Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2001-1565

    Point to Point Protocol daemon (pppd) in MacOS x 10.0 and 10.1 through 10.1.5 provides the username and password on the command line, which allows local users to obtain authentication information via the ps command.... Read more

    Affected Products : mac_os_x
    • EPSS Score: %0.18
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2001-1506

    Unknown vulnerability in the file system protection subsystem in HP Secure OS Software for Linux 1.0 allows additional user privileges on some files beyond what is specified in the file system protection rules, which allows local users to conduct unauthor... Read more

    Affected Products : secure_os
    • EPSS Score: %0.07
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1579

    The timed program (in.timed) in UnixWare 7 and OpenUnix 8.0.0 does not properly terminate certain strings with a null, which allows remote attackers to cause a denial of service.... Read more

    Affected Products : unixware open_unix
    • EPSS Score: %0.66
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1566

    Format string vulnerability in libvanessa_logger 0.0.1 in Perdition 0.1.8 allows remote attackers to execute arbitrary code via format string specifiers in the __vanessa_logger_log function.... Read more

    Affected Products : vanessa_logger perdition
    • EPSS Score: %2.12
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2001-1555

    pt_chmod in Solaris 8 does not call fdetach to reset terminal privileges when users log out of terminals, which allows local users to write to other users' terminals by modifying the ACL of a TTY.... Read more

    Affected Products : solaris sunos
    • EPSS Score: %0.07
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1500

    ProFTPD 1.2.2rc2, and possibly other versions, does not properly verify reverse-resolved hostnames by performing forward resolution, which allows remote attackers to bypass ACLs or cause an incorrect client hostname to be logged.... Read more

    Affected Products : proftpd
    • EPSS Score: %1.08
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1502

    webcart.cgi in Mountain Network Systems WebCart 8.4 allows remote attackers to execute arbitrary commands via shell metacharacters in the NEXTPAGE parameter.... Read more

    Affected Products : webcart
    • EPSS Score: %8.72
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1501

    The glob functionality in ProFTPD 1.2.1, and possibly other versions allows remote attackers to cause a denial of service (CPU and memory consumption) via commands with large numbers of wildcard and other special characters, as demonstrated using an ls co... Read more

    Affected Products : proftpd
    • EPSS Score: %8.15
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1209

    Directory traversal vulnerability in zml.cgi allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.... Read more

    Affected Products : zml.cgi
    • EPSS Score: %4.67
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-1583

    lpd daemon (in.lpd) in Solaris 8 and earlier allows remote attackers to execute arbitrary commands via a job request with a crafted control file that is not properly handled when lpd invokes a mail program. NOTE: this might be the same vulnerability as CV... Read more

    Affected Products : sunos
    • EPSS Score: %59.82
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1580

    Directory traversal vulnerability in ScriptEase viewcode.jse for Netware 5.1 before 5.1 SP3 allows remote attackers to read arbitrary files via ".." sequences in the query string.... Read more

    Affected Products : netware scriptease_webserver
    • EPSS Score: %22.58
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2001-1562

    Format string vulnerability in nvi before 1.79 allows local users to gain privileges via format string specifiers in a filename.... Read more

    Affected Products : nvi
    • EPSS Score: %0.05
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2001-1561

    Buffer overflow in Xvt 2.1 in Debian Linux 2.2 allows local users to execute arbitrary code via long (1) -name and (2) -T arguments.... Read more

    Affected Products : debian_linux xvt
    • EPSS Score: %0.22
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1544

    Directory traversal vulnerability in Macromedia JRun Web Server (JWS) 2.3.3, 3.0 and 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTP GET request.... Read more

    Affected Products : jrun
    • EPSS Score: %0.38
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1543

    Axis network camera 2120, 2110, 2100, 200+ and 200 contains a default administration password "pass", which allows remote attackers to gain access to the camera.... Read more

    • EPSS Score: %0.90
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1205

    Directory traversal vulnerability in lastlines.cgi for Last Lines 2.0 allows remote attackers to read arbitrary files via '..' sequences in the $error_log variable.... Read more

    Affected Products : last_lines
    • EPSS Score: %0.86
    • Published: Dec. 30, 2001
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2001-1210

    Cisco ubr900 series routers that conform to the Data-over-Cable Service Interface Specifications (DOCSIS) standard must ship without SNMP access restrictions, which can allow remote attackers to read and write information to the MIB using arbitrary commun... Read more

    Affected Products : ubr920 ubr924 ubr925
    • EPSS Score: %0.61
    • Published: Dec. 30, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1207

    Buffer overflows in DayDream BBS 2.9 through 2.13 allow remote attackers to possibly execute arbitrary code via the control codes (1) ~#MC, (2) ~#TF, or (3) ~#RA.... Read more

    Affected Products : daydream_bbs
    • EPSS Score: %9.49
    • Published: Dec. 30, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1466

    Buffer overflow in VanDyke SecureCRT before 3.4.2, when using the SSH-1 protocol, allows remote attackers to execute arbitrary code via a long (1) username or (2) password.... Read more

    Affected Products : securecrt
    • EPSS Score: %4.79
    • Published: Dec. 30, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1206

    Matrix CGI vault Last Lines 2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the $error_log variable.... Read more

    Affected Products : last_lines
    • EPSS Score: %0.90
    • Published: Dec. 30, 2001
    • Modified: Apr. 03, 2025
Showing 20 of 291275 Results