Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2002-0692

    Buffer overflow in SmartHTML Interpreter (shtml.dll) in Microsoft FrontPage Server Extensions (FPSE) 2000 and 2002 allows remote attackers to cause a denial of service (CPU consumption) or run arbitrary code, respectively, via a certain type of web file r... Read more

    • Published: Oct. 10, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0707

    The Web Reports Server for SurfControl SuperScout WebFilter allows remote attackers to cause a denial of service (CPU consumption) via large GET requests, possibly due to a buffer overflow.... Read more

    Affected Products : superscout_web_filter web_filter
    • Published: Oct. 10, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0708

    Directory traversal vulnerability in the Web Reports Server for SurfControl SuperScout WebFilter allows remote attackers to read arbitrary files via an HTTP request containing ... (triple dot) sequences.... Read more

    Affected Products : superscout_web_filter web_filter
    • Published: Oct. 10, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0706

    UserManager.js in the Web Reports Server for SurfControl SuperScout WebFilter uses weak encryption for administrator functions, which allows remote attackers to decrypt the administrative password using a hard-coded key in a Javascript function.... Read more

    Affected Products : superscout_web_filter web_filter
    • Published: Oct. 10, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0694

    The HTML Help facility in Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP uses the Local Computer Security Zone when opening .chm files from the Temporary Internet Files fol... Read more

    • Published: Oct. 10, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0705

    The Web Reports Server for SurfControl SuperScout WebFilter stores the "scwebusers" username and password file in a web-accessible directory, which allows remote attackers to obtain valid usernames and crack the passwords.... Read more

    Affected Products : superscout_web_filter web_filter
    • Published: Oct. 10, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0709

    SQL injection vulnerabilities in the Web Reports Server for SurfControl SuperScout WebFilter allow remote attackers to execute arbitrary SQL queries via the RunReport option to SimpleBar.dll, and possibly other DLLs.... Read more

    Affected Products : superscout_web_filter web_filter
    • Published: Oct. 10, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0876

    Web server for Shambala 4.5 allows remote attackers to cause a denial of service (crash) via a malformed HTTP request.... Read more

    Affected Products : shambala_server
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0906

    Buffer overflow in Sendmail before 8.12.5, when configured to use a custom DNS map to query TXT records, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malicious DNS server.... Read more

    Affected Products : sendmail
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0899

    Falcon web server 2.0.0.1021 and earlier allows remote attackers to bypass access restrictions for protected files via a URL whose directory portion ends in a . (dot).... Read more

    Affected Products : falcon_web_server
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2002-0889

    Buffer overflow in Qpopper (popper) 4.0.4 and earlier allows local users to cause a denial of service and possibly execute arbitrary code via a long bulldir argument in the user's .qpopper-options configuration file.... Read more

    Affected Products : qpopper
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0888

    3Com OfficeConnect Remote 812 ADSL Router, firmware 1.1.9 and 1.1.7, allows remote attackers to bypass port access restrictions by connecting to an approved port and quickly connecting to the desired port, which is allowed by the router.... Read more

    Affected Products : 3cp4144
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0384

    Buffer overflow in Jabber plug-in for Gaim client before 0.58 allows remote attackers to execute arbitrary code.... Read more

    Affected Products : gaim
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0879

    showtemp.cfm for Gafware CFXImage 1.6.6 allows remote attackers to read arbitrary files via (1) a .. or (2) a C: style pathname in the FILE parameter.... Read more

    Affected Products : cfximage
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0877

    Directory traversal vulnerability in the FTP server for Shambala 4.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the (1) LIST (ls) or (2) GET commands.... Read more

    Affected Products : shambala_server
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0909

    Multiple buffer overflows in mnews 1.22 and earlier allow (1) a remote NNTP server to execute arbitrary code via long responses, or local users can gain privileges via long command line arguments (2) -f, (3) -n, (4) -D, (5) -M, or (6) -P, or via long envi... Read more

    Affected Products : mnews
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0916

    Format string vulnerability in the allowuser code for the Stellar-X msntauth authentication module, as distributed in Squid 2.4.STABLE6 and earlier, allows remote attackers to execute arbitrary code via format strings in the user name, which are not prope... Read more

    Affected Products : msntauth
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0954

    The encryption algorithms for enable and passwd commands on Cisco PIX Firewall can be executed quickly due to a limited number of rounds, which make it easier for an attacker to decrypt the passwords using brute force techniques.... Read more

    Affected Products : pix_firewall
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0995

    login.php for PHPAuction allows remote attackers to gain privileges via a direct call to login.php with the action parameter set to "insert," which adds the provided username to the adminUsers table.... Read more

    Affected Products : phpauction
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-0915

    autorun in Xandros based Linux distributions allows local users to read the first line of arbitrary files via the -c parameter, which causes autorun to print the first line of the file.... Read more

    Affected Products : autorun xandros_desktop_os
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025
Showing 20 of 293589 Results