Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.2

    HIGH
    CVE-2002-0991

    Buffer overflows in the cifslogin command for HP CIFS/9000 Client A.01.06 and earlier, based on the Sharity package, allows local users to gain root privileges via long (1) -U, (2) -D, (3) -P, (4) -S, (5) -N, or (6) -u parameters.... Read more

    Affected Products : hp-ux cifs-9000_server
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1046

    Dynamic VPN Configuration Protocol service (DVCP) in Watchguard Firebox firmware 5.x.x allows remote attackers to cause a denial of service (crash) via a malformed packet containing tab characters to TCP port 4110.... Read more

    Affected Products : firebox soho_firewall
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1025

    JRun 3.0 through 4.0 allows remote attackers to read JSP source code via an encoded null byte in an HTTP GET request, which causes the server to send the .JSP file unparsed.... Read more

    Affected Products : jrun
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0925

    Format string vulnerability in mmsyslog function allows remote attackers to execute arbitrary code via (1) the USER command to mmpop3d for mmmail 0.0.13 and earlier, (2) the HELO command to mmsmtpd for mmmail 0.0.13 and earlier, or (3) the USER command to... Read more

    Affected Products : mmftpd mmmail
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0837

    wordtrans 1.1pre8 and earlier in the wordtrans-web package allows remote attackers to (1) execute arbitrary code or (2) conduct cross-site scripting attacks via certain parameters (possibly "dict") to the wordtrans.php script.... Read more

    Affected Products : linux wordtrans-web
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-1129

    Buffer overflow in dxterm allows local users to execute arbitrary code via a long -xrm argument.... Read more

    Affected Products : tru64 osf_1
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2002-0940

    domesticinstall.exe for nCipher MSCAPI CSP 5.50 and 5.54 does not use Operator Card Set protected keys when the user requests them but does not generate the Operator Card Set, which results in a lower protection level than specified by the user (module pr... Read more

    Affected Products : mscapi_csp
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1028

    Multiple buffer overflows in the CGI programs for Oddsock Song Requester WinAmp plugin 2.1 allow remote attackers to cause a denial of service (crash) via long arguments.... Read more

    Affected Products : song_requester
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0900

    Buffer overflow in pks PGP public key web server before 0.9.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long search argument to the lookup capability.... Read more

    Affected Products : pgp_public_key_server
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1100

    Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, allows remote attackers to cause a denial of service (crash) via a long (1) username or (2) password to the HTML login interface.... Read more

    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0696

    Microsoft Visual FoxPro 6.0 does not register its associated files with Internet Explorer, which allows remote attackers to execute Visual FoxPro applications without warning via HTML that references specially-crafted filenames.... Read more

    Affected Products : visual_foxpro
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0908

    Directory traversal vulnerability in the web server for Cisco IDS Device Manager before 3.1.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTPS request.... Read more

    Affected Products : ids_device_manager
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0997

    Buffer overflows in IMAP Agent (imapd) for Novell NetMail (NIMS) 3.0.3 before 3.0.3A allows remote attackers to cause a denial of service.... Read more

    Affected Products : netmail netmail_xe
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1083

    Directory traversal vulnerabilities in ezContents 1.41 and earlier allow remote attackers to cause ezContents to (1) create directories using the Maintain Images:Add New:Create Subdirectory item, or (2) list directories using the Maintain Images file list... Read more

    Affected Products : ezcontents
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1044

    Buffer overflow in Ultrafunk Popcorn 1.20 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long Subject field.... Read more

    Affected Products : popcorn
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1045

    Ultrafunk Popcorn 1.20 allows remote attackers to cause a denial of service (crash) via a malformed Date field that is converted into a year greater than 2037.... Read more

    Affected Products : popcorn
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1133

    Encoded directory traversal vulnerability in Dino's web server 2.1 allows remote attackers to read arbitrary files via ".." (dot dot) sequences with URL-encoded (1) "/" (%2f") or (2) "\" (%5c) characters.... Read more

    Affected Products : dinos_webserver
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1063

    Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, allows remote attackers to cause a denial of service (resource exhaustion) via a large number of FTP PASV requests, which consumes all available FTP ports.... Read more

    Affected Products : jana_web_server
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-0915

    autorun in Xandros based Linux distributions allows local users to read the first line of arbitrary files via the -c parameter, which causes autorun to print the first line of the file.... Read more

    Affected Products : autorun xandros_desktop_os
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0896

    The throttle capability in Swatch may fail to report certain events if (1) the same type of event occurs after the throttle period, or (2) when multiple events matching the same "watchfor" expression do not occur after the throttle period, which could all... Read more

    Affected Products : swatch
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025
Showing 20 of 293508 Results