Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2000-0493

    Buffer overflow in Simple Network Time Sync (SMTS) daemon allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long string.... Read more

    Affected Products : time_sync
    • Published: Jun. 01, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0557

    Buffer overflow in the web interface for Cmail 2.4.7 allows remote attackers to execute arbitrary commands via a long GET request.... Read more

    Affected Products : cmail
    • Published: Jun. 05, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0390

    Buffer overflow in krb425_conv_principal function in Kerberos 5 allows remote attackers to gain root privileges.... Read more

    • Published: May. 16, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0389

    Buffer overflow in krb_rd_req function in Kerberos 4 and 5 allows remote attackers to gain root privileges.... Read more

    • Published: May. 16, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0384

    NetStructure 7110 and 7180 have undocumented accounts (servnow, root, and wizard) whose passwords are easily guessable from the NetStructure's MAC address, which could allow remote attackers to gain root access.... Read more

    Affected Products : netstructure_7110 netstructure_7180
    • Published: May. 08, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0449

    Omnis Studio 2.4 uses weak encryption (trivial encoding) for encrypting database fields.... Read more

    Affected Products : studio
    • Published: May. 01, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2018-10192

    IPVanish 3.0.11 for macOS suffers from a root privilege escalation vulnerability. The `com.ipvanish.osx.vpnhelper` LaunchDaemon implements an insecure XPC service that could allow an attacker to execute arbitrary code as the root user. IPVanish uses a thi... Read more

    Affected Products : ipvanish
    • Published: Apr. 17, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2003-1236

    Multiple format string vulnerabilities in the logger function in netzio.c for Tanne 0.6.17 allows remote attackers to execute arbitrary code via format string specifiers in syslog.... Read more

    Affected Products : tanne
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0353

    Pine 4.x allows a remote attacker to execute arbitrary commands via an index.html file which executes lynx and obtains a uudecoded file from a malicious web server, which is then executed by Pine.... Read more

    Affected Products : pine
    • Published: Jun. 28, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2003-1043

    SQL injection vulnerability in Bugzilla 2.16.3 and earlier, and 2.17.1 through 2.17.4, allows remote authenticated users with editkeywords privileges to execute arbitrary SQL via the id parameter to editkeywords.cgi.... Read more

    Affected Products : bugzilla
    • Published: Aug. 18, 2004
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2018-10169

    ProtonVPN 1.3.3 for Windows suffers from a SYSTEM privilege escalation vulnerability through the "ProtonVPN Service" service. This service establishes an NetNamedPipe endpoint that allows arbitrary installed applications to connect and call publicly expos... Read more

    Affected Products : protonvpn
    • Published: Apr. 16, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-10171

    Kromtech MacKeeper 3.20.4 suffers from a root privilege escalation vulnerability through its `com.mackeeper.AdwareAnalyzer.AdwareAnalyzerPrivilegedHelper` component. The AdwareAnalzyerPrivilegedHelper tool implements an XPC service that allows an unprivil... Read more

    Affected Products : mackeeper
    • Published: Jun. 05, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2003-0786

    The SSH1 PAM challenge response authentication in OpenSSH 3.7.1 and 3.7.1p1, when Privilege Separation is disabled, does not check the result of the authentication attempt, which can allow remote attackers to gain privileges.... Read more

    Affected Products : openssh
    • Published: Nov. 17, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2018-10143

    The Palo Alto Networks Expedition Migration tool 1.0.107 and earlier may allow an unauthenticated attacker with remote access to run system level commands on the device hosting this service/application.... Read more

    Affected Products : expedition
    • Published: Dec. 12, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2003-0478

    Format string vulnerability in (1) Bahamut IRCd 1.4.35 and earlier, and other IRC daemons based on Bahamut including (2) digatech 1.2.1, (3) methane 0.1.1, (4) AndromedeIRCd 1.2.3-Release, and (5) ircd-RU, when running in debug mode, allows remote attacke... Read more

    Affected Products : adromedeircd methane digatech ircd-ru ircd
    • Published: Aug. 07, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0191

    Axis StorPoint CD allows remote attackers to access administrator URLs without authentication via a .. (dot dot) attack.... Read more

    Affected Products : storpoint_cd
    • Published: Feb. 29, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2003-0224

    Buffer overflow in ssinc.dll for Microsoft Internet Information Services (IIS) 5.0 allows local users to execute arbitrary code via a web page with a Server Side Include (SSI) directive with a long filename, aka "Server Side Include Web Pages Buffer Overr... Read more

    Affected Products : internet_information_services iis
    • Published: Jun. 09, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0081

    Hotmail does not properly filter JavaScript code from a user's mailbox, which allows a remote attacker to execute the code by using hexadecimal codes to specify the javascript: protocol, e.g. jAvascript.... Read more

    Affected Products : hotmail
    • Published: Jan. 10, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0065

    Buffer overflow in InetServ 3.0 allows remote attackers to execute commands via a long GET request.... Read more

    Affected Products : inetserv
    • Published: Jan. 17, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0026

    Buffer overflow in UnixWare i2odialogd daemon allows remote attackers to gain root access via a long username/password authorization string.... Read more

    Affected Products : unixware wmmon
    • Published: Dec. 21, 1999
    • Modified: Apr. 03, 2025
Showing 20 of 293259 Results