Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2002-0101

    Microsoft Internet Explorer 6.0 and earlier allows local users to cause a denial of service via an infinite loop for modeless dialogs showModelessDialog, which causes CPU usage while the focus for the dialog is not released.... Read more

    Affected Products : internet_explorer
    • EPSS Score: %10.62
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0133

    Buffer overflows in Avirt Gateway Suite 4.2 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) long header fields to the HTTP proxy, or (2) a long string to the telnet proxy.... Read more

    • EPSS Score: %3.78
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0134

    Telnet proxy in Avirt Gateway Suite 4.2 does not require authentication for connecting to the proxy system itself, which allows remote attackers to list file contents of the proxy and execute arbitrary commands via a "dos" command.... Read more

    Affected Products : avirt_gateway_suite
    • EPSS Score: %1.33
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2002-0103

    An installer program for Oracle9iAS Web Cache 2.0.0.x creates executable and configuration files with insecure permissions, which allows local users to gain privileges by (1) running webcached or (2) obtaining the administrator password from webcache.xml.... Read more

    • EPSS Score: %0.09
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0106

    BEA Systems Weblogic Server 6.1 allows remote attackers to cause a denial of service via a series of requests to .JSP files that contain an MS-DOS device name.... Read more

    Affected Products : weblogic_server
    • EPSS Score: %6.04
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0094

    config_converters.py in BSCW (Basic Support for Cooperative Work) 3.x and versions before 4.06 allows remote attackers to execute arbitrary commands via shell metacharacters in the file name during filename conversion.... Read more

    Affected Products : bscw
    • EPSS Score: %1.20
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0131

    ActivePython ActiveX control for Python in the AXScript package, when used in Internet Explorer, does not prevent a script from reading files from the client's filesystem, which allows remote attackers to read arbitrary files via a malicious web page cont... Read more

    Affected Products : activepython
    • EPSS Score: %0.49
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-0129

    efax 0.9 and earlier, when installed setuid root, allows local users to read arbitrary files via the -d option, which prints the contents of the file in a warning message.... Read more

    Affected Products : efax
    • EPSS Score: %0.21
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0099

    Buffer overflow in Michael Lamont Savant Web Server 3.0 allows remote attackers to cause a denial of service (crash) via a long HTTP request to the cgi-bin directory in which the CGI program name contains a large number of . (dot) characters.... Read more

    Affected Products : savant_webserver
    • EPSS Score: %0.73
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-0110

    Nevrona Designs MiraMail 1.04 and earlier stores authentication information such as POP usernames and passwords in plaintext in a .ini file, which allows an attacker to gain privileges by reading the passwords from the file.... Read more

    Affected Products : miramail
    • EPSS Score: %0.20
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-0138

    CDRDAO 1.1.4 and 1.1.5 allows local users to read arbitrary files via the show-data command.... Read more

    Affected Products : cdrdao
    • EPSS Score: %0.12
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0142

    CGI handler in John Roy Pi3Web for Windows 2.0 beta 1 and 2 allows remote attackers to cause a denial of service (crash) via a series of requests whose physical path is exactly 260 characters long and ends in a series of . (dot) characters.... Read more

    Affected Products : pi3web
    • EPSS Score: %5.68
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-0105

    CDE dtlogin in Caldera UnixWare 7.1.0, and possibly other operating systems, allows local users to gain privileges via a symlink attack on /var/dt/Xerrors since /var/dt is world-writable.... Read more

    Affected Products : unixware
    • EPSS Score: %0.05
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2002-0143

    Buffer overflow in Eterm of Enlightenment Imlib2 1.0.4 and earlier allows local users to execute arbitrary code via a long HOME environment variable.... Read more

    Affected Products : imlib eterm
    • EPSS Score: %0.18
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0124

    MDG Computer Services Web Server 4D/eCommerce 3.5.3 allows remote attackers to exploit directory traversal vulnerability via a ../ (dot dot) containing URL-encoded slashes in the HTTP request.... Read more

    Affected Products : web_server_4d_ecommerce
    • EPSS Score: %1.14
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0112

    Etype Eserv 2.97 allows remote attackers to view password protected files via /./ in the URL.... Read more

    Affected Products : eserv
    • EPSS Score: %7.50
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-0137

    CDRDAO 1.1.4 and 1.1.5 allows local users to overwrite arbitrary files via a symlink attack on the $HOME/.cdrdao configuration file.... Read more

    Affected Products : cdrdao
    • EPSS Score: %0.12
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2002-0141

    Maelstrom GPL 3.0.1 allows local users to overwrite arbitrary files of other Maelstrom users via a symlink attack on the /tmp/f file.... Read more

    Affected Products : maelstrom_gpl
    • EPSS Score: %0.19
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0145

    chuid 1.2 and earlier does not properly verify the ownership of files that will be changed, which allows remote attackers to change files owned by other users, such as root.... Read more

    Affected Products : chuid
    • EPSS Score: %0.72
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0111

    Directory traversal vulnerability in Funsoft Dino's Webserver 1.2 and earlier allows remote attackers to read files or execute arbitrary commands via a .. (dot dot) in the URL.... Read more

    Affected Products : dinos_webserver
    • EPSS Score: %1.14
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025
Showing 20 of 291641 Results