Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2001-1219

    Microsoft Internet Explorer 6.0 and earlier allows malicious website operators to cause a denial of service (client crash) via JavaScript that continually refreshes the window via self.location.... Read more

    Affected Products : internet_explorer
    • EPSS Score: %5.35
    • Published: Dec. 20, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0542

    Buffer overflows in Microsoft SQL Server 7.0 and 2000 allow attackers with access to SQL Server to execute arbitrary code through the functions (1) raiserror, (2) formatmessage, or (3) xp_sprintf. NOTE: the C runtime format string vulnerability reported ... Read more

    Affected Products : sql_server sql_server
    • EPSS Score: %10.36
    • Published: Dec. 20, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1215

    Format string vulnerability in PFinger 0.7.5 through 0.7.7 allows remote attackers to execute arbitrary code via format string specifiers in a .plan file.... Read more

    Affected Products : pfinger
    • EPSS Score: %1.98
    • Published: Dec. 20, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0879

    Format string vulnerability in the C runtime functions in SQL Server 7.0 and 2000 allows attackers to cause a denial of service.... Read more

    • EPSS Score: %10.18
    • Published: Dec. 20, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0877

    Universal Plug and Play (UPnP) on Windows 98, 98SE, ME, and XP allows remote attackers to cause a denial of service via (1) a spoofed SSDP advertisement that causes the client to connect to a service on another machine that generates a large amount of tra... Read more

    • EPSS Score: %58.99
    • Published: Dec. 20, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0876

    Buffer overflow in Universal Plug and Play (UPnP) on Windows 98, 98SE, ME, and XP allows remote attackers to execute arbitrary code via a NOTIFY directive with a long Location URL.... Read more

    • EPSS Score: %81.68
    • Published: Dec. 20, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0889

    Exim 3.22 and earlier, in some configurations, does not properly verify the local part of an address when redirecting the address to a pipe, which could allow remote attackers to execute arbitrary commands via shell metacharacters.... Read more

    Affected Products : exim linux exim
    • EPSS Score: %1.01
    • Published: Dec. 19, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1212

    Cross-site scripting vulnerability in catgy.cgi for Aktivate 1.03 allows remote attackers to execute arbitrary Javascript via the desc parameter.... Read more

    Affected Products : aktivate
    • EPSS Score: %4.38
    • Published: Dec. 18, 2001
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2001-1213

    The default configuration of DataWizard FtpXQ 2.0 and 2.1 includes a default username and password, which allows remote attackers to read and write arbitrary files in the root folder.... Read more

    Affected Products : ftpxq
    • EPSS Score: %0.53
    • Published: Dec. 18, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-1196

    Directory traversal vulnerability in edit_action.cgi of Webmin Directory 0.91 allows attackers to gain privileges via a '..' (dot dot) in the argument.... Read more

    Affected Products : webmin
    • EPSS Score: %3.92
    • Published: Dec. 17, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1199

    Cross-site scripting vulnerability in agora.cgi for Agora 3.0a through 4.0g, when debug mode is enabled, allows remote attackers to execute Javascript on other clients via the cart_id parameter.... Read more

    Affected Products : agora.cgi
    • EPSS Score: %4.67
    • Published: Dec. 17, 2001
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2001-1200

    Microsoft Windows XP allows local users to bypass a locked screen and run certain programs that are associated with Hot Keys.... Read more

    Affected Products : windows_xp
    • EPSS Score: %0.25
    • Published: Dec. 17, 2001
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2001-1201

    Buffer overflow in wmcube-gdk for WMCube/GDK 0.98 allows local users to execute arbitrary code via long lines in the object description file.... Read more

    Affected Products : wmcube_gdk
    • EPSS Score: %0.03
    • Published: Dec. 17, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2001-1448

    Magic eDeveloper Enterprise Edition 8.30-5 and earlier allows local users to overwrite arbitrary files and possibly execute code via a symlink attack on temporary files created by the (1) mkuserproc, (2) mgrnt, and (3) mgdatasrvr.sc scripts.... Read more

    Affected Products : edeveloper
    • EPSS Score: %0.12
    • Published: Dec. 17, 2001
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2001-1198

    RLPDaemon in HP-UX 10.20 and 11.0 allows local users to overwrite arbitrary files and gain privileges by specifying the target file in the -L option.... Read more

    Affected Products : hp-ux
    • EPSS Score: %0.05
    • Published: Dec. 15, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1195

    Novell Groupwise 5.5 and 6.0 Servlet Gateway is installed with a default username and password for the servlet manager, which allows remote attackers to gain privileges.... Read more

    Affected Products : groupwise
    • EPSS Score: %4.70
    • Published: Dec. 15, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1214

    manual.php in Marcus S. Xenakis Unix Manual 1.0 allows remote attackers to execute arbitrary code via a URL that contains shell metacharacters.... Read more

    Affected Products : unix_manual
    • EPSS Score: %3.64
    • Published: Dec. 15, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2001-1197

    klprfax_filter in KDE2 KDEUtils allows local users to overwrite arbitrary files via a symlink attack on the klprfax.filter temporary file.... Read more

    Affected Products : kdeutils
    • EPSS Score: %0.07
    • Published: Dec. 14, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0727

    Internet Explorer 6.0 allows remote attackers to execute arbitrary code by modifying the Content-Disposition and Content-Type header fields in a way that causes Internet Explorer to believe that the file is safe to open without prompting the user, aka the... Read more

    Affected Products : internet_explorer
    • EPSS Score: %50.66
    • Published: Dec. 14, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1194

    Zyxel Prestige 681 and 1600 SDSL Routers allow remote attackers to cause a denial of service via malformed packets with (1) an IP length less than actual packet size, or (2) fragmented packets whose size exceeds 64 kilobytes after reassembly.... Read more

    Affected Products : prestige_1600 prestige_681
    • EPSS Score: %3.73
    • Published: Dec. 14, 2001
    • Modified: Apr. 03, 2025
Showing 20 of 291209 Results