Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2002-0425

    mIRC DCC server protocol allows remote attackers to gain sensitive information such as alternate IRC nicknames via a "100 testing" message in a DCC connection request that cannot be ignored or canceled by the user, which may leak the alternate nickname in... Read more

    Affected Products : mirc
    • EPSS Score: %0.74
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2002-0512

    startkde in KDE for Caldera OpenLinux 2.3 through 3.1.1 sets the LD_LIBRARY_PATH environment variable to include the current working directory, which could allow local users to gain privileges of other users running startkde via Trojan horse libraries.... Read more

    • EPSS Score: %0.16
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2002-0422

    IIS 5 and 5.1 supporting WebDAV methods allows remote attackers to determine the internal IP address of the system (which may be obscured by NAT) via (1) a PROPFIND HTTP request with a blank Host header, which leaks the address in an HREF property in a 20... Read more

    Affected Products : internet_information_services
    • EPSS Score: %48.52
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0792

    The web management interface for Cisco Content Service Switch (CSS) 11000 switches allows remote attackers to cause a denial of service (soft reset) via (1) an HTTPS POST request, or (2) malformed XML data.... Read more

    Affected Products : content_services_switch_11000 webns
    • EPSS Score: %1.00
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0751

    CGIscript.net csMailto.cgi program allows remote attackers to use csMailto as a "spam proxy" and send mail to arbitrary users via modified (1) form-to, (2) form-from, and (3) form-results parameters.... Read more

    Affected Products : csmailto
    • EPSS Score: %1.24
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0826

    Buffer overflow in WS_FTP FTP Server 3.1.1 allows remote authenticated users to execute arbitrary code via a long SITE CPWD command.... Read more

    Affected Products : ws_ftp_server
    • EPSS Score: %5.92
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0830

    Network File System (NFS) in FreeBSD 4.6.1 RELEASE-p7 and earlier, NetBSD 1.5.3 and earlier, and possibly other operating systems, allows remote attackers to cause a denial of service (hang) via an RPC message with a zero length payload, which causes NFS ... Read more

    Affected Products : freebsd
    • EPSS Score: %1.27
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0492

    dcshop.cgi in DCShop 1.002 Beta allows remote attackers to delete arbitrary setup files via a null character in the database parameter.... Read more

    Affected Products : dcshop
    • EPSS Score: %3.22
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0791

    Novell Netware FTP server NWFTPD before 5.02r allows remote attackers to cause a denial of service (CPU consumption) via a connection to the server followed by a carriage return, and possibly other invalid commands with improper syntax or length.... Read more

    Affected Products : netware
    • EPSS Score: %1.08
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-1209

    The "sa" account is installed with a default null password on (1) Microsoft SQL Server 2000, (2) SQL Server 7.0, and (3) Data Engine (MSDE) 1.0, including third party packages that use these products such as (4) Tumbleweed Secure Mail (MMS) (5) Compaq Ins... Read more

    • EPSS Score: %89.72
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 6.2

    MEDIUM
    CVE-2002-0638

    setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race conditio... Read more

    • EPSS Score: %0.08
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-0480

    ISS RealSecure for Nokia devices before IPSO build 6.0.2001.141d is configured to allow a user "skank" on a machine "starscream" to become a key manager when the "first time connection" feature is enabled and before any legitimate administrators have conn... Read more

    Affected Products : realsecure_nokia
    • EPSS Score: %0.99
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0426

    VPN Server module in Linksys EtherFast BEFVP41 Cable/DSL VPN Router before 1.40.1 reduces the key lengths for keys that are supplied via manual key entry, which makes it easier for attackers to crack the keys.... Read more

    Affected Products : befvp41
    • EPSS Score: %0.72
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 5.5

    MEDIUM
    CVE-2002-0788

    An interaction between PGP 7.0.3 with the "wipe deleted files" option, when used on Windows Encrypted File System (EFS), creates a cleartext temporary files that cannot be wiped or deleted due to strong permissions, which could allow certain local users o... Read more

    • EPSS Score: %0.15
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-0746

    Vulnerability in template.dhcpo in AIX 4.3.3 related to an insecure linker argument.... Read more

    Affected Products : aix
    • EPSS Score: %0.56
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-2002-0475

    Cross-site scripting vulnerability in phpBB 1.4.4 and earlier allows remote attackers to execute arbitrary Javascript on web clients by embedding the script within an IMG image tag while editing a message.... Read more

    Affected Products : phpbb
    • EPSS Score: %0.85
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0500

    Internet Explorer 5.0 through 6.0 allows remote attackers to determine the existence of files on the client via an IMG tag with a dynsrc property that references the target file, which sets certain elements of the image object such as file size.... Read more

    Affected Products : internet_explorer
    • EPSS Score: %20.39
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0520

    Cross-site scripting vulnerability in functions-inc.asp for ASP-Nuke RC1 allows remote attackers to execute script as other ASP-Nuke users by embedding it within an IMG tag.... Read more

    Affected Products : asp-nuke
    • EPSS Score: %1.08
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0764

    Phorum 3.3.2a allows remote attackers to execute arbitrary commands via an HTTP request to (1) plugin.php, (2) admin.php, or (3) del.php that modifies the PHORUM[settings_dir] variable to point to a directory that contains a PHP file with the commands.... Read more

    Affected Products : phorum
    • EPSS Score: %20.92
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-2002-0616

    The Macro Security Model in Microsoft Excel 2000 and 2002 for Windows allows remote attackers to execute code by attaching an inline macro to an object within an Excel workbook, aka the "Excel Inline Macros Vulnerability."... Read more

    Affected Products : office excel
    • EPSS Score: %10.82
    • Published: Aug. 12, 2002
    • Modified: Apr. 03, 2025
Showing 20 of 292518 Results