Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2002-1345

    Directory traversal vulnerabilities in multiple FTP clients on UNIX systems allow remote malicious FTP servers to create or overwrite files as the client user via filenames containing /absolute/path or .. (dot dot) sequences.... Read more

    Affected Products : solaris sunos openbsd ncftp
    • Published: Dec. 23, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1350

    The BGP decoding routines in tcpdump 3.6.x before 3.7 do not properly copy data, which allows remote attackers to cause a denial of service (application crash).... Read more

    Affected Products : tcpdump
    • Published: Dec. 23, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-1296

    Directory traversal vulnerability in priocntl system call in Solaris does allows local users to execute arbitrary code via ".." sequences in the pc_clname field of a pcinfo_t structure, which cause priocntl to load a malicious kernel module.... Read more

    Affected Products : solaris sunos
    • Published: Dec. 23, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-1380

    Linux kernel 2.2.x allows local users to cause a denial of service (crash) by using the mmap() function with a PROT_READ parameter to access non-readable memory pages through the /proc/pid/mem interface.... Read more

    Affected Products : linux_kernel linux
    • Published: Dec. 23, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-1257

    Microsoft Virtual Machine (VM) up to and including build 5.0.3805 allows remote attackers to execute arbitrary code by including a Java applet that invokes COM (Component Object Model) objects in a web site or an HTML mail.... Read more

    • Published: Dec. 23, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-1358

    Multiple SSH2 servers and clients do not properly handle lists with empty elements or strings, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite.... Read more

    • Published: Dec. 23, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1362

    mICQ 0.4.9 and earlier allows remote attackers to cause a denial of service (crash) via malformed ICQ message types without a 0xFE separator character.... Read more

    Affected Products : linux micq
    • Published: Dec. 23, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1365

    Heap-based buffer overflow in Fetchmail 6.1.3 and earlier does not account for the "@" character when determining buffer lengths for local addresses, which allows remote attackers to execute arbitrary code via a header with a large number of local address... Read more

    Affected Products : linux fetchmail
    • Published: Dec. 23, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1643

    Multiple buffer overflows in RealNetworks Helix Universal Server 9.0 (9.0.2.768) allow remote attackers to execute arbitrary code via (1) a long Transport field in a SETUP RTSP request, (2) a DESCRIBE RTSP request with a long URL argument, or (3) two simu... Read more

    Affected Products : helix_universal_server
    • Published: Dec. 19, 2002
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2002-1159

    Canna 3.6 and earlier does not properly validate requests, which allows remote attackers to cause a denial of service or information leak.... Read more

    Affected Products : linux canna
    • Published: Dec. 18, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1338

    The Load method in the Chart component of Office Web Components (OWC) 9 and 10 generates an exception when a specified file does not exist, which allows remote attackers to determine the existence of local files.... Read more

    Affected Products : office_web_components
    • Published: Dec. 18, 2002
    • Modified: Apr. 03, 2025

  • 6.8

    MEDIUM
    CVE-2002-1341

    Cross-site scripting (XSS) vulnerability in read_body.php for SquirrelMail 1.2.10, 1.2.9, and earlier allows remote attackers to insert script and HTML via the (1) mailbox and (2) passed_id parameters.... Read more

    Affected Products : squirrelmail linux
    • Published: Dec. 18, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1339

    The "XMLURL" property in the Spreadsheet component of Office Web Components (OWC) 10 follows redirections, which allows remote attackers to determine the existence of local files based on exceptions, or to read WorkSheet XML files.... Read more

    Affected Products : office_web_components
    • Published: Dec. 18, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1344

    Directory traversal vulnerability in wget before 1.8.2-4 allows a remote FTP server to create or overwrite files as the wget user via filenames containing (1) /absolute/path or (2) .. (dot dot) sequences.... Read more

    Affected Products : wget cobalt_raq_xtr
    • Published: Dec. 18, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-1158

    Buffer overflow in the irw_through function for Canna 3.5b2 and earlier allows local users to execute arbitrary code as the bin user.... Read more

    Affected Products : canna
    • Published: Dec. 18, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1255

    Microsoft Outlook 2002 allows remote attackers to cause a denial of service (repeated failure) via an email message with a certain invalid header field that is accessed using POP3, IMAP, or WebDAV, aka "E-mail Header Processing Flaw Could Cause Outlook 20... Read more

    Affected Products : outlook
    • Published: Dec. 18, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1342

    Unknown vulnerability in smb2www 980804-16 and earlier allows remote attackers to execute arbitrary commands.... Read more

    Affected Products : smb2www
    • Published: Dec. 18, 2002
    • Modified: Apr. 03, 2025

  • 9.8

    CRITICAL
    CVE-2002-1347

    Multiple buffer overflows in Cyrus SASL library 2.1.9 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) long inputs during user name canonicalization, (2) characters that need to be escaped during ... Read more

    • Published: Dec. 18, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1340

    The "ConnectionFile" property in the DataSourceControl component in Office Web Components (OWC) 10 allows remote attackers to determine the existence of local files by detecting an exception.... Read more

    Affected Products : office_web_components
    • Published: Dec. 18, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1354

    Directory traversal vulnerability in TYPSoft FTP Server 0.99.8 allows local users to list the contents of arbitrary directories via a ... (dot dot dot) in the cd/CWD command.... Read more

    Affected Products : typsoft_ftp_server
    • Published: Dec. 18, 2002
    • Modified: Apr. 03, 2025
Showing 20 of 293961 Results