Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.8

    HIGH
    CVE-2002-0350

    HP Procurve Switch 4000M running firmware C.08.22 and C.09.09 allows remote attackers to cause a denial of service via a port scan of the management IP address, which disables the telnet service.... Read more

    Affected Products : procurve_switch_4000m
    • Published: Jun. 25, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0360

    Buffer overflow in Sun AnswerBook2 1.4 through 1.4.3 allows remote attackers to execute arbitrary code via a long filename argument to the gettransbitmap CGI program.... Read more

    Affected Products : solaris_answerbook2
    • Published: Jun. 25, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0348

    service.cgi in Cobalt RAQ 4 allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long service argument.... Read more

    • Published: Jun. 25, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-0335

    Buffer overflow in Galacticomm Worldgroup web server 3.20 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long HTTP GET request.... Read more

    • Published: Jun. 25, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0354

    The XMLHttpRequest object (XMLHTTP) in Netscape 6.1 and Mozilla 0.9.7 allows remote attackers to read arbitrary files and list directories on a client system by opening a URL that redirects the browser to the file on the client, then reading the result us... Read more

    Affected Products : mozilla navigator
    • Published: Jun. 25, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0333

    Directory traversal vulnerability in xtell (xtelld) 1.91.1 and earlier, and 2.x before 2.7, allows remote attackers to read files with short names, and local users to read more files using a symlink with a short name, via a .. in the TTY argument.... Read more

    Affected Products : xtell
    • Published: Jun. 25, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0346

    Cross-site scripting vulnerability in Cobalt RAQ 4 allows remote attackers to execute arbitrary script as other Cobalt users via Javascript in a URL to (1) service.cgi or (2) alert.cgi.... Read more

    • Published: Jun. 25, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-0334

    xtell (xtelld) 1.91.1 and earlier, and 2.x before 2.7, allows local users to modify files via a symlink attack on the .xtell-log file.... Read more

    Affected Products : xtell
    • Published: Jun. 25, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0353

    The ASN.1 parser in Ethereal 0.9.2 and earlier allows remote attackers to cause a denial of service (crash) via a certain malformed packet, which causes Ethereal to allocate memory incorrectly, possibly due to zero-length fields.... Read more

    Affected Products : ethereal
    • Published: Jun. 25, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1300

    Directory traversal vulnerability in Dynu FTP server 1.05 and earlier allows remote attackers to read arbitrary files via a .. in the CD (CWD) command.... Read more

    Affected Products : dynu_ftp_server
    • Published: Jun. 25, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0351

    Buffer overflows in CFS daemon (cfsd) before 1.3.3-8.1, and 1.4x before 1.4.1-5, allow remote attackers to cause a denial of service and possibly execute arbitrary code.... Read more

    Affected Products : cfs
    • Published: Jun. 25, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0323

    comment2.jse in ScriptEase:WebServer allows remote attackers to read arbitrary files by specifying the target file as an argument in the URL.... Read more

    Affected Products : scriptease_webserver
    • Published: Jun. 25, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0614

    PHP-Survey 20000615 and earlier stores the global.inc file under the web root, which allows remote attackers to obtain sensitive information, including database credentials, if .inc files are not preprocessed by the server.... Read more

    Affected Products : php-survey
    • Published: Jun. 18, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0609

    Vulnerability in HP MPE/iX 6.0 through 7.0 allows attackers to cause a denial of service (system failure with "SA1457 out of i_port_timeout.fix_up_message_frame") via malformed IP packets.... Read more

    Affected Products : mpe_ix
    • Published: Jun. 18, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0608

    Buffer overflow in Matu FTP client 1.74 allows remote FTP servers to execute arbitrary code via a long "220" banner.... Read more

    Affected Products : matu_ftp
    • Published: Jun. 18, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0576

    ColdFusion 5.0 and earlier on Windows systems allows remote attackers to determine the absolute pathname of .cfm or .dbm files via an HTTP request that contains an MS-DOS device name such as NUL, which leaks the pathname in an error message.... Read more

    Affected Products : coldfusion_server
    • Published: Jun. 18, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0589

    PVote before 1.9 allows remote attackers to change the administrative password and gain privileges by directly calling ch_info.php with the newpass and confirm parameters both set to the new password.... Read more

    Affected Products : pvote
    • Published: Jun. 18, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0594

    Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to determine the existence of files on the client system via a LINK element in a Cascading Style Sheet (CSS) page that causes an HTTP redirect.... Read more

    Affected Products : mozilla navigator galeon_browser
    • Published: Jun. 18, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0591

    Directory traversal vulnerability in AOL Instant Messenger (AIM) 4.8 beta and earlier allows remote attackers to create arbitrary files and execute commands via a Direct Connection with an IMG tag with a SRC attribute that specifies the target filename.... Read more

    Affected Products : instant_messenger
    • Published: Jun. 18, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0586

    Format string vulnerability in Ns_PdLog function for the external database driver proxy daemon library (libnspd.a) of AOLServer 3.0 through 3.4.2 allows remote attackers to execute arbitrary code via the Error or Notice parameters.... Read more

    Affected Products : aol_server
    • Published: Jun. 18, 2002
    • Modified: Apr. 03, 2025
Showing 20 of 294848 Results