Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2002-1114

    config_inc2.php in Mantis before 0.17.4 allows remote attackers to execute arbitrary code or read arbitrary files via the parameters (1) g_bottom_include_page, (2) g_top_include_page, (3) g_css_include_file, (4) g_meta_include_file, or (5) a cookie.... Read more

    Affected Products : mantis
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0997

    Buffer overflows in IMAP Agent (imapd) for Novell NetMail (NIMS) 3.0.3 before 3.0.3A allows remote attackers to cause a denial of service.... Read more

    Affected Products : netmail netmail_xe
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2002-1105

    Cisco Virtual Private Network (VPN) Client software 2.x.x, and 3.x before 3.5.1C, allows local users to use a utility program to obtain the group password.... Read more

    Affected Products : vpn_client
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1064

    Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, generates different responses for valid and invalid usernames, which allows remote attackers to identify valid users on the server.... Read more

    Affected Products : jana_web_server
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-2002-0920

    CGIScript.net csPassword.cgi stores usernames and unencrypted passwords in the password.cgi.tmp temporary file while modifying data, which could allow local users (and possibly remote attackers) to gain privileges by stealing the file before it has been p... Read more

    Affected Products : cspassword
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1076

    Buffer overflow in the Web Messaging daemon for Ipswitch IMail before 7.12 allows remote attackers to execute arbitrary code via a long HTTP GET request for HTTP/1.0.... Read more

    Affected Products : imail
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2002-1084

    The VerifyLogin function in ezContents 1.41 and earlier does not properly halt program execution if a user fails to log in properly, which allows remote attackers to modify and view restricted information via HTTP POST requests.... Read more

    Affected Products : ezcontents
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2002-0932

    SQL injection vulnerability in index.php for MyHelpDesk 20020509, and possibly other versions, allows remote attackers to conduct unauthorized activities via SQL code in the "id" parameter for the operations (1) detailticket, (2) editticket, or (3) update... Read more

    Affected Products : myhelpdesk
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0696

    Microsoft Visual FoxPro 6.0 does not register its associated files with Internet Explorer, which allows remote attackers to execute Visual FoxPro applications without warning via HTML that references specially-crafted filenames.... Read more

    Affected Products : visual_foxpro
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0908

    Directory traversal vulnerability in the web server for Cisco IDS Device Manager before 3.1.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTPS request.... Read more

    Affected Products : ids_device_manager
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0948

    Scripts For Educators MakeBook 2.2 CGI program allows remote attackers to execute script as other visitors, or execute server-side includes (SSI) as the web server, via the (1) Name or (2) Email parameters, which are not properly filtered.... Read more

    Affected Products : makebook
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1070

    Cross-site scripting vulnerability in PHPWiki Postnuke wiki module allows remote attackers to execute script as other PHPWiki users via the pagename parameter.... Read more

    Affected Products : php-wiki
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1000

    Buffer overflow in AnalogX SimpleServer:Shout 1.0 allows remote attackers to cause a denial of service and execute arbitrary code via a long request to TCP port 8001.... Read more

    Affected Products : simpleserver_shout
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0998

    Directory traversal vulnerability in cafenews.php for CARE 2002 before beta 1.0.02 allows remote attackers to read arbitrary files via .. (dot dot) sequences and null characters in the lang parameter, which is processed by a call to the include function.... Read more

    Affected Products : care_2002
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-0887

    scoadmin for Caldera/SCO OpenServer 5.0.5 and 5.0.6 allows local users to overwrite arbitrary files via a symlink attack on temporary files, as demonstrated using log files.... Read more

    Affected Products : openserver
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0898

    Opera 6.0.1 and 6.0.2 allows a remote web site to upload arbitrary files from the client system, without prompting the client, via an input type=file tag whose value contains a newline.... Read more

    Affected Products : opera_web_browser
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0949

    Telindus 1100 series ADSL router allows remote attackers to gain privileges to the device via a certain packet to UDP port 9833, which generates a reply that includes the router's password and other sensitive information in cleartext.... Read more

    Affected Products : adsl_router
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0895

    Buffer overflow in MatuFtpServer 1.1.3.0 (1.1.3) allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long PASS (password) command.... Read more

    Affected Products : matu_ftp
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0699

    Unknown vulnerability in the Certificate Enrollment ActiveX Control in Microsoft Windows 98, Windows 98 Second Edition, Windows Millennium, Windows NT 4.0, Windows 2000, and Windows XP allow remote attackers to delete digital certificates on a user's syst... Read more

    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0968

    Buffer overflow in AnalogX SimpleServer:WWW 1.16 and earlier allows remote attackers to cause a denial of service (crash) and execute code via a long HTTP request method name.... Read more

    Affected Products : simpleserver_www
    • Published: Oct. 04, 2002
    • Modified: Apr. 03, 2025
Showing 20 of 293608 Results