Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2002-0111

    Directory traversal vulnerability in Funsoft Dino's Webserver 1.2 and earlier allows remote attackers to read files or execute arbitrary commands via a .. (dot dot) in the URL.... Read more

    Affected Products : dinos_webserver
    • EPSS Score: %1.14
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0145

    chuid 1.2 and earlier does not properly verify the ownership of files that will be changed, which allows remote attackers to change files owned by other users, such as root.... Read more

    Affected Products : chuid
    • EPSS Score: %0.72
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0122

    Siemens 3568i WAP mobile phones allows remote attackers to cause a denial of service (crash) via an SMS message containing unusual characters.... Read more

    Affected Products : 3568i_wap
    • EPSS Score: %1.32
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0140

    Domain Name Relay Daemon (dnrd) 2.10 and earlier allows remote malicious DNS sites to cause a denial of service and possibly execute arbitrary code via a long or malformed DNS reply, which is not handled properly by parse_query, get_objectname, and possib... Read more

    Affected Products : dnrd
    • EPSS Score: %4.80
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0136

    Microsoft Internet Explorer 5.5 on Windows 98 allows remote web pages to cause a denial of service (hang) via extremely long values for form fields such as INPUT and TEXTAREA, which can be automatically filled via Javascript.... Read more

    Affected Products : internet_explorer
    • EPSS Score: %8.90
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-0121

    PHP 4.0 through 4.1.1 stores session IDs in temporary files whose name contains the session ID, which allows local users to hijack web connections.... Read more

    Affected Products : php
    • EPSS Score: %0.20
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0139

    Pi-Soft SpoonFTP 1.1 and earlier allows remote attackers to redirect traffic to other sites (aka FTP bounce) via the PORT command.... Read more

    Affected Products : spoonftp
    • EPSS Score: %0.87
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0127

    Netgear RP114 Cable/DSL Web Safe Router Firmware 3.26, when configured to block traffic below port 1024, allows remote attackers to cause a denial of service (hang) via a port scan of the WAN port.... Read more

    Affected Products : rp114
    • EPSS Score: %0.58
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2002-0141

    Maelstrom GPL 3.0.1 allows local users to overwrite arbitrary files of other Maelstrom users via a symlink attack on the /tmp/f file.... Read more

    Affected Products : maelstrom_gpl
    • EPSS Score: %0.19
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0104

    AFTPD 5.4.4 allows remote attackers to gain sensitive information via a CD (CWD) ~ (tilde) command, which causes a core dump.... Read more

    Affected Products : aftpd
    • EPSS Score: %0.92
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-0096

    The installation of Geeklog 1.3 creates an extra group_assignments record which is not properly deleted, which causes the first newly created user to be added to the GroupAdmin and UserAdmin groups, which could provide that user with administrative privil... Read more

    Affected Products : geeklog
    • EPSS Score: %0.05
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1210

    Directory traversal vulnerability in source.jsp of Apache Tomcat before 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the argument to source.jsp.... Read more

    Affected Products : tomcat
    • EPSS Score: %3.92
    • Published: Mar. 22, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0061

    Apache for Win32 before 1.3.24, and 2.0.x before 2.0.34-beta, allows remote attackers to execute arbitrary commands via shell metacharacters (a | pipe character) provided as arguments to batch (.bat) or .cmd scripts, which are sent unfiltered to the shell... Read more

    Affected Products : http_server
    • EPSS Score: %83.65
    • Published: Mar. 21, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0076

    Java Runtime Environment (JRE) Bytecode Verifier allows remote attackers to escape the Java sandbox and execute commands via an applet containing an illegal cast operation, as seen in (1) Microsoft VM build 3802 and earlier as used in Internet Explorer 4.... Read more

    Affected Products : jre sdk jdk virtual_machine java_jre-jdk
    • EPSS Score: %1.08
    • Published: Mar. 19, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0092

    CVS before 1.10.8 does not properly initialize a global variable, which allows remote attackers to cause a denial of service (server crash) via the diff capability.... Read more

    Affected Products : cvs
    • EPSS Score: %1.27
    • Published: Mar. 15, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0058

    Vulnerability in Java Runtime Environment (JRE) allows remote malicious web sites to hijack or sniff a web client's sessions, when an HTTP proxy is being used, via a Java applet that redirects the session to another server, as seen in (1) Netscape 6.0 thr... Read more

    Affected Products : jre sdk jdk virtual_machine
    • EPSS Score: %2.81
    • Published: Mar. 15, 2002
    • Modified: Apr. 03, 2025

  • 7.6

    HIGH
    CVE-2002-0070

    Buffer overflow in Windows Shell (used as the Windows Desktop) allows local and possibly remote attackers to execute arbitrary code via a custom URL handler that has not been removed for an application that has been improperly uninstalled.... Read more

    • EPSS Score: %26.11
    • Published: Mar. 15, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0091

    Multiple CGI scripts in CIDER SHADOW 1.5 and 1.6 allows remote attackers to execute arbitrary commands via certain form fields.... Read more

    Affected Products : cider_shadow
    • EPSS Score: %1.01
    • Published: Mar. 15, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0082

    The dbm and shm session cache code in mod_ssl before 2.8.7-1.3.23, and Apache-SSL before 1.3.22+1.46, does not properly initialize memory using the i2d_SSL_SESSION function, which allows remote attackers to use a buffer overflow to execute arbitrary code ... Read more

    Affected Products : apache-ssl mod_ssl
    • EPSS Score: %2.51
    • Published: Mar. 15, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-0089

    Buffer overflow in admintool in Solaris 2.5 through 8 allows local users to gain root privileges via long arguments to (1) the -d command line option, or (2) the PRODVERS argument in the .cdtoc file.... Read more

    Affected Products : solaris sunos
    • EPSS Score: %0.08
    • Published: Mar. 15, 2002
    • Modified: Apr. 03, 2025
Showing 20 of 291625 Results