Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.6

    MEDIUM
    CVE-2001-1477

    The Domain gateway in BEA Tuxedo 7.1 does not perform authorization checks for imported services and qspaces on remote domains, even when an ACL exists, which allows users to access services in a remote domain.... Read more

    Affected Products : tuxedo
    • EPSS Score: %0.08
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-1518

    RunAs (runas.exe) in Windows 2000 only creates one session instance at a time, which allows local users to cause a denial of service (RunAs hang) by creating a named pipe session with the authentication server without any request for service. NOTE: the v... Read more

    Affected Products : windows_2000
    • EPSS Score: %0.61
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1480

    Java Runtime Environment (JRE) and SDK 1.2 through 1.3.0_04 allows untrusted applets to access the system clipboard.... Read more

    Affected Products : jre sdk jdk mac_os_runtime_for_java
    • EPSS Score: %0.54
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2001-1524

    Cross-site scripting (XSS) vulnerability in PHP-Nuke 5.3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) uname parameter in user.php, (2) ttitle, letter and file parameters in modules.php, (3) subject, story and st... Read more

    Affected Products : php-nuke
    • EPSS Score: %0.11
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-1573

    Buffer overflow in smtpscan.dll for Trend Micro InterScan VirusWall 3.51 for Windows NT has allows remote attackers to execute arbitrary code via a certain configuration parameter.... Read more

    Affected Products : interscan_viruswall
    • EPSS Score: %1.95
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1544

    Directory traversal vulnerability in Macromedia JRun Web Server (JWS) 2.3.3, 3.0 and 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTP GET request.... Read more

    Affected Products : jrun
    • EPSS Score: %0.38
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1209

    Directory traversal vulnerability in zml.cgi allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.... Read more

    Affected Products : zml.cgi
    • EPSS Score: %4.67
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1500

    ProFTPD 1.2.2rc2, and possibly other versions, does not properly verify reverse-resolved hostnames by performing forward resolution, which allows remote attackers to bypass ACLs or cause an incorrect client hostname to be logged.... Read more

    Affected Products : proftpd
    • EPSS Score: %1.08
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1501

    The glob functionality in ProFTPD 1.2.1, and possibly other versions allows remote attackers to cause a denial of service (CPU and memory consumption) via commands with large numbers of wildcard and other special characters, as demonstrated using an ls co... Read more

    Affected Products : proftpd
    • EPSS Score: %8.15
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1502

    webcart.cgi in Mountain Network Systems WebCart 8.4 allows remote attackers to execute arbitrary commands via shell metacharacters in the NEXTPAGE parameter.... Read more

    Affected Products : webcart
    • EPSS Score: %8.72
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1543

    Axis network camera 2120, 2110, 2100, 200+ and 200 contains a default administration password "pass", which allows remote attackers to gain access to the camera.... Read more

    • EPSS Score: %0.90
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2001-1561

    Buffer overflow in Xvt 2.1 in Debian Linux 2.2 allows local users to execute arbitrary code via long (1) -name and (2) -T arguments.... Read more

    Affected Products : debian_linux xvt
    • EPSS Score: %0.22
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2001-1562

    Format string vulnerability in nvi before 1.79 allows local users to gain privileges via format string specifiers in a filename.... Read more

    Affected Products : nvi
    • EPSS Score: %0.05
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1580

    Directory traversal vulnerability in ScriptEase viewcode.jse for Netware 5.1 before 5.1 SP3 allows remote attackers to read arbitrary files via ".." sequences in the query string.... Read more

    Affected Products : netware scriptease_webserver
    • EPSS Score: %22.58
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-1583

    lpd daemon (in.lpd) in Solaris 8 and earlier allows remote attackers to execute arbitrary commands via a job request with a crafted control file that is not properly handled when lpd invokes a mail program. NOTE: this might be the same vulnerability as CV... Read more

    Affected Products : sunos
    • EPSS Score: %59.82
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2001-1523

    Cross-site scripting (XSS) vulnerability in the DMOZGateway module for PHP-Nuke allows remote attackers to inject arbitrary web script or HTML via the topic parameter.... Read more

    Affected Products : dmozgateway
    • EPSS Score: %0.35
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1547

    Outlook Express 6.0, with "Do not allow attachments to be saved or opened that could potentially be a virus" enabled, does not block email attachments from forwarded messages, which could allow remote attackers to execute arbitrary code.... Read more

    Affected Products : outlook_express
    • EPSS Score: %21.82
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1536

    Autogalaxy stores usernames and passwords in cleartext in cookies, which makes it easier for remote attackers to obtain authentication information and gain unauthorized access via sniffing or a cross-site scripting attack.... Read more

    Affected Products : audiogalaxy
    • EPSS Score: %0.76
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-1514

    ColdFusion 4.5 and 5, when running on Windows with the advanced security sandbox type set to "operating system," does not properly pass security context to (1) child processes created with <CFEXECUTE> and (2) child processes that call the CreateProcess fu... Read more

    Affected Products : coldfusion
    • EPSS Score: %0.08
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1466

    Buffer overflow in VanDyke SecureCRT before 3.4.2, when using the SSH-1 protocol, allows remote attackers to execute arbitrary code via a long (1) username or (2) password.... Read more

    Affected Products : securecrt
    • EPSS Score: %4.79
    • Published: Dec. 30, 2001
    • Modified: Apr. 03, 2025
Showing 20 of 291219 Results