Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2001-1009

    Fetchmail (aka fetchmail-ssl) before 5.8.17 allows a remote malicious (1) IMAP server or (2) POP/POP3 server to overwrite arbitrary memory and possibly gain privileges via a negative index number as part of a response to a LIST request.... Read more

    Affected Products : fetchmail
    • EPSS Score: %13.12
    • Published: Aug. 31, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0960

    Computer Associates ARCserve for NT 6.61 SP2a and ARCserve 2000 7.0 stores the backup agent user name and password in cleartext in the aremote.dmp file in the ARCSERVE$ hidden share, which allows local and remote attackers to gain privileges.... Read more

    • EPSS Score: %1.16
    • Published: Sep. 15, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-1196

    Directory traversal vulnerability in edit_action.cgi of Webmin Directory 0.91 allows attackers to gain privileges via a '..' (dot dot) in the argument.... Read more

    Affected Products : webmin
    • EPSS Score: %3.92
    • Published: Dec. 17, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0248

    Buffer overflow in FTP server in HPUX 11 allows remote attackers to execute arbitrary commands by creating a long pathname and calling the STAT command, which uses glob to generate long strings.... Read more

    Affected Products : hp-ux irix
    • EPSS Score: %5.32
    • Published: Jun. 18, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0022

    simplestguest.cgi CGI program by Leif Wright allows remote attackers to execute arbitrary commands via shell metacharacters in the guestbook parameter.... Read more

    Affected Products : simplestguest.cgi
    • EPSS Score: %3.71
    • Published: Feb. 12, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2004-0963

    Buffer overflow in Microsoft Word 2002 (10.6612.6714) SP3, and possibly other versions, allows remote attackers to cause a denial of service (application exception) and possibly execute arbitrary code in winword.exe via certain unexpected values in a .doc... Read more

    Affected Products : word windows_2000
    • EPSS Score: %44.14
    • Published: Feb. 09, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-1042

    Buffer overflow in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an attacker to gain root privileges when ypserv is built without a vsyslog() function.... Read more

    Affected Products : mandrake_linux
    • EPSS Score: %0.50
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0961

    Buffer overflow in IMAP server in Netscape Messaging Server 4.15 Patch 2 allows local users to execute arbitrary commands via a long LIST command.... Read more

    • EPSS Score: %0.84
    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0491

    Buffer overflow in the XDMCP parsing code of GNOME gdm, KDE kdm, and wdm allows remote attackers to execute arbitrary commands or cause a denial of service via a long FORWARD_QUERY request.... Read more

    Affected Products : suse_linux gdm openlinux
    • EPSS Score: %6.92
    • Published: May. 24, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-0953

    WWWBoard stores encrypted passwords in a password file that is under the web root and thus accessible by remote attackers.... Read more

    Affected Products : wwwboard
    • EPSS Score: %3.19
    • Published: Sep. 16, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-0951

    Buffer overflow in OmniHTTPd CGI program imagemap.exe allows remote attackers to execute commands.... Read more

    Affected Products : omnihttpd
    • EPSS Score: %4.58
    • Published: Oct. 22, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-0878

    Buffer overflow in WU-FTPD and related FTP servers allows remote attackers to gain root privileges via MAPPING_CHDIR.... Read more

    Affected Products : wu-ftpd beroftpd
    • EPSS Score: %1.35
    • Published: Aug. 22, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-0874

    Buffer overflow in IIS 4.0 allows remote attackers to cause a denial of service via a malformed request for files with .HTR, .IDC, or .STM extensions.... Read more

    • EPSS Score: %85.13
    • Published: Jun. 16, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-0662

    A system-critical program or library does not have the appropriate patch, hotfix, or service pack installed, or is outdated or obsolete.... Read more

    Affected Products :
    • EPSS Score: %0.48
    • Published: Jan. 01, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-0527

    The permissions for system-critical data in an anonymous FTP account are inappropriate. For example, the root directory is writeable by world, a real password file is obtainable, or executable commands such as "ls" can be overwritten.... Read more

    Affected Products :
    • EPSS Score: %0.35
    • Published: Jan. 01, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-0198

    finger .@host on some systems may print information on some user accounts.... Read more

    Affected Products :
    • EPSS Score: %0.48
    • Published: Jan. 01, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    CRITICAL
    CVE-2024-2973

    An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks Session Smart Router or conductor running with a redundant peer allows a network based attacker to bypass authentication and take full control of the device. Onl... Read more

    Affected Products :
    • Published: Jun. 27, 2024
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2023-22518

    All versions of Confluence Data Center and Server are affected by this unexploited vulnerability. This Improper Authorization vulnerability allows an unauthenticated attacker to reset Confluence and create a Confluence instance administrator account. Usin... Read more

    • Actively Exploited
    • EPSS Score: %94.38
    • Published: Oct. 31, 2023
    • Modified: Feb. 10, 2025

  • 10.0

    HIGH
    CVE-2012-5087

    Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans.... Read more

    Affected Products : jdk jre
    • EPSS Score: %6.22
    • Published: Oct. 16, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2022-30310

    In Festo Controller CECC-X-M1 product family in multiple versions, the http-endpoint "cecc-x-acknerr-request" POST request doesn’t check for port syntax. This can result in unauthorized execution of system commands with root privileges due to improper acc... Read more

    • EPSS Score: %1.09
    • Published: Jun. 13, 2022
    • Modified: Nov. 21, 2024
Showing 20 of 291368 Results