Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2002-0718

    Web authoring command in Microsoft Content Management Server (MCMS) 2001 allows attackers to authenticate and upload executable content, by modifying the upload location, aka "Program Execution via MCMS Authoring Function."... Read more

    Affected Products : content_management_server
    • EPSS Score: %8.84
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0644

    Buffer overflow in several Database Consistency Checkers (DBCCs) for Microsoft SQL Server 2000 and Microsoft Desktop Engine (MSDE) 2000 allows members of the db_owner and db_ddladmin roles to execute arbitrary code.... Read more

    Affected Products : sql_server sql_server data_engine
    • EPSS Score: %9.07
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0618

    The Macro Security Model in Microsoft Excel 2000 and 2002 for Windows allows remote attackers to execute code in the Local Computer zone by embedding HTML scripts within an Excel workbook that contains an XSL stylesheet, aka "Excel XSL Stylesheet Script E... Read more

    Affected Products : office excel
    • EPSS Score: %17.28
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0504

    Cross-site scripting vulnerability in Citrix NFuse 1.6 and earlier does not quote results from the getLastError method, which allows remote attackers to execute script in other clients via the NFuse_Application parameter to (1) launch.jsp or (2) launch.as... Read more

    Affected Products : nfuse
    • EPSS Score: %6.16
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0765

    sshd in OpenSSH 3.2.2, when using YP with netgroups and under certain conditions, may allow users to successfully authenticate and log in with another user's password.... Read more

    Affected Products : openssh openbsd
    • EPSS Score: %0.60
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0661

    Directory traversal vulnerability in Apache 2.0 through 2.0.39 on Windows, OS2, and Netware allows remote attackers to read arbitrary files and execute commands via .. (dot dot) sequences containing \ (backslash) characters.... Read more

    Affected Products : http_server
    • EPSS Score: %86.27
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0748

    LabVIEW Web Server 5.1.1 through 6.1 allows remote attackers to cause a denial of service (crash) via an HTTP GET request that ends in two newline characters, instead of the expected carriage return/newline combinations.... Read more

    Affected Products : labview
    • EPSS Score: %10.52
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2002-0769

    The web-based configuration interface for the Cisco ATA 186 Analog Telephone Adaptor allows remote attackers to bypass authentication via an HTTP POST request with a single byte, which allows the attackers to (1) obtain the password from the login screen,... Read more

    Affected Products : ata-186
    • EPSS Score: %5.45
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0478

    The default configuration of Foundry Networks EdgeIron 4802F allows remote attackers to modify sensitive information via arbitrary SNMP community strings.... Read more

    Affected Products : edgeiron
    • EPSS Score: %0.62
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-0391

    Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdr_array throu... Read more

    • EPSS Score: %4.57
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-1616

    Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allow local users to gain root privileges via (1) su, (2) chsh, (3) passwd, (4) chfn, (5) dxchpwd, and (6) libc.... Read more

    Affected Products : tru64
    • EPSS Score: %0.30
    • Published: Aug. 01, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1446

    The error checking routine used for the C_Verify call on a symmetric verification key in the nCipher PKCS#11 library 1.2.0 and later returns the CKR_OK status even when it detects an invalid signature, which could allow remote attackers to modify or forge... Read more

    Affected Products : pkcs_11_library
    • EPSS Score: %0.63
    • Published: Aug. 01, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1449

    eUpload 1.0 stores the password.txt password file in plaintext under the web document root, which allows remote attackers to overwrite arbitrary files by reading password.txt.... Read more

    Affected Products : eupload
    • EPSS Score: %1.02
    • Published: Jul. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1450

    IBM UniVerse with UV/ODBC allows attackers to cause a denial of service (client crash or server CPU consumption) via a query with an invalid link between tables, possibly via a buffer overflow.... Read more

    Affected Products : u2_universe
    • EPSS Score: %0.50
    • Published: Jul. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0409

    orderdetails.aspx, as made available to Microsoft .NET developers as example code and demonstrated on www.ibuyspystore.com, allows remote attackers to view the orders of other users by modifying the OrderID parameter.... Read more

    Affected Products : .net_framework
    • EPSS Score: %34.23
    • Published: Jul. 26, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0407

    htcgibin.exe in Lotus Domino server 5.0.9a and earlier allows remote attackers to determine the physical pathname for the server via requests that contain certain MS-DOS device names such as com5, such as (1) a request with a .pl or .java extension, or (2... Read more

    Affected Products : domino
    • EPSS Score: %1.30
    • Published: Jul. 26, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-0395

    The TFTP server for Red-M 1050 (Bluetooth Access Point) can not be disabled and makes it easier for remote attackers to crack the administration password via brute force methods.... Read more

    Affected Products : 1050ap_lan_acess_point
    • EPSS Score: %1.21
    • Published: Jul. 26, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0446

    categorie.php3 in Black Tie Project (BTP) 0.4b through 0.5b allows remote attackers to determine the absolute path of the web server via an invalid category ID (cid) parameter, which leaks the pathname in an error message.... Read more

    Affected Products : black_tie_project
    • EPSS Score: %0.81
    • Published: Jul. 26, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-0369

    Buffer overflow in ASP.NET Worker Process allows remote attackers to cause a denial of service (restart) and possibly execute arbitrary code via a routine that processes cookies while in StateServer mode.... Read more

    Affected Products : .net_framework
    • EPSS Score: %19.26
    • Published: Jul. 26, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0448

    Xerver Free Web Server 2.10 and earlier allows remote attackers to cause a denial of service (crash) via an HTTP request that contains many "C:/" sequences.... Read more

    Affected Products : xerver
    • EPSS Score: %7.63
    • Published: Jul. 26, 2002
    • Modified: Apr. 03, 2025
Showing 20 of 292316 Results