Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2001-1489

    Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (CPU consumption and memory leak) via a web page with a large number of images.... Read more

    Affected Products : ie
    • EPSS Score: %13.45
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2001-1582

    Buffer overflow in the LDAP naming services library (libsldap) in Sun Solaris 8 allows local users to execute arbitrary code via a long LDAP_OPTIONS environment variable to a privileged program that uses libsldap.... Read more

    Affected Products : solaris sunos
    • EPSS Score: %0.17
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1542

    NAI WebShield SMTP 4.5 and possibly 4.5 MR1a does not filter improperly MIME encoded email attachments, which could allow remote attackers to bypass filtering and possibly execute arbitrary code in email clients that process the invalid attachments.... Read more

    Affected Products : webshield_smtp
    • EPSS Score: %0.91
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-1548

    ZoneAlarm 2.1 through 2.6 and ZoneAlarm Pro 2.4 and 2.6 allows local users to bypass filtering via non-standard TCP packets created with non-Windows protocol adapters.... Read more

    Affected Products : zonealarm
    • EPSS Score: %0.05
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1584

    CardBoard 2.4 greeting card CGI by Michael Barretto allows remote attackers to execute arbitrary commands via shell metacharacters in the recipient field.... Read more

    Affected Products : cardboard
    • EPSS Score: %0.71
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-1574

    Buffer overflow in (1) HttpSaveCVP.dll and (2) HttpSaveCSP.dll in Trend Micro InterScan VirusWall 3.5.1 allows remote attackers to execute arbitrary code.... Read more

    Affected Products : interscan_viruswall
    • EPSS Score: %2.62
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1575

    Apple Personal Web Sharing (PWS) 1.1, 1.5, and 1.5.5, when Web Sharing authentication is enabled, allows remote attackers to cause a denial of service via a long password, possibly due to a buffer overflow.... Read more

    Affected Products : personal_web_sharing
    • EPSS Score: %0.93
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-1570

    Windows XP with fast user switching and account lockout enabled allows local users to deny user account access by setting the fast user switch to the same user (self) multiple times, which causes other accounts to be locked out.... Read more

    Affected Products : windows_xp
    • EPSS Score: %0.32
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2001-1569

    Openwave WAP gateway does not verify the fully qualified domain name URL with X.509 certificates from root certificate authorities, which allows remote attackers to spoof SSL certificates via a man-in-the-middle attack.... Read more

    Affected Products : openwave_wap_gateway
    • EPSS Score: %0.37
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-1560

    Win32k.sys (aka Graphics Device Interface (GDI)) in Windows 2000 and XP allows local users to cause a denial of service (system crash) by calling the ShowWindow function after receiving a WM_NCCREATE message.... Read more

    Affected Products : windows_2000 windows_xp
    • EPSS Score: %0.31
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2001-1526

    Cross-site scripting (XSS) vulnerability in the comments action in index.php in easyNews 1.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the zeit parameter.... Read more

    Affected Products : easynews
    • EPSS Score: %0.35
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2001-1521

    Cross-site scripting (XSS) vulnerability in user.php in PostNuke 0.64 allows remote attackers to inject arbitrary web script or HTML via the uname parameter.... Read more

    Affected Products : postnuke
    • EPSS Score: %0.35
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1507

    OpenSSH before 3.0.1 with Kerberos V enabled does not properly authenticate users, which could allow remote attackers to login unchallenged.... Read more

    Affected Products : openssh
    • EPSS Score: %0.74
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 3.6

    LOW
    CVE-2001-1519

    RunAs (runas.exe) in Windows 2000 allows local users to create a spoofed named pipe when the service is stopped, then capture cleartext usernames and passwords when clients connect to the service. NOTE: the vendor disputes this issue, saying that adminis... Read more

    Affected Products : windows_2000
    • EPSS Score: %2.00
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-1564

    setrlimit in HP-UX 10.01, 10.10, 10.24, 10.20, 11.00, 11.04 and 11.11 does not properly enforce core file size on processes after setuid or setgid privileges are dropped, which could allow local users to cause a denial of service by exhausting available d... Read more

    Affected Products : hp-ux
    • EPSS Score: %0.10
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1552

    ssdpsrv.exe in Windows ME allows remote attackers to cause a denial of service by sending multiple newlines in a Simple Service Discovery Protocol (SSDP) message. NOTE: multiple replies to the original post state that the problem could not be reproduced.... Read more

    Affected Products : windows_me
    • EPSS Score: %22.39
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1211

    Ipswitch IMail 7.0.4 and earlier allows attackers with administrator privileges to read and modify user alias and mailing list information for other domains hosted by the same server via the (1) aliasadmin or (2) listadm1 CGI programs, which do not proper... Read more

    Affected Products : imail
    • EPSS Score: %0.57
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 5.5

    MEDIUM
    CVE-2001-1559

    The uipc system calls (uipc_syscalls.c) in OpenBSD 2.9 and 3.0 provide user mode return instead of versus rval kernel mode values to the fdrelease function, which allows local users to cause a denial of service and trigger a null dereference.... Read more

    Affected Products : openbsd
    • EPSS Score: %0.40
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2001-1553

    Buffer overflow in setiathome for SETI@home 3.03, if installed setuid, could allow local users to execute arbitrary code via long command line options (1) socks_server, (2) socks_user, and (3) socks_passwd. NOTE: since the default configuration of setiath... Read more

    Affected Products : seti_at_home
    • EPSS Score: %0.09
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2001-1576

    Buffer overflow in cron in Caldera UnixWare 7 allows local users to execute arbitrary code via a command line argument.... Read more

    Affected Products : unixware
    • EPSS Score: %0.09
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025
Showing 20 of 291395 Results