Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.2

    HIGH
    CVE-2003-0936

    Symantec PCAnywhere 10.x and 11, when started as a service, allows attackers to gain SYSTEM privileges via the help interface using AWHOST32.exe.... Read more

    Affected Products : pcanywhere
    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0943

    web-tools in SAP DB before 7.4.03.30 installs several services that are enabled by default, which could allow remote attackers to obtain potentially sensitive information or redirect attacks against internal databases via (1) waecho, (2) Web SQL Interface... Read more

    Affected Products : sap_db
    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2003-0972

    Integer signedness error in ansi.c for GNU screen 4.0.1 and earlier, and 3.9.15 and earlier, allows local users to execute arbitrary code via a large number of ";" (semicolon) characters in escape sequences, which leads to a buffer overflow.... Read more

    Affected Products : screen
    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0628

    PeopleSoft Gateway Administration servlet (gateway.administration) in PeopleTools 8.43 and earlier allows remote attackers to obtain the full pathnames for server-side include (SSI) files via an HTTP request with an invalid value.... Read more

    Affected Products : peopletools
    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2003-0629

    Cross-site scripting (XSS) vulnerability in PeopleSoft IScript environment for PeopleTools 8.43 and earlier allows remote attackers to insert arbitrary web script via a certain HTTP request to IScript.... Read more

    Affected Products : peopletools
    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2003-0937

    SCO UnixWare 7.1.1, 7.1.3, and Open UNIX 8.0.0 allows local users to bypass protections for the "as" address space file for a process ID (PID) by obtaining a procfs file descriptor for the file and calling execve() on a setuid or setgid program, which lea... Read more

    Affected Products : unixware open_unix
    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0940

    Directory traversal vulnerability in sqlfopenc for web-tools in SAP DB before 7.4.03.30 allows remote attackers to read arbitrary files via .. (dot dot) sequences in a URL.... Read more

    Affected Products : sap_db
    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0976

    NFS Server (XNFS.NLM) for Novell NetWare 6.5 does not properly enforce sys:\etc\exports when hostname aliases from sys:etc\hosts file are used, which could allow users to mount file systems when XNFS should deny the host.... Read more

    Affected Products : netware
    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2003-0955

    OpenBSD kernel 3.3 and 3.4 allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code in 3.4 via a program with an invalid header that is not properly handled by (1) ibcs2_exec.c in the iBCS2 emulation (compat_ibcs2... Read more

    Affected Products : openbsd
    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0951

    Partition Manager (parmgr) in HP-UX B.11.23 does not properly validate certificates that are provided by the cimserver, which allows attackers to obtain sensitive data or gain privileges.... Read more

    Affected Products : hp-ux
    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0975

    Apple Safari 1.0 through 1.1 on Mac OS X 10.3.1 and Mac OS X 10.2.8 allows remote attackers to steal user cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain.... Read more

    Affected Products : mac_os_x mac_os_x_server safari
    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2003-0932

    Buffer overflow in omega-rpg 0.90 allows local users to execute arbitrary code via a long (1) command line or (2) environment variable.... Read more

    Affected Products : omega-rpg
    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0820

    Microsoft Word 97, 98(J), 2000, and 2002, and Microsoft Works Suites 2001 through 2004, do not properly check the length of the "Macro names" data value, which could allow remote attackers to execute arbitrary code via a buffer overflow attack.... Read more

    Affected Products : word works
    • Published: Dec. 15, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-1056

    The ed editor for Sun Solaris 2.6, 7, and 8 allows local users to create or overwrite arbitrary files via a symlink attack on temporary files.... Read more

    Affected Products : solaris sunos
    • Published: Dec. 11, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-1057

    Unknown vulnerability in CDE Print Viewer (dtprintinfo) for Sun Solaris 2.6 through 9 may allow local users to execute arbitrary code.... Read more

    Affected Products : solaris sunos
    • Published: Dec. 08, 2003
    • Modified: Apr. 03, 2025

  • 3.7

    LOW
    CVE-2003-1058

    The Xsun server for Sun Solaris 2.6 through 9, when running in Direct Graphics Access (DGA) mode, allows local users to cause a denial of service (Xsun crash) or to create or overwrite arbitrary files on the system, probably via a symlink attack on tempor... Read more

    Affected Products : solaris sunos
    • Published: Dec. 03, 2003
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2003-0834

    Buffer overflow in CDE libDtHelp library allows local users to execute arbitrary code via (1) a modified DTHELPUSERSEARCHPATH environment variable and the Help feature, (2) DTSEARCHPATH, or (3) LOGNAME.... Read more

    Affected Products : unixware open_unix
    • Published: Dec. 01, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0622

    The Administration Console for BEA Tuxedo 8.1 and earlier allows remote attackers to cause a denial of service (hang) via pathname arguments that contain MS-DOS device names such as CON and AUX.... Read more

    Affected Products : weblogic_server tuxedo
    • Published: Dec. 01, 2003
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2003-0933

    Buffer overflow in conquest 7.2 and earlier may allow a local user to execute arbitrary code via a long environment variable.... Read more

    Affected Products : conquest
    • Published: Dec. 01, 2003
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2003-0934

    Symbol Access Portable Data Terminal (PDT) 8100 does not hide the default WEP keys if they are not changed, which could allow attackers to retrieve the keys and gain access to the wireless network.... Read more

    Affected Products : pdt
    • Published: Dec. 01, 2003
    • Modified: Apr. 03, 2025
Showing 20 of 294837 Results