Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.3

    MEDIUM
    CVE-2002-1335

    Cross-site scripting (XSS) vulnerability in w3m 0.3.2 does not escape an HTML tag in a frame, which allows remote attackers to insert arbitrary web script or HTML and access files or cookies.... Read more

    Affected Products : w3m
    • Published: Dec. 11, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-1319

    The Linux kernel 2.4.20 and earlier, and 2.5.x, when running on x86 systems, allows local users to cause a denial of service (hang) via the emulation mode, which does not properly clear TF and NT EFLAGs.... Read more

    Affected Products : linux_kernel linux secure_linux
    • Published: Dec. 11, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1183

    Microsoft Windows 98 and Windows NT 4.0 do not properly verify the Basic Constraints of digital certificates, allowing remote attackers to execute code, aka "New Variant of Certificate Validation Flaw Could Enable Identity Spoofing" (CAN-2002-0862).... Read more

    Affected Products : windows_98 windows_nt windows_98se
    • Published: Dec. 11, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1254

    Internet Explorer 5.5 and 6.0 allows remote attackers to bypass the cross-domain security model and access information on the local system or in other domains, and possibly execute code, via cached methods and objects, aka "Cross Domain Verification via C... Read more

    Affected Products : internet_explorer ie
    • Published: Dec. 11, 2002
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2002-1188

    Internet Explorer 5.01 through 6.0 allows remote attackers to identify the path to the Temporary Internet Files folder and obtain user information such as cookies via certain uses of the OBJECT tag, which are not subjected to the proper security checks, a... Read more

    Affected Products : internet_explorer
    • Published: Dec. 11, 2002
    • Modified: Apr. 03, 2025

  • 6.8

    MEDIUM
    CVE-2002-1187

    Cross-site scripting vulnerability (XSS) in Internet Explorer 5.01 through 6.0 allows remote attackers to read and execute files on the local system via web pages using the <frame> or <iframe> element and javascript, aka "Frames Cross Site Scripting," as ... Read more

    Affected Products : internet_explorer
    • Published: Dec. 11, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1336

    TightVNC before 1.2.6 generates the same challenge string for multiple connections, which allows remote attackers to bypass VNC authentication by sniffing the challenge and response of other users.... Read more

    Affected Products : tightvnc linux
    • Published: Dec. 11, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1185

    Internet Explorer 5.01 through 6.0 does not properly check certain parameters of a PNG file when opening it, which allows remote attackers to cause a denial of service (crash) by triggering a heap-based buffer overflow using invalid length codes during de... Read more

    Affected Products : internet_explorer ie
    • Published: Dec. 11, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1320

    Pine 4.44 and earlier allows remote attackers to cause a denial of service (core dump and failed restart) via an email message with a From header that contains a large number of quotation marks (").... Read more

    Affected Products : pine
    • Published: Dec. 11, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1321

    Multiple buffer overflows in RealOne and RealPlayer allow remote attackers to execute arbitrary code via (1) a Synchronized Multimedia Integration Language (SMIL) file with a long parameter, (2) a long long filename in a rtsp:// request, e.g. from a .m3u ... Read more

    Affected Products : realplayer realone_player
    • Published: Dec. 11, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-1318

    Buffer overflow in samba 2.2.2 through 2.2.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an encrypted password that causes the overflow during decryption in which a DOS codepage string is converted to a lit... Read more

    Affected Products : samba irix cifs-9000_server
    • Published: Dec. 11, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1322

    Rational ClearCase 4.1, 2002.05, and possibly other versions allows remote attackers to cause a denial of service (crash) via certain packets to port 371, e.g. via nmap.... Read more

    Affected Products : clearcase
    • Published: Dec. 11, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1267

    Mac OS X 10.2.2 allows remote attackers to cause a denial of service by accessing the CUPS Printing Web Administration utility, aka "CUPS Printing Web Administration is Remotely Accessible."... Read more

    Affected Products : mac_os_x
    • Published: Dec. 11, 2002
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2002-1269

    Unknown vulnerability in NetInfo Manager application in Mac OS X 10.2.2 allows local users to access restricted parts of a filesystem.... Read more

    Affected Products : mac_os_x
    • Published: Dec. 11, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-1272

    Alcatel OmniSwitch 7700/7800 switches running AOS 5.1.1 contains a back door telnet server that was intended for development but not removed before distribution, which allows remote attackers to gain administrative privileges.... Read more

    Affected Products : aos
    • Published: Dec. 11, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1186

    Internet Explorer 5.01 through 6.0 does not properly perform security checks on certain encoded characters within a URL, which allows a remote attacker to steal potentially sensitive information from a user by redirecting the user to another site that has... Read more

    Affected Products : internet_explorer ie
    • Published: Dec. 11, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1317

    Buffer overflow in Dispatch() routine for XFS font server (fs.auto) on Solaris 2.5.1 through 9 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a certain XFS query.... Read more

    Affected Products : solaris hp-ux sunos irix x11r6
    • Published: Dec. 11, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-1587

    The libthread library (libthread.so.1) for Solaris 2.5.1 through 8 allows local users to cause a denial of service (hang) of an application that uses libthread by causing the application to wait for a certain mutex.... Read more

    Affected Products : solaris sunos
    • Published: Dec. 04, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-1586

    Solaris 2.5.1 through 9 allows local users to cause a denial of service (kernel panic) by setting the sd_struiowrq variable in the struioget function to null, which triggers a null dereference.... Read more

    Affected Products : solaris sunos
    • Published: Dec. 03, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1588

    Mailtool for OpenWindows 3.6, 3.6.1, and 3.6.2 allows remote attackers to cause a denial of service (mailtool segmentation violation and crash) via a malformed mail attachment.... Read more

    Affected Products : solaris openwindows
    • Published: Nov. 29, 2002
    • Modified: Apr. 03, 2025
Showing 20 of 293594 Results