Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2002-1368

    Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by causing negative arguments to be fed into memcpy() calls via HTTP requests with (1) a negative Con... Read more

    Affected Products : mac_os_x linux cups
    • Published: Dec. 26, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1363

    Portable Network Graphics (PNG) library libpng 1.2.5 and earlier does not correctly calculate offsets, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a buffer overflow attack on the row buffers.... Read more

    Affected Products : libpng
    • Published: Dec. 26, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1176

    Buffer overflow in Winamp 2.81 allows remote attackers to execute arbitrary code via a long Artist ID3v2 tag in an MP3 file.... Read more

    Affected Products : winamp
    • Published: Dec. 26, 2002
    • Modified: Apr. 03, 2025

  • 6.2

    MEDIUM
    CVE-2002-1366

    Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows local users with lp privileges to create or overwrite arbitrary files via file race conditions, as demonstrated by ice-cream.... Read more

    Affected Products : mac_os_x linux cups
    • Published: Dec. 26, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-1369

    jobs.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly use the strncat function call when processing the options string, which allows remote attackers to execute arbitrary code via a buffer overflow attack.... Read more

    Affected Products : mac_os_x linux cups
    • Published: Dec. 26, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-1383

    Multiple integer overflows in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allow remote attackers to execute arbitrary code via (1) the CUPSd HTTP interface, as demonstrated by vanilla-coke, and (2) the image handling code in CUPS filters, as ... Read more

    Affected Products : mac_os_x linux cups
    • Published: Dec. 26, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1177

    Multiple buffer overflows in Winamp 3.0, when displaying an MP3 in the Media Library window, allows remote attackers to execute arbitrary code via an MP3 file containing a long (1) Artist or (2) Album ID3v2 tag.... Read more

    Affected Products : winamp
    • Published: Dec. 26, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1371

    filters/image-gif.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check for zero-length GIF images, which allows remote attackers to execute arbitrary code via modified chunk headers, as demonstrated by nogif.... Read more

    Affected Products : mac_os_x linux cups
    • Published: Dec. 26, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1372

    Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check the return values of various file and socket operations, which could allow a remote attacker to cause a denial of service (resource exhaustion) by causing file descriptors to... Read more

    Affected Products : cups debian_linux mac_os_x linux
    • Published: Dec. 26, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1351

    Buffer overflow in Melange Chat System 1.10 allows remote attackers to cause a denial of service (chat server crash) and possibly execute arbitrary code via the msgText buffer in the chat_InterpretData function, as demonstrated via a long Nick (nickname) ... Read more

    Affected Products : melange_chat_system
    • Published: Dec. 24, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-1381

    Format string vulnerability in daemon.c for Exim 4.x through 4.10, and 3.x through 3.36, allows exim administrative users to execute arbitrary code by modifying the pid_file_path value.... Read more

    Affected Products : exim
    • Published: Dec. 23, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-1358

    Multiple SSH2 servers and clients do not properly handle lists with empty elements or strings, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite.... Read more

    • Published: Dec. 23, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-1360

    Multiple SSH2 servers and clients do not properly handle strings with null characters in them when the string length is specified by a length field, which could allow remote attackers to cause a denial of service or possibly execute arbitrary code due to ... Read more

    • Published: Dec. 23, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1374

    The COM_CHANGE_USER command in MySQL 3.x before 3.23.54, and 4.x before 4.0.6, allows remote attackers to gain privileges via a brute force attack using a one-character password, which causes MySQL to only compare the provided password against the first c... Read more

    • Published: Dec. 23, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-1296

    Directory traversal vulnerability in priocntl system call in Solaris does allows local users to execute arbitrary code via ".." sequences in the pc_clname field of a pcinfo_t structure, which cause priocntl to load a malicious kernel module.... Read more

    Affected Products : solaris sunos
    • Published: Dec. 23, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-1380

    Linux kernel 2.2.x allows local users to cause a denial of service (crash) by using the mmap() function with a PROT_READ parameter to access non-readable memory pages through the /proc/pid/mem interface.... Read more

    Affected Products : linux_kernel linux
    • Published: Dec. 23, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1373

    Signed integer vulnerability in the COM_TABLE_DUMP package for MySQL 3.23.x before 3.23.54 allows remote attackers to cause a denial of service (crash or hang) in mysqld by causing large negative integers to be provided to a memcpy call.... Read more

    Affected Products : mysql
    • Published: Dec. 23, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-1361

    overflow.cgi CGI script in Sun Cobalt RaQ 4 with the SHP (Security Hardening Patch) installed allows remote attackers to execute arbitrary code via a POST request with shell metacharacters in the email parameter.... Read more

    Affected Products : cobalt_raq_4
    • Published: Dec. 23, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1260

    The Java Database Connectivity (JDBC) APIs in Microsoft Virtual Machine (VM) 5.0.3805 and earlier allow remote attackers to bypass security checks and access database contents via an untrusted Java applet.... Read more

    • Published: Dec. 23, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1376

    libmysqlclient client library in MySQL 3.x to 3.23.54, and 4.x to 4.0.6, does not properly verify length fields for certain responses in the (1) read_rows or (2) read_one_row routines, which allows remote attackers to cause a denial of service and possibl... Read more

    • Published: Dec. 23, 2002
    • Modified: Apr. 03, 2025
Showing 20 of 293289 Results