Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2001-1225

    Hughes Technology Mini SQL 2.0.10 through 2.0.12 allows local users to cause a denial of service by creating a very large array in a table, which causes miniSQL to crash when the table is queried.... Read more

    Affected Products : msql
    • EPSS Score: %0.06
    • Published: Dec. 26, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-1223

    The web administration server for ELSA Lancom 1100 Office does not require authentication, which allows arbitrary remote attackers to gain administrative privileges by connecting to the server.... Read more

    Affected Products : lancom_1100_office
    • EPSS Score: %2.32
    • Published: Dec. 26, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1351

    Cross-site scripting vulnerability in Namazu 2.0.8 and earlier allows remote attackers to execute arbitrary Javascript as other web users via the index file name that is displayed when displaying hit numbers.... Read more

    Affected Products : namazu
    • EPSS Score: %0.85
    • Published: Dec. 25, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1226

    AdCycle 1.17 and earlier allow remote attackers to modify SQL queries, which are not properly sanitized before being passed to the MySQL database.... Read more

    Affected Products : adcycle
    • EPSS Score: %0.62
    • Published: Dec. 25, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1224

    get_input in adrotate.pm for Les VanBrunt AdRotate Pro 2.0 allows remote attackers to modify the database and possibly execute arbitrary commands via a SQL code injection attack.... Read more

    Affected Products : adrotate_pro
    • EPSS Score: %1.29
    • Published: Dec. 23, 2001
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-2001-0884

    Cross-site scripting vulnerability in Mailman email archiver before 2.08 allows attackers to obtain sensitive information or authentication credentials via a malicious link that is accessed by other web users.... Read more

    Affected Products : mailman
    • EPSS Score: %0.65
    • Published: Dec. 21, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-1220

    D-Link DWL-1000AP Firmware 3.2.28 #483 Wireless LAN Access Point stores the administrative password in plaintext in the default Management Information Base (MIB), which allows remote attackers to gain administrative privileges.... Read more

    Affected Products : dwl-1000ap
    • EPSS Score: %0.81
    • Published: Dec. 21, 2001
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2001-0873

    uuxqt in Taylor UUCP package does not properly remove dangerous long options, which allows local users to gain privileges by calling uux and specifying an alternate configuration file with the --config option.... Read more

    Affected Products : linux taylor_uucp
    • EPSS Score: %0.25
    • Published: Dec. 21, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-1999-1174

    ZIP drive for Iomega ZIP-100 disks allows attackers with physical access to the drive to bypass password protection by inserting a known disk with a known password, waiting for the ZIP drive to power down, manually replacing the known disk with the target... Read more

    Affected Products : zip_100_mb_drive
    • EPSS Score: %0.08
    • Published: Dec. 21, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0871

    Directory traversal vulnerability in HTTP server for Alchemy Eye and Alchemy Network Monitor allows remote attackers to execute arbitrary commands via an HTTP request containing (1) a .. in versions 2.0 through 2.6.18, or (2) a DOS device name followed by... Read more

    Affected Products : alchemy_eye alchemy_network_monitor
    • EPSS Score: %3.86
    • Published: Dec. 21, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1216

    Buffer overflow in PL/SQL Apache module in Oracle 9i Application Server allows remote attackers to execute arbitrary code via a long request for a help page.... Read more

    Affected Products : application_server
    • EPSS Score: %4.70
    • Published: Dec. 21, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1217

    Directory traversal vulnerability in PL/SQL Apache module in Oracle Oracle 9i Application Server allows remote attackers to access sensitive information via a double encoded URL with .. (dot dot) sequences.... Read more

    Affected Products : application_server
    • EPSS Score: %6.55
    • Published: Dec. 21, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0870

    HTTP server in Alchemy Eye and Alchemy Network Monitor 1.9x through 2.6.18 is enabled without authentication by default, which allows remote attackers to obtain network monitoring logs with potentially sensitive information by directly requesting the eye.... Read more

    Affected Products : alchemy_eye alchemy_network_monitor
    • EPSS Score: %1.10
    • Published: Dec. 21, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0888

    Atmel Firmware 1.3 Wireless Access Point (WAP) allows remote attackers to cause a denial of service via a SNMP request with (1) a community string other than "public" or (2) an unknown OID, which causes the WAP to deny subsequent SNMP requests.... Read more

    Affected Products : wap11 me102 firmware
    • EPSS Score: %0.74
    • Published: Dec. 21, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1221

    D-Link DWL-1000AP Firmware 3.2.28 #483 Wireless LAN Access Point uses a default SNMP community string of 'public' which allows remote attackers to gain sensitive information.... Read more

    Affected Products : dwl-1000ap
    • EPSS Score: %0.56
    • Published: Dec. 21, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-1440

    Unknown vulnerability in login for AIX 5.1L, when using loadable authentication modules, allows remote attackers to gain access to the system.... Read more

    Affected Products : aix
    • EPSS Score: %3.10
    • Published: Dec. 21, 2001
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2001-0872

    OpenSSH 3.0.1 and earlier with UseLogin enabled does not properly cleanse critical environment variables such as LD_PRELOAD, which allows local users to gain root privileges.... Read more

    Affected Products : openssh suse_linux linux
    • EPSS Score: %0.21
    • Published: Dec. 21, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0869

    Format string vulnerability in the default logging callback function _sasl_syslog in common.c in Cyrus SASL library (cyrus-sasl) may allow remote attackers to execute arbitrary commands.... Read more

    • EPSS Score: %2.38
    • Published: Dec. 21, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2001-0886

    Buffer overflow in glob function of glibc allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a glob pattern that ends in a brace "{" character.... Read more

    Affected Products : debian_linux linux
    • EPSS Score: %0.23
    • Published: Dec. 21, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0542

    Buffer overflows in Microsoft SQL Server 7.0 and 2000 allow attackers with access to SQL Server to execute arbitrary code through the functions (1) raiserror, (2) formatmessage, or (3) xp_sprintf. NOTE: the C runtime format string vulnerability reported ... Read more

    Affected Products : sql_server sql_server
    • EPSS Score: %10.36
    • Published: Dec. 20, 2001
    • Modified: Apr. 03, 2025
Showing 20 of 291209 Results