Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2001-0173

    Buffer overflow in qDecoder library 5.08 and earlier, as used in CrazyWWWBoard, CrazySearch, and other CGI programs, allows remote attackers to execute arbitrary commands via a long MIME Content-Type header.... Read more

    Affected Products : crazywwwboard qdecoder
    • EPSS Score: %4.85
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0207

    Buffer overflow in bing allows remote attackers to execute arbitrary commands via a long hostname, which is copied to a small buffer after a reverse DNS lookup using the gethostbyaddr function.... Read more

    Affected Products : bing
    • EPSS Score: %2.10
    • Published: Mar. 26, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0209

    Buffer overflow in Shoutcast Distributed Network Audio Server (DNAS) 1.7.1 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long description.... Read more

    Affected Products : dnas
    • EPSS Score: %1.80
    • Published: Mar. 26, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0296

    Buffer overflow in WFTPD Pro 3.00 allows remote attackers to execute arbitrary commands via a long CWD command.... Read more

    Affected Products : wftpd_pro
    • EPSS Score: %6.96
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0464

    Buffer overflow in websync.exe in Cyberscheduler allows remote attackers to execute arbitrary commands via a long tzs (timezone) parameter.... Read more

    Affected Products : cyberscheduler
    • EPSS Score: %6.60
    • Published: Jul. 02, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0679

    A buffer overflow in InterScan VirusWall 3.23 and 3.3 allows a remote attacker to execute arbitrary code by sending a long HELO command to the server.... Read more

    Affected Products : interscan_viruswall
    • EPSS Score: %11.10
    • Published: Nov. 08, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0825

    Buffer overflow in internal string handling routines of xinetd before 2.1.8.8 allows remote attackers to execute arbitrary commands via a length argument of zero or less, which disables the length check.... Read more

    Affected Products : linux xinetd
    • EPSS Score: %3.08
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-1223

    The web administration server for ELSA Lancom 1100 Office does not require authentication, which allows arbitrary remote attackers to gain administrative privileges by connecting to the server.... Read more

    Affected Products : lancom_1100_office
    • EPSS Score: %2.32
    • Published: Dec. 26, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-0311

    Vulnerability in webtop in UnixWare 7.1.1 and Open UNIX 8.0.0 allows local and possibly remote attackers to gain root privileges via shell metacharacters in the -c argument for (1) in scoadminreg.cgi or (2) service_action.cgi.... Read more

    Affected Products : unixware openunix
    • EPSS Score: %3.13
    • Published: May. 31, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-5323

    Unspecified vulnerability in IBM WebSphere Application Server before 6.1.0.2 has unspecified impact and attack vectors, related to a "possible security exposure," aka PK29360.... Read more

    Affected Products : websphere_application_server
    • EPSS Score: %0.66
    • Published: Oct. 17, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2002-1641

    Multiple buffer overflows in Oracle Web Cache for Oracle 9i Application Server (9iAS) allow remote attackers to execute arbitrary code via unknown vectors.... Read more

    • EPSS Score: %13.22
    • Published: May. 27, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-0182

    Samba has a buffer overflow which allows a remote attacker to obtain root access by specifying a long password.... Read more

    Affected Products : samba
    • EPSS Score: %3.02
    • Published: Sep. 30, 1997
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-0248

    A race condition in the authentication agent mechanism of sshd 1.2.17 allows an attacker to steal another user's credentials.... Read more

    Affected Products : ssh
    • EPSS Score: %0.41
    • Published: Jan. 01, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-0385

    The LDAP bind function in Exchange 5.5 has a buffer overflow that allows a remote attacker to conduct a denial of service or execute commands.... Read more

    Affected Products : exchange_server
    • EPSS Score: %9.00
    • Published: Dec. 01, 1998
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-0560

    A system-critical Windows NT file or directory has inappropriate permissions.... Read more

    Affected Products : windows_nt
    • EPSS Score: %2.57
    • Published: Jan. 01, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-0568

    rpc.admind in Solaris is not running in a secure mode.... Read more

    Affected Products : solaris
    • EPSS Score: %0.48
    • Published: Jan. 01, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-6355

    SQL injection vulnerability in default.asp in DuWare DuClassmate allows remote attackers to execute arbitrary SQL commands via the iCity parameter. NOTE: the iState parameter is already covered by CVE-2005-2049.... Read more

    Affected Products : duclassmate
    • EPSS Score: %0.31
    • Published: Dec. 07, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-1999-0603

    In Windows NT, an inappropriate user is a member of a group, e.g. Administrator, Backup Operators, Domain Admins, Domain Guests, Power Users, Print Operators, Replicators, System Operators, etc.... Read more

    Affected Products :
    • EPSS Score: %0.47
    • Published: Jan. 01, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-6454

    execInBackground.php in J-OWAMP Web Interface 2.1b and earlier allows remote attackers to execute arbitrary commands via shell metacharacters to the (1) exe and (2) args parameters, which are used in an exec function call. NOTE: the provenance of this in... Read more

    Affected Products : web_interface
    • EPSS Score: %3.16
    • Published: Dec. 10, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-1999-0598

    A network intrusion detection system (IDS) does not properly handle packets that are sent out of order, allowing an attacker to escape detection.... Read more

    Affected Products :
    • EPSS Score: %0.48
    • Published: Jan. 01, 1999
    • Modified: Apr. 03, 2025
Showing 20 of 291003 Results