Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2002-0127

    Netgear RP114 Cable/DSL Web Safe Router Firmware 3.26, when configured to block traffic below port 1024, allows remote attackers to cause a denial of service (hang) via a port scan of the WAN port.... Read more

    Affected Products : rp114
    • EPSS Score: %0.58
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0134

    Telnet proxy in Avirt Gateway Suite 4.2 does not require authentication for connecting to the proxy system itself, which allows remote attackers to list file contents of the proxy and execute arbitrary commands via a "dos" command.... Read more

    Affected Products : avirt_gateway_suite
    • EPSS Score: %1.33
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-0138

    CDRDAO 1.1.4 and 1.1.5 allows local users to read arbitrary files via the show-data command.... Read more

    Affected Products : cdrdao
    • EPSS Score: %0.12
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0123

    MDG Computer Services Web Server 4D WS4D/eCommerce 3.0 and earlier, and possibly 3.5.3, allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long HTTP request.... Read more

    Affected Products : web_server_4d_ecommerce
    • EPSS Score: %0.99
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-0130

    Buffer overflow in efax 0.9 and earlier, when installed setuid root, allows local users to execute arbitrary code via a long -x argument.... Read more

    Affected Products : efax
    • EPSS Score: %0.05
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0117

    Cross-site scripting vulnerability in Yet Another Bulletin Board (YaBB) 1 Gold SP 1 and earlier allows remote attackers to execute arbitrary script and steal cookies via a message containing encoded Javascript in an IMG tag.... Read more

    Affected Products : yabb
    • EPSS Score: %6.89
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-0105

    CDE dtlogin in Caldera UnixWare 7.1.0, and possibly other operating systems, allows local users to gain privileges via a symlink attack on /var/dt/Xerrors since /var/dt is world-writable.... Read more

    Affected Products : unixware
    • EPSS Score: %0.05
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2002-0113

    EMC NetWorker (formerly Legato NetWorker) before 7.0 stores log files in the /nsr/logs/ directory with world-readable permissions, which allows local users to read sensitive information and possibly gain privileges. NOTE: this was originally reported for... Read more

    Affected Products : networker
    • EPSS Score: %0.05
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-0110

    Nevrona Designs MiraMail 1.04 and earlier stores authentication information such as POP usernames and passwords in plaintext in a .ini file, which allows an attacker to gain privileges by reading the passwords from the file.... Read more

    Affected Products : miramail
    • EPSS Score: %0.20
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0102

    Oracle9iAS Web Cache 2.0.0.x allows remote attackers to cause a denial of service via (1) a request to TCP ports 1100, 4000, 4001, and 4002 with a large number of null characters, and (2) a request to TCP port 4000 with a large number of "." characters.... Read more

    • EPSS Score: %0.56
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0107

    Web administration interface in CacheFlow CacheOS 4.0.13 and earlier allows remote attackers to obtain sensitive information via a series of GET requests that do not end in with HTTP/1.0 or another version string, which causes the information to be leaked... Read more

    Affected Products : cacheos
    • EPSS Score: %6.47
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0139

    Pi-Soft SpoonFTP 1.1 and earlier allows remote attackers to redirect traffic to other sites (aka FTP bounce) via the PORT command.... Read more

    Affected Products : spoonftp
    • EPSS Score: %0.87
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0111

    Directory traversal vulnerability in Funsoft Dino's Webserver 1.2 and earlier allows remote attackers to read files or execute arbitrary commands via a .. (dot dot) in the URL.... Read more

    Affected Products : dinos_webserver
    • EPSS Score: %1.14
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-0121

    PHP 4.0 through 4.1.1 stores session IDs in temporary files whose name contains the session ID, which allows local users to hijack web connections.... Read more

    Affected Products : php
    • EPSS Score: %0.20
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0140

    Domain Name Relay Daemon (dnrd) 2.10 and earlier allows remote malicious DNS sites to cause a denial of service and possibly execute arbitrary code via a long or malformed DNS reply, which is not handled properly by parse_query, get_objectname, and possib... Read more

    Affected Products : dnrd
    • EPSS Score: %4.80
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2002-0143

    Buffer overflow in Eterm of Enlightenment Imlib2 1.0.4 and earlier allows local users to execute arbitrary code via a long HOME environment variable.... Read more

    Affected Products : imlib eterm
    • EPSS Score: %0.18
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0112

    Etype Eserv 2.97 allows remote attackers to view password protected files via /./ in the URL.... Read more

    Affected Products : eserv
    • EPSS Score: %7.50
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-0137

    CDRDAO 1.1.4 and 1.1.5 allows local users to overwrite arbitrary files via a symlink attack on the $HOME/.cdrdao configuration file.... Read more

    Affected Products : cdrdao
    • EPSS Score: %0.12
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0104

    AFTPD 5.4.4 allows remote attackers to gain sensitive information via a CD (CWD) ~ (tilde) command, which causes a core dump.... Read more

    Affected Products : aftpd
    • EPSS Score: %0.92
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0094

    config_converters.py in BSCW (Basic Support for Cooperative Work) 3.x and versions before 4.06 allows remote attackers to execute arbitrary commands via shell metacharacters in the file name during filename conversion.... Read more

    Affected Products : bscw
    • EPSS Score: %1.20
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025
Showing 20 of 292518 Results