Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2002-1490

    NetBSD 1.4 through 1.6 beta allows local users to cause a denial of service (kernel panic) via a series of calls to the TIOCSCTTY ioctl, which causes an integer overflow in a structure counter and sets the counter to zero, which frees memory that is still... Read more

    Affected Products : netbsd
    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025

  • 6.2

    MEDIUM
    CVE-2002-1512

    xbru in BRU Workstation 17.0 allows local users to overwrite arbitrary files and gain root privileges via a symlink attack on the xbru_dscheck.dd temporary file.... Read more

    Affected Products : bru
    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0082

    The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and earlier allows remote, authenticated attackers to cause a denial of service (crash) on KDCs within the same realm using a certain protocol request that causes the KDC to corrupt its heap (ak... Read more

    Affected Products : kerberos_5 kerberos
    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2002-1495

    Cross-site scripting (XSS) vulnerability in JAWmail 1.0-rc1 allows remote attackers to insert arbitrary script or HTML via (1) attached file names in the Read Mail feature, (2) text/html mails that are displayed in a pop-up window, and (3) certain malicio... Read more

    Affected Products : jawmail
    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2002-1513

    The UCX POP server in HP TCP/IP services for OpenVMS 4.2 through 5.3 allows local users to truncate arbitrary files via the -logfile command line option, which overrides file system permissions because the server runs with the SYSPRV and BYPASS privileges... Read more

    Affected Products : tcp-ip_services
    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1515

    Directory traversal vulnerability in avatar.php in CoolForum 0.5 beta allows remote attackers to read arbitrary files via .. (dot dot) sequences in the img parameter.... Read more

    Affected Products : coolforum
    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0083

    Apache 1.3 before 1.3.25 and Apache 2.0 before version 2.0.46 does not filter terminal escape sequences from its access logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to ... Read more

    Affected Products : http_server
    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-1519

    Format string vulnerability in the CLI interface for WatchGuard Firebox Vclass 3.2 and earlier, and RSSA Appliance 3.0.2, allows remote attackers to cause a denial of service and possibly execute arbitrary code via format string specifiers in the password... Read more

    Affected Products : firebox rapidstream
    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-2003-0141

    The PNG deflate algorithm in RealOne Player 6.0.11.x and earlier, RealPlayer 8/RealPlayer Plus 8 6.0.9.584, and other versions allows remote attackers to corrupt the heap and overwrite arbitrary memory via a PNG graphic file format containing compressed d... Read more

    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2002-1493

    Cross-site scripting (XSS) vulnerability in Lycos HTMLGear guestbook allows remote attackers to inject arbitrary script via (1) STYLE attributes or (2) SRC attributes in an IMG tag.... Read more

    Affected Products : htmlgear_guestgear
    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1504

    Directory traversal vulnerability in WebServer 4 Everyone 1.22 allows remote attackers to read arbitrary files via "..\" (dot-dot backslash) sequences in a URL.... Read more

    Affected Products : webserver_4_everyone
    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1525

    Directory traversal vulnerability in ASTAware SearchDisk engine for Sun ONE Starter Kit 2.0 allows remote attackers to read arbitrary files via a .. (dot dot) attack on port (1) 6015 or (2) 6016, or (3) an absolute pathname to port 6017.... Read more

    Affected Products : searchdisc sunone_starter_kit
    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0166

    Integer signedness error in emalloc() function for PHP before 4.3.2 allow remote attackers to cause a denial of service (memory consumption) and possibly execute arbitrary code via negative arguments to functions such as (1) socket_recv, (2) socket_recvfr... Read more

    Affected Products : php
    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2002-0030

    The digital signature mechanism for the Adobe Acrobat PDF viewer only verifies the PE header of executable code for a plug-in, which can allow attackers to execute arbitrary code in certified mode by making the plug-in appear to be signed by Adobe.... Read more

    Affected Products : acrobat acrobat_reader
    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2003-0178

    Multiple buffer overflows in Lotus Domino Web Server before 6.0.1 allow remote attackers to cause a denial of service or execute arbitrary code via (1) the s_ViewName option in the PresetFields parameter for iNotes, (2) the Foldername option in the Preset... Read more

    Affected Products : lotus_domino_web_server
    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025

  • 5.8

    MEDIUM
    CVE-2003-0160

    Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail before 1.2.11 allow remote attackers to inject arbitrary HTML code and steal information from a client's web browser.... Read more

    Affected Products : squirrelmail linux
    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0155

    bonsai Mozilla CVS query tool allows remote attackers to gain access to the parameters page without authentication.... Read more

    Affected Products : bonsai
    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2003-0165

    Format string vulnerability in Eye Of Gnome (EOG) allows attackers to execute arbitrary code via format string specifiers in a command line argument for the file to display.... Read more

    Affected Products : eog linux
    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0172

    Buffer overflow in openlog function for PHP 4.3.1 on Windows operating system, and possibly other OSes, allows remote attackers to cause a crash and possibly execute arbitrary code via a long filename argument.... Read more

    Affected Products : php
    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0167

    Multiple off-by-one buffer overflows in the IMAP capability for Mutt 1.3.28 and earlier, and Balsa 1.2.4 and earlier, allow a remote malicious IMAP server to cause a denial of service (crash) and possibly execute arbitrary code via a specially crafted mai... Read more

    Affected Products : mutt
    • Published: Apr. 02, 2003
    • Modified: Apr. 03, 2025
Showing 20 of 294068 Results