Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.8

    MEDIUM
    CVE-2003-0749

    Cross-site scripting (XSS) vulnerability in wgate.dll for SAP Internet Transaction Server (ITS) 4620.2.0.323011 allows remote attackers to insert arbitrary web script and steal cookies via the ~service parameter.... Read more

    Affected Products : internet_transaction_server
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0752

    SQL injection vulnerability in global.php3 of AttilaPHP 3.0, and possibly earlier versions, allows remote attackers to bypass authentication via a modified cook_id parameter.... Read more

    Affected Products : attilaphp
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0746

    Various Distributed Computing Environment (DCE) implementations, including HP OpenView, allow remote attackers to cause a denial of service (process hang or termination) via certain malformed inputs, as triggered by attempted exploits against the vulnerab... Read more

    Affected Products : openview
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0753

    nphpd.php in newsPHP 216 and earlier allows remote attackers to read arbitrary files via a full pathname to the target file in the nphp_config[LangFile] parameter.... Read more

    Affected Products : newsphp
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0747

    wgate.dll in SAP Internet Transaction Server (ITS) 4620.2.0.323011 allows remote attackers to obtain potentially sensitive information such as directory structure and operating system via incorrect parameters (1) ~service, (2) ~templatelanguage, (3) ~lang... Read more

    Affected Products : internet_transaction_server
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0724

    ssh on HP Tru64 UNIX 5.1B and 5.1A does not properly handle RSA signatures when digital certificates and RSA keys are used, which could allow local and remote attackers to gain privileges.... Read more

    Affected Products : tru64
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2003-0727

    Multiple buffer overflows in the XML Database (XDB) functionality for Oracle 9i Database Release 2 allow local users to cause a denial of service or hijack user sessions.... Read more

    Affected Products : database_server
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2003-0740

    Stunnel 4.00, and 3.24 and earlier, leaks a privileged file descriptor returned by listen(), which allows local users to hijack the Stunnel server.... Read more

    Affected Products : stunnel
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 7.8

    HIGH
    CVE-2003-0738

    The calendar module in phpWebSite 0.9.x and earlier allows remote attackers to cause a denial of service (crash) via a long year parameter.... Read more

    Affected Products : phpwebsite
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0750

    secure.php in PY-Membres 4.2 and earlier allows remote attackers to bypass authentication by setting the adminpy parameter.... Read more

    Affected Products : py-membres
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0725

    Buffer overflow in the RTSP protocol parser for the View Source plug-in (vsrcplin.so or vsrcplin3260.dll) for RealNetworks Helix Universal Server 9 and RealSystem Server 8, 7 and RealServer G2 allows remote attackers to execute arbitrary code.... Read more

    Affected Products : realserver helix_universal_server
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0744

    The fetchnews NNTP client in leafnode 1.9.3 to 1.9.41 allows remote attackers to cause a denial of service (process hang and termination) via certain malformed Usenet news articles that cause fetchnews to hang while waiting for input.... Read more

    Affected Products : leafnode
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0757

    Check Point FireWall-1 4.0 and 4.1 before SP5 allows remote attackers to obtain the IP addresses of internal interfaces via certain SecuRemote requests to TCP ports 256 or 264, which leaks the IP addresses in a reply packet.... Read more

    Affected Products : firewall-1
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2003-0728

    Horde before 2.2.4 allows remote malicious web sites to steal session IDs and read or create arbitrary email by stealing the ID from a referrer URL.... Read more

    Affected Products : horde
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0748

    Directory traversal vulnerability in wgate.dll for SAP Internet Transaction Server (ITS) 4620.2.0.323011 allows remote attackers to read arbitrary files via ..\ (dot-dot backslash) sequences in the ~theme parameter and a ~template parameter with a filenam... Read more

    Affected Products : internet_transaction_server
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0689

    The getgrouplist function in GNU libc (glibc) 2.2.4 and earlier allows attackers to cause a denial of service (segmentation fault) and execute arbitrary code when a user is a member of a large number of groups, which can cause a buffer overflow.... Read more

    Affected Products : enterprise_linux
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0707

    Buffer overflow in LinuxNode (node) before 0.3.2 allows remote attackers to execute arbitrary code.... Read more

    Affected Products : linuxnode
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0729

    Buffer overflow in Tellurian TftpdNT 1.8 allows remote attackers to execute arbitrary code via a TFTP request with a long filename.... Read more

    Affected Products : tftpdnt
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0735

    SQL injection vulnerability in the Calendar module of phpWebSite 0.9.x and earlier allows remote attackers to execute arbitrary SQL queries, as demonstrated using the year parameter.... Read more

    Affected Products : phpwebsite
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0702

    Unknown vulnerability in an ISAPI plugin for ISS Server Sensor 7.0 XPU 20.16, 20.18, and possibly other versions before 20.19, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code in Internet Information Server ... Read more

    Affected Products : realsecure_server_sensor
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025
Showing 20 of 294717 Results