Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.2

    HIGH
    CVE-2002-0248

    wmtv 0.6.5 and earlier allows local users to modify arbitrary files via a symlink attack on a configuration file.... Read more

    Affected Products : wmtv
    • EPSS Score: %0.15
    • Published: May. 29, 2002
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2002-0259

    InstantServers MiniPortal 1.1.5 and earlier stores sensitive login and account data in plaintext in (1) .pwd files in the miniportal/apache directory, or (2) mplog.txt, which could allow local users to gain privileges.... Read more

    Affected Products : miniportal
    • EPSS Score: %0.07
    • Published: May. 29, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0269

    Internet Explorer 5.x and 6 interprets an object as an HTML document even when its MIME Content-Type is text/plain, which could allow remote attackers to execute arbitrary script in documents that the user does not expect, possibly through web application... Read more

    Affected Products : internet_explorer
    • EPSS Score: %4.30
    • Published: May. 29, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0262

    Directory traversal vulnerability in netget for Sybex E-Trainer web server allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.... Read more

    Affected Products : e-trainer
    • EPSS Score: %1.42
    • Published: May. 29, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0249

    PHP for Windows, when installed on Apache 2.0.28 beta as a standalone CGI module, allows remote attackers to obtain the physical path of the php.exe via a request with malformed arguments such as /123, which leaks the pathname in the error message.... Read more

    Affected Products : http_server
    • EPSS Score: %2.83
    • Published: May. 29, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0266

    Thunderstone Texis CGI script allows remote attackers to obtain the full path of the web root via a request for a nonexistent file, which generates an error message that includes the full pathname.... Read more

    Affected Products : texis
    • EPSS Score: %5.25
    • Published: May. 29, 2002
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2002-0270

    Opera, when configured with the "Determine action by MIME type" option disabled, interprets an object as an HTML document even when its MIME Content-Type is text/plain, which could allow remote attackers to execute arbitrary script in documents that the u... Read more

    Affected Products : opera_web_browser
    • EPSS Score: %0.28
    • Published: May. 29, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0254

    ICQ 2001b Build 3659 allows remote attackers to cause a denial of service (crash) via a malformed picture that contains large height and width values, which causes the crash when viewed in Userdetails.... Read more

    Affected Products : icq
    • EPSS Score: %0.98
    • Published: May. 29, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0253

    PHP, when not configured with the "display_errors = Off" setting in php.ini, allows remote attackers to obtain the physical path for an include file via a trailing slash in a request to a directly accessible PHP program, which modifies the base path, caus... Read more

    Affected Products : php
    • EPSS Score: %0.78
    • Published: May. 29, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-0247

    Buffer overflows in wmtv 0.6.5 and earlier may allow local users to gain privileges.... Read more

    Affected Products : wmtv
    • EPSS Score: %0.05
    • Published: May. 29, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0362

    Buffer overflow in AOL Instant Messenger (AIM) 4.2 and later allows remote attackers to execute arbitrary code via a long AddExternalApp request and a TLV type greater than 0x2711.... Read more

    Affected Products : instant_messenger
    • EPSS Score: %4.76
    • Published: May. 29, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-0356

    Vulnerability in XFS filesystem reorganizer (fsr_xfs) in SGI IRIX 6.5.10 and earlier allows local users to gain root privileges by overwriting critical system files.... Read more

    Affected Products : irix
    • EPSS Score: %0.15
    • Published: May. 29, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-0268

    Identix BioLogon 3 allows users with physical access to the system to gain administrative privileges by using CTRL-ALT-DEL and running a "Browse" function, which runs Explorer with SYSTEM privileges.... Read more

    Affected Products : biologon
    • EPSS Score: %0.07
    • Published: May. 29, 2002
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2002-0169

    The default stylesheet for DocBook on Red Hat Linux 6.2 through 7.2 is installed with an insecure option enabled, which could allow users to overwrite files outside of the current directory from an untrusted document by using a full pathname as an element... Read more

    • EPSS Score: %0.08
    • Published: May. 29, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0242

    Cross-site scripting vulnerability in Internet Explorer 6 earlier allows remote attackers to execute arbitrary script via an Extended HTML Form, whose output from the remote server is not properly cleansed.... Read more

    Affected Products : internet_explorer
    • EPSS Score: %3.47
    • Published: May. 29, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0155

    Buffer overflow in Microsoft MSN Chat ActiveX Control, as used in MSN Messenger 4.5 and 4.6, and Exchange Instant Messenger 4.5 and 4.6, allows remote attackers to execute arbitrary code via a long ResDLL parameter in the MSNChat OCX.... Read more

    • EPSS Score: %19.14
    • Published: May. 29, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-0355

    netstat in SGI IRIX before 6.5.12 allows local users to determine the existence of files on the system, even if the users do not have the appropriate permissions.... Read more

    Affected Products : irix
    • EPSS Score: %0.16
    • Published: May. 29, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0191

    Microsoft Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to view arbitrary files that contain the "{" character via script containing the cssText property of the stylesheet object, aka "Local Information Disclosure through HTML Object" vulner... Read more

    Affected Products : internet_explorer
    • EPSS Score: %13.08
    • Published: May. 29, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0243

    Cross-site scripting vulnerability in Opera 6.0 and earlier allows remote attackers to execute arbitrary script via an Extended HTML Form, whose output from the remote server is not properly cleansed.... Read more

    Affected Products : opera_web_browser
    • EPSS Score: %0.64
    • Published: May. 29, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0256

    The telnet port in Arescom NetDSL 1000 router allows remote attackers to cause a denial of service via a series of connections with long strings, which causes a large number of login failures and causes the telnet service to stop.... Read more

    Affected Products : netdsl
    • EPSS Score: %4.19
    • Published: May. 29, 2002
    • Modified: Apr. 03, 2025
Showing 20 of 292731 Results