Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2019-3925

    Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 are vulnerable to command injection via SNMP OID iso.3.6.1.4.1.3212.100.3.2.9.3. A remote, unauthenticated attacker can use this vulnerability to execute operating system commands as r... Read more

    • Published: Apr. 30, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2000-0894

    HTTP server on the WatchGuard SOHO firewall does not properly restrict access to administrative functions such as password resets or rebooting, which allows attackers to cause a denial of service or conduct unauthorized activities.... Read more

    Affected Products : soho_firewall
    • Published: Feb. 12, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0985

    Buffer overflow in All-Mail 1.1 allows remote attackers to execute arbitrary commands via a long "MAIL FROM" or "RCPT TO" command.... Read more

    Affected Products : all-mail
    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2019-3929

    The Crestron AM-100 firmware 1.6.0.2, Crestron AM-101 firmware 2.7.0.1, Barco wePresent WiPG-1000P firmware 2.3.0.10, Barco wePresent WiPG-1600W before firmware 2.4.1.19, Extron ShareLink 200/250 firmware 2.0.3.4, Teq AV IT WIPS710 firmware 1.1.0.7, SHARP... Read more

    • Actively Exploited
    • Published: Apr. 30, 2019
    • Modified: Feb. 07, 2025

  • 10.0

    HIGH
    CVE-2000-0964

    Buffer overflow in the web administration service for the HiNet LP5100 IP-phone allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long GET request.... Read more

    Affected Products : hinet_lp
    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    CRITICAL
    CVE-2019-3905

    Zoho ManageEngine ADSelfService Plus 5.x before build 5703 has SSRF.... Read more

    Affected Products : manageengine_adselfservice_plus
    • Published: Jan. 03, 2019
    • Modified: May. 30, 2025

  • 10.0

    HIGH
    CVE-1999-0950

    Buffer overflow in WFTPD FTP server allows remote attackers to gain root access via a series of MKD and CWD commands that create nested directories.... Read more

    Affected Products : wftpd
    • Published: Oct. 28, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    CRITICAL
    CVE-2019-3809

    A flaw was found in Moodle versions 3.1 to 3.1.15 and earlier unsupported versions. The mybackpack functionality allowed setting the URL of badges, when it should be restricted to the Mozilla Open Badges backpack URL. This resulted in the possibility of b... Read more

    Affected Products : moodle
    • Published: Mar. 25, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2000-0818

    The default installation for the Oracle listener program 7.3.4, 8.0.6, and 8.1.6 allows an attacker to cause logging information to be appended to arbitrary files and execute commands via the SET TRC_FILE or SET LOG_FILE commands.... Read more

    Affected Products : listener
    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0803

    GNU Groff uses the current working directory to find a device description file, which allows a local user to gain additional privileges by including a malicious postpro directive in the description file, which is executed when another user runs groff.... Read more

    Affected Products : groff
    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0747

    The logrotate script for OpenLDAP before 1.2.11 in Conectiva Linux sends an improper signal to the kernel log daemon (klogd) and kills it.... Read more

    Affected Products : linux
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0690

    Auction Weaver CGI script 1.02 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the fromfile parameter.... Read more

    Affected Products : auction_weaver
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0586

    Buffer overflow in Dalnet IRC server 4.6.5 allows remote attackers to cause a denial of service or execute arbitrary commands via the SUMMON command.... Read more

    Affected Products : ircd
    • Published: Jun. 29, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0587

    The privpath directive in glftpd 1.18 allows remote attackers to bypass access restrictions for directories by using the file name completion capability.... Read more

    Affected Products : glftpd
    • Published: Jun. 26, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0638

    bb-hostsvc.sh in Big Brother 1.4h1 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack on the HOSTSVC parameter.... Read more

    Affected Products : big_brother
    • Published: Jul. 11, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2019-3707

    Dell EMC iDRAC9 versions prior to 3.30.30.30 contain an authentication bypass vulnerability. A remote attacker may potentially exploit this vulnerability to bypass authentication and gain access to the system by sending specially crafted input data to the... Read more

    Affected Products : idrac9_firmware
    • Published: Apr. 26, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2000-0527

    userreg.cgi CGI program in MailStudio 2000 2.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters.... Read more

    Affected Products : mailstudio_2000
    • Published: Jun. 09, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0506

    The "capabilities" feature in Linux before 2.2.16 allows local users to cause a denial of service or gain privileges by setting the capabilities to prevent a setuid program from dropping privileges, aka the "Linux kernel setuid/setcap vulnerability."... Read more

    Affected Products : linux_kernel
    • Published: Jun. 09, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0585

    ISC DHCP client program dhclient allows remote attackers to execute arbitrary commands via shell metacharacters.... Read more

    Affected Products : dhcp_client
    • Published: Jun. 24, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0573

    The lreply function in wu-ftpd 2.6.0 and earlier does not properly cleanse an untrusted format string, which allows remote attackers to execute arbitrary commands via the SITE EXEC command.... Read more

    Affected Products : hp-ux
    • Published: Jul. 07, 2000
    • Modified: Apr. 03, 2025
Showing 20 of 292803 Results