Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2002-2150

    Firewalls from multiple vendors empty state tables more slowly than they are filled, which allows remote attackers to flood state tables with packet flooding attacks such as (1) TCP SYN flood, (2) UDP flood, or (3) Crikey CRC Flood, which causes the firew... Read more

    Affected Products : netscreen_screenos
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-2149

    Buffer overflow in Lucent Access Point 300, 600, and 1500 Service Routers allows remote attackers to cause a denial of service (reboot) via a long HTTP request to the administrative interface.... Read more

    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-1918

    Buffer overflow in Microsoft Active Data Objects (ADO) in Microsoft MDAC 2.5 through 2.7 allows remote attackers to have unknown impact with unknown attack vectors. NOTE: due to the lack of details available regarding this issue, perhaps it should be REJ... Read more

    Affected Products : data_access_components
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1801

    ImageFolio 2.23 through 2.27 allows remote attackers to obtain sensitive information via a nonexistent image category, which leaks the web root in the resulting error message.... Read more

    Affected Products : imagefolio
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1784

    Unknown vulnerability in inetd in HP Tru64 Unix 4.0f through 5.1a allows remote attackers to cause a denial of service via unknown attack vectors.... Read more

    Affected Products : tru64
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-2155

    Format string vulnerability in the error handling of IRC invite responses for Trillian 0.725 and 0.73 allows remote IRC servers to execute arbitrary code via an invite to a channel with format string specifiers in the name.... Read more

    Affected Products : trillian
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-2112

    RCA Digital Cable Modem DCM225 and DCM225E, and other modems that must conform to the Data-over-Cable Service Interface Specifications DOCSIS standard, uses the "public" community string for SNMP access, which allows remote attackers to read or write MIB ... Read more

    Affected Products : digital_cable_modem
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2002-1807

    Cross-site scripting (XSS) vulnerability in phpWebSite 0.8.3 allows remote attackers to inject arbitrary web script or HTML via Javascript in an IMG tag.... Read more

    Affected Products : phpwebsite
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1843

    Perlbot 1.9.2 allows remote attackers to execute arbitrary commands via shell metacharacters in (1) the $text variable in SpelCheck.pm or (2) the $filename variable in HTMLPlog.pm.... Read more

    Affected Products : perlbot
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1815

    Directory traversal vulnerability in source.php and source.cgi in Aquonics File Manager 1.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the URL.... Read more

    Affected Products : aquonics_file_manager
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-2154

    Directory traversal vulnerability in Monkey HTTP Daemon 0.1.4 allows remote attackers to read arbitrary files via .. (dot dot) sequences.... Read more

    Affected Products : monkey
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1788

    Format string vulnerability in the nn_exitmsg function in nn 6.6.0 through 6.6.3 allows remote NNTP servers to execute arbitrary code via format strings in server responses.... Read more

    Affected Products : nn
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1880

    LokwaBB 1.2.2 allows remote attackers to read arbitrary messages by modifying the pmid parameter to pm.php.... Read more

    Affected Products : lokwabb
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1903

    Pine 4.2.1 through 4.4.4 puts Unix usernames and/or uid into Sender: and X-Sender: headers, which could allow remote attackers to obtain sensitive information.... Read more

    Affected Products : pine
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-2187

    Unknown "file disclosure" vulnerability in Macromedia JRun 3.0, 3.1, and 4.0, related to a log file or jrun.ini, with unknown impact.... Read more

    Affected Products : jrun
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1897

    MyWebServer LLC MyWebServer 1.0.2 allows remote attackers to cause a denial of service (crash) via a long HTTP request, possibly triggering a buffer overflow.... Read more

    Affected Products : mywebserver
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-2196

    Samba before 2.2.5 does not properly terminate the enum_csc_policy data structure, which may allow remote attackers to execute arbitrary code via a buffer overflow attack.... Read more

    Affected Products : samba
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2002-1901

    Cross-site scripting (XSS) vulnerability in Bodo Bauer BBGallery 1.0 allows remote attackers to inject arbitrary web script or HTML via image tags.... Read more

    Affected Products : bbgallery
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-2191

    Lotus Domino 5.0.9a and earlier, even when configured with the 'DominoNoBanner=1' option, allows remote attackers to obtain potential sensitive information such as the version via a request for a non-existent .nsf database, which leaks the version in the ... Read more

    Affected Products : domino
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1884

    index.php in Py-Membres 3.1 allows remote attackers to log in as an administrator by setting the pymembs parameter to "admin".... Read more

    Affected Products : py-membres
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025
Showing 20 of 293589 Results