Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2002-1118

    TNS Listener in Oracle Net Services for Oracle 9i 9.2.x and 9.0.x, and Oracle 8i 8.1.x, allows remote attackers to cause a denial of service (hang or crash) via a SERVICE_CURLOAD command.... Read more

    Affected Products : database_server oracle8i oracle9i
    • Published: Oct. 28, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1191

    The Sabserv client component in Sabre Desktop Reservation Software 4.2 through 4.4 allows remote attackers to cause a denial of service via malformed input to TCP port 1001.... Read more

    Affected Products : desktop_reservation_software
    • Published: Oct. 28, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1194

    Buffer overflow in talkd on NetBSD 1.6 and earlier, and possibly other operating systems, may allow remote attackers to execute arbitrary code via a long inbound message.... Read more

    Affected Products : netbsd
    • Published: Oct. 28, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1198

    Bugzilla 2.16.x before 2.16.1 does not properly filter apostrophes from an email address during account creation, which allows remote attackers to execute arbitrary SQL via a SQL injection attack.... Read more

    Affected Products : bugzilla
    • Published: Oct. 28, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-1145

    The xp_runwebtask stored procedure in the Web Tasks component of Microsoft SQL Server 7.0 and 2000, Microsoft Data Engine (MSDE) 1.0, and Microsoft Desktop Engine (MSDE) 2000 can be executed by PUBLIC, which allows an attacker to gain privileges by updati... Read more

    Affected Products : sql_server sql_server data_engine
    • Published: Oct. 28, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1179

    Buffer overflow in the S/MIME Parsing capability in Microsoft Outlook Express 5.5 and 6.0 allows remote attackers to execute arbitrary code via a digitally signed email with a long "From" address, which triggers the overflow when the user views or preview... Read more

    Affected Products : outlook_express
    • Published: Oct. 28, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1201

    IBM AIX 4.3.3 and AIX 5 allows remote attackers to cause a denial of service (CPU consumption or crash) via a flood of malformed TCP packets without any flags set, which prevents AIX from releasing the associated memory buffers.... Read more

    Affected Products : aix
    • Published: Oct. 28, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0990

    The web proxy component in Symantec Enterprise Firewall (SEF) 6.5.2 through 7.0, Raptor Firewall 6.5 and 6.5.3, VelociRaptor, and Symantec Gateway Security allow remote attackers to cause a denial of service (connection resource exhaustion) via multiple c... Read more

    • Published: Oct. 28, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1224

    Directory traversal vulnerability in kpf for KDE 3.0.1 through KDE 3.0.3a allows remote attackers to read arbitrary files as the kpf user via a URL with a modified icon parameter.... Read more

    Affected Products : linux kde
    • Published: Oct. 28, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1228

    Unknown vulnerability in NFS on Solaris 2.5.1 through Solaris 9 allows an NFS client to cause a denial of service by killing the lockd daemon.... Read more

    Affected Products : solaris sunos
    • Published: Oct. 28, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1202

    Unknown vulnerability in routed for HP Tru64 UNIX V4.0F through V5.1A allows local and remote attackers to read arbitrary files.... Read more

    Affected Products : tru64
    • Published: Oct. 28, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1203

    IBM SecureWay Firewall before 4.2.2 performs extra processing before determining that a packet is invalid and dropping it, which allows remote attackers to cause a denial of service (resource exhaustion) via a flood of malformed TCP packets without any fl... Read more

    Affected Products : secureway_firewall
    • Published: Oct. 28, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1213

    Directory traversal vulnerability in RadioBird Software WebServer 4 Everyone 1.23 and 1.27, and other versions before 1.30, allows remote attackers to read arbitrary files via an HTTP request with ".." (dot-dot) sequences containing URL-encoded forward sl... Read more

    Affected Products : webserver_4_all
    • Published: Oct. 28, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1197

    bugzilla_email_append.pl in Bugzilla 2.14.x before 2.14.4, and 2.16.x before 2.16.1, allows remote attackers to execute arbitrary code via shell metacharacters in a system call to processmail.... Read more

    Affected Products : bugzilla
    • Published: Oct. 28, 2002
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2002-1195

    Cross-site scripting vulnerability (XSS) in the PHP interface for ht://Check 1.1 allows remote web servers to insert arbitrary HTML, including script, via a web page.... Read more

    Affected Products : ht_check
    • Published: Oct. 28, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1223

    Buffer overflow in DSC 3.0 parser from GSview, as used in KGhostView in KDE 1.1 and KDE 3.0.3a, may allow attackers to cause a denial of service or execute arbitrary code via a modified .ps (PostScript) input file.... Read more

    Affected Products : linux kde
    • Published: Oct. 28, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-1225

    Multiple buffer overflows in Heimdal before 0.5, possibly in both the (1) kadmind and (2) kdc servers, may allow remote attackers to gain root access.... Read more

    Affected Products : heimdal
    • Published: Oct. 28, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1216

    GNU tar 1.13.19 and other versions before 1.13.25 allows remote attackers to overwrite arbitrary files via a symlink attack, as the result of a modification that effectively disabled the security check.... Read more

    Affected Products : tar
    • Published: Oct. 28, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-1193

    tkmail before 4.0beta9-8.1 allows local users to create or overwrite files as users via a symlink attack on temporary files.... Read more

    Affected Products : tkmail
    • Published: Oct. 28, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1196

    editproducts.cgi in Bugzilla 2.14.x before 2.14.4, and 2.16.x before 2.16.1, when the "usebuggroups" feature is enabled and more than 47 groups are specified, does not properly calculate bit values for large numbers, which grants extra permissions to user... Read more

    Affected Products : bugzilla
    • Published: Oct. 28, 2002
    • Modified: Apr. 03, 2025
Showing 20 of 292820 Results