privileges.... Read more

    Affected Products : wmtv
    • EPSS Score: %0.05
    • Published: May. 29, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0235

    Castelle FaxPress, possibly 6.3 and other versions, when configured to use the Network print queue, allows attackers to obtain the username and password by submitting an incorrect login, which causes Faxpress to leak the correct username and password in p... Read more

    Affected Products : faxpress
    • EPSS Score: %0.80
    • Published: May. 29, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-0239

    Buffer overflow in hanterm 3.3.1 and earlier allows local users to execute arbitrary code via a long string in the (1) -fn, (2) -hfb, or (3) -hfn argument.... Read more

    Affected Products : hanterm
    • EPSS Score: %0.27
    • Published: May. 29, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0363

    ghostscript before 6.53 allows attackers to execute arbitrary commands by using .locksafe or .setsafe to reset the current pagedevice.... Read more

    Affected Products : ghostscript
    • EPSS Score: %0.71
    • Published: May. 29, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-0174

    nsd on SGI IRIX before 6.5.11 allows local users to overwrite arbitrary files and gain root privileges via a symlink attack on the nsd.dump file.... Read more

    Affected Products : irix
    • EPSS Score: %0.15
    • Published: May. 29, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0240

    PHP, when installed with Apache and configured to search for index.php as a default web page, allows remote attackers to obtain the full pathname of the server via the HTTP OPTIONS method, which reveals the pathname in the resulting error message.... Read more

    Affected Products : http_server
    • EPSS Score: %1.69
    • Published: May. 29, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0236

    Lucent VitalSuite 8.0 through 8.2, including VitalNet, VitalEvent, and VitalHelp/VitalAnalysis, allows remote attackers to bypass authentication via a direct HTTP request to the VsSetCookie.exe program, which returns a valid cookie for the desired user.... Read more

    • EPSS Score: %7.28
    • Published: May. 29, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0232

    Directory traversal vulnerability in Multi Router Traffic Grapher (MRTG) allows remote attackers to read portions of arbitrary files via a .. (dot dot) in the cfg parameter for (1) 14all.cgi, (2) 14all-1.1.cgi, (3) traffic.cgi, or (4) mrtg.cgi.... Read more

    Affected Products : multi_router_traffic_grapher_cgi
    • EPSS Score: %1.61
    • Published: May. 29, 2002
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2002-0271

    Runtime library in GNU Ada compiler (GNAT) 3.12p through 3.14p allows local users to modify files of other users via a symlink attack on temporary files.... Read more

    Affected Products : gnat_pro_native
    • EPSS Score: %0.08
    • Published: May. 29, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0375

    Cross-site scripting vulnerability in sgdynamo.exe for Sgdynamo allows remote attackers to execute arbitrary Javascript via a URL with the script in the HTNAME parameter.... Read more

    Affected Products : sgdynamo
    • EPSS Score: %3.83
    • Published: May. 29, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0252

    Buffer overflow in Apple QuickTime Player 5.01 and 5.02 allows remote web servers to execute arbitrary code via a response containing a long Content-Type MIME header.... Read more

    Affected Products : quicktime
    • EPSS Score: %4.58
    • Published: May. 29, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-0033

    Heap-based buffer overflow in cfsd_calloc function of Solaris cachefsd allows remote attackers to execute arbitrary code via a request with a long directory and cache name.... Read more

    Affected Products : solaris sunos
    • EPSS Score: %55.47
    • Published: May. 29, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0264

    PowerFTP Personal FTP Server 2.03 through 2.10 stores sensitive account information in plaintext in the ftpserver.ini file, which allows attackers with access to the file to gain privileges.... Read more

    Affected Products : powerftp
    • EPSS Score: %0.53
    • Published: May. 29, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0243

    Cross-site scripting vulnerability in Opera 6.0 and earlier allows remote attackers to execute arbitrary script via an Extended HTML Form, whose output from the remote server is not properly cleansed.... Read more

    Affected Products : opera_web_browser
    • EPSS Score: %0.64
    • Published: May. 29, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0191

    Microsoft Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to view arbitrary files that contain the "{" character via script containing the cssText property of the stylesheet object, aka "Local Information Disclosure through HTML Object" vulner... Read more

    Affected Products : internet_explorer
    • EPSS Score: %13.08
    • Published: May. 29, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-0246

    Format string vulnerability in the message catalog library functions in UnixWare 7.1.1 allows local users to gain privileges by modifying the LC_MESSAGE environment variable to read other message catalogs containing format strings from setuid programs suc... Read more

    Affected Products : unixware
    • EPSS Score: %0.24
    • Published: May. 29, 2002
    • Modified: Apr. 03, 2025
Showing 20 of 291782 Results