Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2001-1199

    Cross-site scripting vulnerability in agora.cgi for Agora 3.0a through 4.0g, when debug mode is enabled, allows remote attackers to execute Javascript on other clients via the cart_id parameter.... Read more

    Affected Products : agora.cgi
    • EPSS Score: %4.67
    • Published: Dec. 17, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1195

    Novell Groupwise 5.5 and 6.0 Servlet Gateway is installed with a default username and password for the servlet manager, which allows remote attackers to gain privileges.... Read more

    Affected Products : groupwise
    • EPSS Score: %4.70
    • Published: Dec. 15, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1214

    manual.php in Marcus S. Xenakis Unix Manual 1.0 allows remote attackers to execute arbitrary code via a URL that contains shell metacharacters.... Read more

    Affected Products : unix_manual
    • EPSS Score: %3.64
    • Published: Dec. 15, 2001
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2001-1198

    RLPDaemon in HP-UX 10.20 and 11.0 allows local users to overwrite arbitrary files and gain privileges by specifying the target file in the -L option.... Read more

    Affected Products : hp-ux
    • EPSS Score: %0.05
    • Published: Dec. 15, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0727

    Internet Explorer 6.0 allows remote attackers to execute arbitrary code by modifying the Content-Disposition and Content-Type header fields in a way that causes Internet Explorer to believe that the file is safe to open without prompting the user, aka the... Read more

    Affected Products : internet_explorer
    • EPSS Score: %50.66
    • Published: Dec. 14, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2001-1197

    klprfax_filter in KDE2 KDEUtils allows local users to overwrite arbitrary files via a symlink attack on the klprfax.filter temporary file.... Read more

    Affected Products : kdeutils
    • EPSS Score: %0.07
    • Published: Dec. 14, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1194

    Zyxel Prestige 681 and 1600 SDSL Routers allow remote attackers to cause a denial of service via malformed packets with (1) an IP length less than actual packet size, or (2) fragmented packets whose size exceeds 64 kilobytes after reassembly.... Read more

    Affected Products : prestige_1600 prestige_681
    • EPSS Score: %3.73
    • Published: Dec. 14, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0874

    Internet Explorer 5.5 and 6.0 allow remote attackers to read certain files via HTML that passes information from a frame in the client's domain to a frame in the web site's domain, a variant of the "Frame Domain Verification" vulnerability.... Read more

    Affected Products : internet_explorer
    • EPSS Score: %31.69
    • Published: Dec. 13, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1192

    Citrix Independent Computing Architecture (ICA) Client for Windows 6.1 allows remote malicious web sites to execute arbitrary code via a .ICA file, which is downloaded and automatically executed by the client.... Read more

    Affected Products : ica_client
    • EPSS Score: %1.07
    • Published: Dec. 13, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2001-1189

    IBM Websphere Application Server 3.5.3 and earlier stores a password in cleartext in the sas.server.props file, which allows local users to obtain the passwords via a JSP script.... Read more

    Affected Products : websphere_application_server
    • EPSS Score: %0.07
    • Published: Dec. 13, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1193

    Directory traversal vulnerability in EFTP 2.0.8.346 allows local users to read directories via a ... (modified dot dot) in the CWD command.... Read more

    Affected Products : eftp
    • EPSS Score: %1.07
    • Published: Dec. 13, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2001-1190

    The default PAM files included with passwd in Mandrake Linux 8.1 do not support MD5 passwords, which could result in a lower level of password security than intended.... Read more

    Affected Products : mandrake_linux
    • EPSS Score: %0.07
    • Published: Dec. 12, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0797

    Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin.... Read more

    Affected Products : aix solaris hp-ux sunos openserver irix
    • EPSS Score: %88.62
    • Published: Dec. 12, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1187

    csvform.pl 0.1 allows remote attackers to execute arbitrary commands via metacharacters in the file parameter.... Read more

    Affected Products : csvform csvform_plus
    • EPSS Score: %3.12
    • Published: Dec. 11, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1188

    mailto.exe in Brian Dorricott MAILTO 1.0.9 and earlier allows remote attackers to send SPAM e-mail through remote servers by modifying the sendto, email, server, subject, and resulturl hidden form fields.... Read more

    Affected Products : mailto
    • EPSS Score: %2.37
    • Published: Dec. 11, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0890

    Certain backend drivers in the SANE library 1.0.3 and earlier, as used in frontend software such as XSane, allows local users to modify files via a symlink attack on temporary files.... Read more

    Affected Products : linux sane
    • EPSS Score: %0.09
    • Published: Dec. 11, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1186

    Microsoft IIS 5.0 allows remote attackers to cause a denial of service via an HTTP request with a content-length value that is larger than the size of the request, which prevents IIS from timing out the connection.... Read more

    Affected Products : internet_information_services
    • EPSS Score: %32.41
    • Published: Dec. 11, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1191

    WebSeal in IBM Tivoli SecureWay Policy Director 3.8 allows remote attackers to cause a denial of service (crash) via a URL that ends in %2e.... Read more

    Affected Products : tivoli_secureway_policy_director
    • EPSS Score: %0.61
    • Published: Dec. 11, 2001
    • Modified: Apr. 03, 2025

  • 6.2

    MEDIUM
    CVE-2001-1185

    Some AIO operations in FreeBSD 4.4 may be delayed until after a call to execve, which could allow a local user to overwrite memory of the new process and gain privileges.... Read more

    Affected Products : freebsd
    • EPSS Score: %0.13
    • Published: Dec. 10, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0953

    Kebi WebMail allows remote attackers to access the administrator menu and gain privileges via the /a/ hidden directory, which is installed under the web document root.... Read more

    Affected Products : kebi_community
    • EPSS Score: %1.10
    • Published: Dec. 08, 2001
    • Modified: Apr. 03, 2025
Showing 20 of 291196 Results