Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2000-0638

    bb-hostsvc.sh in Big Brother 1.4h1 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack on the HOSTSVC parameter.... Read more

    Affected Products : big_brother
    • Published: Jul. 11, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2019-3707

    Dell EMC iDRAC9 versions prior to 3.30.30.30 contain an authentication bypass vulnerability. A remote attacker may potentially exploit this vulnerability to bypass authentication and gain access to the system by sending specially crafted input data to the... Read more

    Affected Products : idrac9_firmware
    • Published: Apr. 26, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2000-0527

    userreg.cgi CGI program in MailStudio 2000 2.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters.... Read more

    Affected Products : mailstudio_2000
    • Published: Jun. 09, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0506

    The "capabilities" feature in Linux before 2.2.16 allows local users to cause a denial of service or gain privileges by setting the capabilities to prevent a setuid program from dropping privileges, aka the "Linux kernel setuid/setcap vulnerability."... Read more

    Affected Products : linux_kernel
    • Published: Jun. 09, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0585

    ISC DHCP client program dhclient allows remote attackers to execute arbitrary commands via shell metacharacters.... Read more

    Affected Products : dhcp_client
    • Published: Jun. 24, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0573

    The lreply function in wu-ftpd 2.6.0 and earlier does not properly cleanse an untrusted format string, which allows remote attackers to execute arbitrary commands via the SITE EXEC command.... Read more

    Affected Products : hp-ux
    • Published: Jul. 07, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0551

    The file transfer mechanism in Danware NetOp 6.0 does not provide authentication, which allows remote attackers to access and modify arbitrary files.... Read more

    Affected Products : netop
    • Published: May. 23, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2019-3705

    Dell EMC iDRAC6 versions prior to 2.92, iDRAC7/iDRAC8 versions prior to 2.61.60.60, and iDRAC9 versions prior to 3.20.21.20, 3.21.24.22, 3.21.26.22 and 3.23.23.23 contain a stack-based buffer overflow vulnerability. An unauthenticated remote attacker may ... Read more

    • Published: Apr. 26, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2000-0509

    Buffer overflows in the finger and whois demonstration scripts in Sambar Server 4.3 allow remote attackers to execute arbitrary commands via a long hostname.... Read more

    Affected Products : sambar_server
    • Published: Jun. 01, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0405

    Buffer overflow in L0pht AntiSniff allows remote attackers to execute arbitrary commands via a malformed DNS response packet.... Read more

    Affected Products : antisniff
    • Published: May. 16, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0376

    Buffer overflow in the HTTP proxy server for the i-drive Filo software allows remote attackers to execute arbitrary commands via a long HTTP GET request.... Read more

    Affected Products : filo
    • Published: Jun. 07, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0374

    The default configuration of kdm in Caldera and Mandrake Linux, and possibly other distributions, allows XDMCP connections from any host, which allows remote attackers to obtain sensitive information or bypass additional access restrictions.... Read more

    Affected Products : solaris openlinux
    • Published: Aug. 22, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0300

    The default encryption method of PcAnywhere 9.x uses weak encryption, which allows remote attackers to sniff and decrypt PcAnywhere or NT domain accounts.... Read more

    Affected Products : pcanywhere
    • Published: Apr. 06, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2007-1457

    Buffer overflow in the urarlib_get function in Christian Scheurer UniquE RAR File Library (unrarlib, aka URARFileLib) 0.4 allows context-dependent attackers to execute arbitrary code via a long (1) filename, (2) rarfile, or (3) libpassword argument.... Read more

    Affected Products : unrarlib urarfilelib
    • Published: Mar. 14, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2000-0343

    Buffer overflow in Sniffit 0.3.x with the -L logging option enabled allows remote attackers to execute arbitrary commands via a long MAIL FROM mail header.... Read more

    Affected Products : sniffit
    • Published: May. 02, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0322

    The passwd.php3 CGI script in the Red Hat Piranha Virtual Server Package allows local users to execute arbitrary commands via shell metacharacters.... Read more

    Affected Products : linux
    • Published: Apr. 24, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0308

    Insecure file permissions for Netscape FastTrack Server 2.x, Enterprise Server 2.0, and Proxy Server 2.5 in SCO UnixWare 7.0.x and 2.1.3 allow an attacker to gain root privileges.... Read more

    • Published: Mar. 12, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0177

    DNSTools CGI applications allow remote attackers to execute arbitrary commands via shell metacharacters.... Read more

    Affected Products : dnstools
    • Published: Mar. 02, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0253

    The dansie shopping cart application cart.pl allows remote attackers to modify sensitive purchase information via hidden form fields.... Read more

    Affected Products : dansie_shopping_cart
    • Published: Apr. 11, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0175

    Buffer overflow in StarOffice StarScheduler web server allows remote attackers to gain root access via a long GET command.... Read more

    Affected Products : staroffice
    • Published: Mar. 09, 2000
    • Modified: Apr. 03, 2025
Showing 20 of 293338 Results