Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2002-1306

    Multiple buffer overflows in LISa on KDE 2.x for 2.1 and later, and KDE 3.x before 3.0.4, allow (1) local and possibly remote attackers to execute arbitrary code via the "lisa" daemon, and (2) remote attackers to execute arbitrary code via a certain "lan:... Read more

    Affected Products : linux kde
    • Published: Nov. 29, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1281

    Unknown vulnerability in the rlogin KIO subsystem (rlogin.protocol) of KDE 2.x 2.1 and later, and KDE 3.x 3.0.4 and earlier, allows local and remote attackers to execute arbitrary code via a certain URL.... Read more

    Affected Products : linux kde
    • Published: Nov. 29, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1310

    Heap-based buffer overflow in the error-handling mechanism for the IIS ISAPI handler in Macromedia JRun 4.0 and earlier allows remote attackers to execute arbitrary via an HTTP GET request with a long .jsp file name.... Read more

    Affected Products : jrun
    • Published: Nov. 29, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1210

    Qualcomm Eudora 5.1.1, 5.2, and possibly other versions stores email attachments in a predictable location, which allows remote attackers to read arbitrary files via a link that loads an attachment with malicious script into a frame, which then executes t... Read more

    Affected Products : eudora
    • Published: Nov. 29, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1295

    The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to cause a denial of service (crash) and possibly conduct other unauthorized activities via applet tags in HTML that bypass Java class restrictions (such as private c... Read more

    Affected Products : java_virtual_machine
    • Published: Nov. 29, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1283

    Buffer overflow in Novell iManager (eMFrame) before 1.5 allows remote attackers to cause a denial of service via an authentication request with a long Distinguished Name (DN) attribute.... Read more

    Affected Products : emframe
    • Published: Nov. 29, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1308

    Heap-based buffer overflow in Netscape and Mozilla allows remote attackers to execute arbitrary code via a jar: URL that references a malformed .jar file, which overflows a buffer during decompression.... Read more

    Affected Products : linux mozilla navigator
    • Published: Nov. 29, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-1279

    Multiple buffer overflows in conf.c for Masqmail 0.1.x before 0.1.17, and 0.2.x before 0.2.15, allow local users to gain privileges via certain entries in the configuration file (-C option).... Read more

    Affected Products : masqmail
    • Published: Nov. 29, 2002
    • Modified: Apr. 03, 2025

  • 6.8

    MEDIUM
    CVE-2002-1316

    importInfo in the Admin Server for iPlanet WebServer 4.x, up to SP11, allows the web administrator to execute arbitrary commands via shell metacharacters in the dir parameter, and possibly allows remote attackers to exploit this vulnerability via a separa... Read more

    Affected Products : iplanet_web_server
    • Published: Nov. 29, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1293

    The Microsoft Java implementation, as used in Internet Explorer, provides a public load0() method for the CabCracker class (com.ms.vm.loader.CabCracker), which allows remote attackers to bypass the security checks that are performed by the load() method.... Read more

    Affected Products : java_virtual_machine
    • Published: Nov. 29, 2002
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2002-1290

    The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to read and modify the contents of the Clipboard via an applet that accesses the (1) ClipBoardGetText and (2) ClipBoardSetText methods of the INativeServices class.... Read more

    Affected Products : java_virtual_machine
    • Published: Nov. 29, 2002
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2002-1284

    The wizard in KGPG 0.6 through 0.8.2 does not properly provide the passphrase to gpg when creating new keys, which causes secret keys to be created with an empty passphrase and allows local attackers to steal the keys if they can be read.... Read more

    Affected Products : kgpg
    • Published: Nov. 29, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1309

    Heap-based buffer overflow in the error-handling mechanism for the IIS ISAPI handler in Macromedia ColdFusion 6.0 allows remote attackers to execute arbitrary via an HTTP GET request with a long .cfm file name.... Read more

    Affected Products : coldfusion
    • Published: Nov. 29, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1289

    The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to read restricted process memory, cause a denial of service (crash), and possibly execute arbitrary code via the getNativeServices function, which creates an instanc... Read more

    Affected Products : java_virtual_machine
    • Published: Nov. 29, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1294

    The Microsoft Java implementation, as used in Internet Explorer, can provide HTML object references to applets via Javascript, which allows remote attackers to cause a denial of service (crash due to illegal memory accesses) and possibly conduct other una... Read more

    Affected Products : java_virtual_machine
    • Published: Nov. 29, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-1285

    runlpr in the LPRng package allows the local lp user to gain root privileges via certain command line arguments.... Read more

    Affected Products : suse_linux
    • Published: Nov. 29, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1291

    The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to read arbitrary local files and network shares via an applet tag with a codebase set to a "file://%00" (null character) URL.... Read more

    Affected Products : java_virtual_machine
    • Published: Nov. 29, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1287

    Stack-based buffer overflow in the Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to cause a denial of service via a long class name through (1) Class.forName or (2) ClassLoader.loadClass.... Read more

    Affected Products : java_virtual_machine
    • Published: Nov. 29, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1204

    Netscape Communicator 4.x allows attackers to use a link to steal a user's preferences, including potentially sensitive information such as URL history, e-mail address, and possibly the e-mail password, by redefining the user_pref() function and accessing... Read more

    Affected Products : communicator
    • Published: Nov. 29, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1288

    The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to determine the current directory of the Internet Explorer process via the getAbsolutePath() method in a File() call.... Read more

    Affected Products : java_virtual_machine
    • Published: Nov. 29, 2002
    • Modified: Apr. 03, 2025
Showing 20 of 293260 Results