Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.4

    MEDIUM
    CVE-2001-1213

    The default configuration of DataWizard FtpXQ 2.0 and 2.1 includes a default username and password, which allows remote attackers to read and write arbitrary files in the root folder.... Read more

    Affected Products : ftpxq
    • EPSS Score: %0.53
    • Published: Dec. 18, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1212

    Cross-site scripting vulnerability in catgy.cgi for Aktivate 1.03 allows remote attackers to execute arbitrary Javascript via the desc parameter.... Read more

    Affected Products : aktivate
    • EPSS Score: %4.38
    • Published: Dec. 18, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2001-1448

    Magic eDeveloper Enterprise Edition 8.30-5 and earlier allows local users to overwrite arbitrary files and possibly execute code via a symlink attack on temporary files created by the (1) mkuserproc, (2) mgrnt, and (3) mgdatasrvr.sc scripts.... Read more

    Affected Products : edeveloper
    • EPSS Score: %0.12
    • Published: Dec. 17, 2001
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2001-1201

    Buffer overflow in wmcube-gdk for WMCube/GDK 0.98 allows local users to execute arbitrary code via long lines in the object description file.... Read more

    Affected Products : wmcube_gdk
    • EPSS Score: %0.03
    • Published: Dec. 17, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1199

    Cross-site scripting vulnerability in agora.cgi for Agora 3.0a through 4.0g, when debug mode is enabled, allows remote attackers to execute Javascript on other clients via the cart_id parameter.... Read more

    Affected Products : agora.cgi
    • EPSS Score: %4.67
    • Published: Dec. 17, 2001
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2001-1200

    Microsoft Windows XP allows local users to bypass a locked screen and run certain programs that are associated with Hot Keys.... Read more

    Affected Products : windows_xp
    • EPSS Score: %0.25
    • Published: Dec. 17, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-1196

    Directory traversal vulnerability in edit_action.cgi of Webmin Directory 0.91 allows attackers to gain privileges via a '..' (dot dot) in the argument.... Read more

    Affected Products : webmin
    • EPSS Score: %3.92
    • Published: Dec. 17, 2001
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2001-1198

    RLPDaemon in HP-UX 10.20 and 11.0 allows local users to overwrite arbitrary files and gain privileges by specifying the target file in the -L option.... Read more

    Affected Products : hp-ux
    • EPSS Score: %0.05
    • Published: Dec. 15, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1195

    Novell Groupwise 5.5 and 6.0 Servlet Gateway is installed with a default username and password for the servlet manager, which allows remote attackers to gain privileges.... Read more

    Affected Products : groupwise
    • EPSS Score: %4.70
    • Published: Dec. 15, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1214

    manual.php in Marcus S. Xenakis Unix Manual 1.0 allows remote attackers to execute arbitrary code via a URL that contains shell metacharacters.... Read more

    Affected Products : unix_manual
    • EPSS Score: %3.64
    • Published: Dec. 15, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2001-1197

    klprfax_filter in KDE2 KDEUtils allows local users to overwrite arbitrary files via a symlink attack on the klprfax.filter temporary file.... Read more

    Affected Products : kdeutils
    • EPSS Score: %0.07
    • Published: Dec. 14, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1194

    Zyxel Prestige 681 and 1600 SDSL Routers allow remote attackers to cause a denial of service via malformed packets with (1) an IP length less than actual packet size, or (2) fragmented packets whose size exceeds 64 kilobytes after reassembly.... Read more

    Affected Products : prestige_1600 prestige_681
    • EPSS Score: %3.73
    • Published: Dec. 14, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0727

    Internet Explorer 6.0 allows remote attackers to execute arbitrary code by modifying the Content-Disposition and Content-Type header fields in a way that causes Internet Explorer to believe that the file is safe to open without prompting the user, aka the... Read more

    Affected Products : internet_explorer
    • EPSS Score: %50.66
    • Published: Dec. 14, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1192

    Citrix Independent Computing Architecture (ICA) Client for Windows 6.1 allows remote malicious web sites to execute arbitrary code via a .ICA file, which is downloaded and automatically executed by the client.... Read more

    Affected Products : ica_client
    • EPSS Score: %1.07
    • Published: Dec. 13, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1193

    Directory traversal vulnerability in EFTP 2.0.8.346 allows local users to read directories via a ... (modified dot dot) in the CWD command.... Read more

    Affected Products : eftp
    • EPSS Score: %1.07
    • Published: Dec. 13, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2001-1189

    IBM Websphere Application Server 3.5.3 and earlier stores a password in cleartext in the sas.server.props file, which allows local users to obtain the passwords via a JSP script.... Read more

    Affected Products : websphere_application_server
    • EPSS Score: %0.07
    • Published: Dec. 13, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0874

    Internet Explorer 5.5 and 6.0 allow remote attackers to read certain files via HTML that passes information from a frame in the client's domain to a frame in the web site's domain, a variant of the "Frame Domain Verification" vulnerability.... Read more

    Affected Products : internet_explorer
    • EPSS Score: %31.69
    • Published: Dec. 13, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0797

    Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin.... Read more

    Affected Products : aix solaris hp-ux sunos openserver irix
    • EPSS Score: %88.62
    • Published: Dec. 12, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2001-1190

    The default PAM files included with passwd in Mandrake Linux 8.1 do not support MD5 passwords, which could result in a lower level of password security than intended.... Read more

    Affected Products : mandrake_linux
    • EPSS Score: %0.07
    • Published: Dec. 12, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1191

    WebSeal in IBM Tivoli SecureWay Policy Director 3.8 allows remote attackers to cause a denial of service (crash) via a URL that ends in %2e.... Read more

    Affected Products : tivoli_secureway_policy_director
    • EPSS Score: %0.61
    • Published: Dec. 11, 2001
    • Modified: Apr. 03, 2025
Showing 20 of 291222 Results