Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2002-1075

    Buffer overflow in Pegasus mail client 4.01 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long (1) To or (2) From headers.... Read more

    Affected Products : pegasus_mail
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1039

    Directory traversal vulnerability in Double Choco Latte (DCL) before 20020706 allows remote attackers to read arbitrary files via .. (dot dot) sequences when downloading files from the Projects: Attachments feature.... Read more

    Affected Products : double_choco_latte
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1019

    The library feature for Adobe Content Server 3.0 allows a remote attacker to check out an eBook for an arbitrary length of time via a modified loanMin parameter to download.asp.... Read more

    Affected Products : adobe_content_server
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 6.8

    MEDIUM
    CVE-2002-1006

    Cross-site scripting (XSS) vulnerability in BBC Education Text to Speech Internet Enhancer (Betsie) 1.5.11 and earlier allows remote attackers to execute arbitrary web script via parserl.pl.... Read more

    Affected Products : betsie
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2002-1030

    Race condition in Performance Pack in BEA WebLogic Server and Express 5.1.x, 6.0.x, 6.1.x and 7.0 allows remote attackers to cause a denial of service (crash) via a flood of data and connections.... Read more

    Affected Products : weblogic_server
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1088

    Buffer overflow in Novell GroupWise 6.0.1 Support Pack 1 allows remote attackers to execute arbitrary code via a long RCPT TO command.... Read more

    Affected Products : groupwise
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1073

    Buffer overflow in the control service for MERCUR Mailserver 4.2 allows remote attackers to execute arbitrary code via a long password.... Read more

    Affected Products : mercur_mailserver
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-1017

    Adobe eBook Reader 2.1 and 2.2 allows a user to copy eBooks to other systems by using the backup feature, capturing the encryption Challenge, and using the appropriate hash function to generate the activation code.... Read more

    Affected Products : digital_editions
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1041

    Unknown vulnerability in DCE (1) SMIT panels and (2) configuration commands, possibly related to relative pathnames.... Read more

    Affected Products : aix
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1001

    Buffer overflows in AnalogX Proxy before 4.12 allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a long HTTP request to TCP port 6588 or (2) a SOCKS 4A request to TCP port 1080 with a long DNS hostname.... Read more

    Affected Products : proxy
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1066

    Thomas Hauck Jana Server 1.4.6 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large message index value in a (1) RETR or (2) DELE command to the POP3 server, which exceeds the array limits and al... Read more

    Affected Products : jana_web_server
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1011

    Buffer overflow in web server for Tivoli Management Framework (TMF) Endpoint 3.6.x through 3.7.1, before Fixpack 2, allows remote attackers to cause a denial of service or execute arbitrary code via a long HTTP GET request.... Read more

    Affected Products : tivoli_management_framework
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1052

    Jigsaw 2.2.1 on Windows systems allows remote attackers to use MS-DOS device names in HTTP requests to (1) cause a denial of service using the "con" device, or (2) obtain the physical path of the server using two requests to the "aux" device.... Read more

    Affected Products : jigsaw
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0968

    Buffer overflow in AnalogX SimpleServer:WWW 1.16 and earlier allows remote attackers to cause a denial of service (crash) and execute code via a long HTTP request method name.... Read more

    Affected Products : simpleserver_www
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2002-1119

    os._execvpe from os.py in Python 2.2.1 and earlier creates temporary files with predictable names, which could allow local users to execute arbitrary code via a symlink attack.... Read more

    Affected Products : python
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1093

    HTML interface for Cisco VPN 3000 Concentrator 2.x.x and 3.x.x before 3.0.3(B) allows remote attackers to cause a denial of service (CPU consumption) via a long URL request.... Read more

    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2002-1060

    Cross-site scripting (XSS) vulnerability in Blue Coat Systems (formerly CacheFlow) CacheOS on Client Accelerator 4.1.06, Security Gateway 2.1.02, and Server Accelerator 4.1.06 allows remote attackers to inject arbitrary web script or HTML via a URL to a n... Read more

    Affected Products : cacheos
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1029

    Res Manager in Worldspan for Windows Gateway 4.1 allows remote attackers to cause a denial of service (crash) via a malformed request to TCP port 17990.... Read more

    Affected Products : res_manager
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0888

    3Com OfficeConnect Remote 812 ADSL Router, firmware 1.1.9 and 1.1.7, allows remote attackers to bypass port access restrictions by connecting to an approved port and quickly connecting to the desired port, which is allowed by the router.... Read more

    Affected Products : 3cp4144
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0965

    Buffer overflow in TNS Listener for Oracle 9i Database Server on Windows systems, and Oracle 8 on VM, allows local users to execute arbitrary code via a long SERVICE_NAME parameter, which is not properly handled when writing an error message to a log file... Read more

    Affected Products : database_server oracle9i
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025
Showing 20 of 293608 Results