Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2002-0204

    Buffer overflow in GNU Chess (gnuchess) 5.02 and earlier, if modified or used in a networked capacity contrary to its own design as a single-user application, may allow local or remote attackers to execute arbitrary code via a long command.... Read more

    Affected Products : chess
    • EPSS Score: %3.21
    • Published: May. 16, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0207

    Buffer overflow in Real Networks RealPlayer 8.0 and earlier allows remote attackers to execute arbitrary code via a header length value that exceeds the actual length of the header.... Read more

    Affected Products : realone_player realplayer_intranet
    • EPSS Score: %11.10
    • Published: May. 16, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0212

    The login for Hosting Controller 1.1 through 1.4.1 returns different error messages when a valid or invalid user is provided, which allows remote attackers to determine the existence of valid usernames and makes it easier to conduct a brute force attack.... Read more

    Affected Products : hosting_controller
    • EPSS Score: %0.74
    • Published: May. 16, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0221

    Etype Eserv 2.97 allows remote attackers to cause a denial of service (resource exhaustion) via a large number of PASV commands that consume ports 1024 through 5000, which prevents the server from accepting valid PASV.... Read more

    Affected Products : eserv
    • EPSS Score: %0.74
    • Published: May. 16, 2002
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2002-0157

    Nautilus 1.0.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on the .nautilus-metafile.xml metadata file.... Read more

    Affected Products : nautilus
    • EPSS Score: %0.07
    • Published: May. 16, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0224

    The MSDTC (Microsoft Distributed Transaction Service Coordinator) for Microsoft Windows 2000, Microsoft IIS 5.0 and SQL Server 6.5 through SQL 2000 0.0 allows remote attackers to cause a denial of service (crash or hang) via malformed (random) input.... Read more

    • EPSS Score: %19.46
    • Published: May. 16, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0215

    Agora.cgi 3.2r through 4.0 while in debug mode allows remote attackers to determine the full pathname of the agora.cgi file by requesting a non-existent .html file, which leaks the pathname in an error message.... Read more

    Affected Products : agora.cgi
    • EPSS Score: %8.20
    • Published: May. 16, 2002
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2002-0196

    GetRelativePath in ACD Incorporated CwpAPI 1.1 only verifies if the server root is somewhere within the path, which could allow remote attackers to read or write files outside of the web root, in other directories whose path includes the web root.... Read more

    Affected Products : cwpapi
    • EPSS Score: %0.44
    • Published: May. 16, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-0210

    setlicense for TOLIS Group Backup and Restore Utility (BRU) 17.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/brutest.$$ temporary file.... Read more

    Affected Products : bru
    • EPSS Score: %0.14
    • Published: May. 16, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0206

    index.php in Francisco Burzi PHP-Nuke 5.3.1 and earlier, and possibly other versions before 5.5, allows remote attackers to execute arbitrary PHP code by specifying a URL to the malicious code in the file parameter.... Read more

    Affected Products : php-nuke
    • EPSS Score: %0.22
    • Published: May. 16, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0216

    userinfo.php in XOOPS 1.0 RC1 allows remote attackers to obtain sensitive information via a SQL injection attack in the "uid" parameter.... Read more

    Affected Products : xoops
    • EPSS Score: %0.83
    • Published: May. 16, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1592

    The ap_log_rerror function in Apache 2.0 through 2.035, when a CGI application encounters an error, sends error messages to the client that include the full path for the server, which allows remote attackers to obtain sensitive information.... Read more

    Affected Products : http_server
    • EPSS Score: %4.84
    • Published: May. 06, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-1999-1570

    Buffer overflow in sar for OpenServer 5.0.5 allows local users to gain root privileges via a long -o parameter.... Read more

    Affected Products : openserver
    • EPSS Score: %0.05
    • Published: May. 01, 2002
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2002-1602

    Buffer overflow in the Braille module for GNU screen 3.9.11, when HAVE_BRAILLE is defined, allows local users to execute arbitrary code.... Read more

    Affected Products : screen
    • EPSS Score: %0.12
    • Published: Apr. 23, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0152

    Buffer overflow in various Microsoft applications for Macintosh allows remote attackers to cause a denial of service (crash) or execute arbitrary code by invoking the file:// directive with a large number of / characters, which affects Internet Explorer 5... Read more

    • EPSS Score: %22.55
    • Published: Apr. 22, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0179

    Buffer overflow in xpilot-server for XPilot 4.5.0 and earlier allows remote attackers to execute arbitrary code.... Read more

    Affected Products : xpilot
    • EPSS Score: %3.21
    • Published: Apr. 22, 2002
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2002-0176

    The printf wrappers in libsafe 2.0-11 and earlier do not properly handle argument indexing specifiers, which could allow attackers to exploit certain function calls through arguments that are not verified by libsafe.... Read more

    Affected Products : libsafe
    • EPSS Score: %0.16
    • Published: Apr. 22, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0072

    The w3svc.dll ISAPI filter in Front Page Server Extensions and ASP.NET for Internet Information Server (IIS) 4.0, 5.0, and 5.1 does not properly handle the error condition when a long URL is provided, which allows remote attackers to cause a denial of ser... Read more

    • EPSS Score: %26.61
    • Published: Apr. 22, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0073

    The FTP service in Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows attackers who have established an FTP session to cause a denial of service via a specially crafted status request containing glob characters.... Read more

    • EPSS Score: %42.81
    • Published: Apr. 22, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0167

    Imlib before 1.9.13 sometimes uses the NetPBM package to load trusted images, which could allow attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain weaknesses of NetPBM.... Read more

    Affected Products : linux imlib
    • EPSS Score: %0.94
    • Published: Apr. 22, 2002
    • Modified: Apr. 03, 2025
Showing 20 of 291890 Results