Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2002-0852

    Buffer overflows in Cisco Virtual Private Network (VPN) Client 3.5.4 and earlier allows remote attackers to cause a denial of service via (1) an Internet Key Exchange (IKE) with a large Security Parameter Index (SPI) payload, or (2) an IKE packet with a l... Read more

    Affected Products : vpn_client
    • Published: Sep. 05, 2002
    • Modified: Apr. 03, 2025

  • 5.5

    MEDIUM
    CVE-2002-0725

    NTFS file system in Windows NT 4.0 and Windows 2000 SP2 allows local attackers to hide file usage activities via a hard link to the target file, which causes the link to be recorded in the audit trail instead of the target file.... Read more

    Affected Products : windows_2000 windows_nt
    • Published: Sep. 05, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0858

    catsnmp in Oracle 9i and 8i is installed with a dbsnmp user with a default dbsnmp password, which allows attackers to perform restricted database operations and possibly gain other privileges.... Read more

    Affected Products : oracle8i oracle9i
    • Published: Sep. 05, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-0093

    Buffer overflow in ipcs for HP Tru64 UNIX 4.0f through 5.1a may allow attackers to execute arbitrary code, a different vulnerability than CVE-2001-0423.... Read more

    Affected Products : tru64
    • Published: Sep. 05, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-0854

    Buffer overflows in ISDN Point to Point Protocol (PPP) daemon (ipppd) in the i4l package on SuSE 7.3, 8.0, and possibly other operating systems, may allow local users to gain privileges.... Read more

    Affected Products : suse_linux
    • Published: Sep. 05, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0857

    Format string vulnerabilities in Oracle Listener Control utility (lsnrctl) for Oracle 9.2 and 9.0, 8.1, and 7.3.4, allow remote attackers to execute arbitrary code on the Oracle DBA system by placing format strings into certain entries in the listener.ora... Read more

    Affected Products : database_server oracle8i
    • Published: Sep. 05, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0873

    Vulnerability in l2tpd 0.67 allows remote attackers to overwrite the vendor field via a long value in an attribute/value pair, possibly via a buffer overflow.... Read more

    Affected Products : l2tpd
    • Published: Sep. 05, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-0871

    xinetd 2.3.4 leaks file descriptors for the signal pipe to services that are launched by xinetd, which could allow those services to cause a denial of service via the pipe.... Read more

    Affected Products : linux xinetd
    • Published: Sep. 05, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-0875

    Vulnerability in FAM 2.6.8, 2.6.6, and other versions allows unprivileged users to obtain the names of files whose access is restricted to the root group.... Read more

    Affected Products : enterprise_linux debian_linux irix fam
    • Published: Sep. 05, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0853

    Cisco Virtual Private Network (VPN) Client 3.5.4 and earlier allows remote attackers to cause a denial of service (CPU consumption) via a packet with a zero-length payload.... Read more

    Affected Products : vpn_client
    • Published: Sep. 05, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-0720

    A handler routine for the Network Connection Manager (NCM) in Windows 2000 allows local users to gain privileges via a complex attack that causes the handler to run in the LocalSystem context with user-specified code.... Read more

    • Published: Sep. 05, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0856

    SQL*NET listener for Oracle Net Oracle9i 9.0.x and 9.2 allows remote attackers to cause a denial of service (crash) via certain debug requests that are not properly handled by the debugging feature.... Read more

    Affected Products : database_server oracle9i
    • Published: Sep. 05, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0872

    l2tpd 0.67 does not initialize the random number generator, which allows remote attackers to hijack sessions.... Read more

    Affected Products : l2tpd
    • Published: Sep. 05, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-0851

    Format string vulnerability in ISDN Point to Point Protocol (PPP) daemon (ipppd) in the ISDN4Linux (i4l) package allows local users to gain root privileges via format strings in the device name command line argument, which is not properly handled in a cal... Read more

    Affected Products : isdn4linux
    • Published: Sep. 05, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0870

    The original patch for the Cisco Content Service Switch 11000 Series authentication bypass vulnerability (CVE-2001-0622) was incomplete, which still allows remote attackers to gain additional privileges by directly requesting the web management URL instea... Read more

    Affected Products : content_services_switch_11000 webns
    • Published: Sep. 05, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0859

    Buffer overflow in the OpenDataSource function of the Jet engine on Microsoft SQL Server 2000 allows remote attackers to execute arbitrary code.... Read more

    Affected Products : sql_server jet
    • Published: Sep. 05, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-0679

    Buffer overflow in Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) allows remote attackers to execute arbitrary code via an argument to the _TT_CREATE_FILE procedure.... Read more

    • Published: Sep. 05, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0632

    Vulnerability in SGI BDS (Bulk Data Service) BDSPro 2.4 and earlier allows clients to read arbitrary files on a BDS server.... Read more

    Affected Products : irix
    • Published: Sep. 05, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-0721

    Microsoft SQL Server 7.0 and 2000 installs with weak permissions for extended stored procedures that are associated with helper functions, which could allow unprivileged users, and possibly remote attackers, to run stored procedures with administrator pri... Read more

    Affected Products : sql_server sql_server data_engine
    • Published: Sep. 05, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0654

    Apache 2.0 through 2.0.39 on Windows, OS2, and Netware allows remote attackers to determine the full pathname of the server via (1) a request for a .var file, which leaks the pathname in the resulting error message, or (2) via an error message that occurs... Read more

    Affected Products : http_server
    • Published: Sep. 05, 2002
    • Modified: Apr. 03, 2025
Showing 20 of 292803 Results