Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.6

    MEDIUM
    CVE-2001-0845

    Vulnerability in DECwindows Motif Server on OpenVMS VAX or Alpha 6.2 through 7.3, and SEVMS VAX or Alpha 6.2, allows local users to gain access to unauthorized resources.... Read more

    • EPSS Score: %0.07
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0844

    Vulnerability in (1) Book of guests and (2) Post it! allows remote attackers to execute arbitrary code via shell metacharacters in the email parameter.... Read more

    Affected Products : book_of_guests post_it
    • EPSS Score: %2.31
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0832

    Vulnerability in Oracle 8.0.x through 9.0.1 on Unix allows local users to overwrite arbitrary files, possibly via a symlink attack or incorrect file permissions in (1) the ORACLE_HOME/rdbms/log directory or (2) an alternate directory as specified in the O... Read more

    Affected Products : database_server
    • EPSS Score: %0.24
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2001-0801

    lpstat in IRIX 6.5.13f and earlier allows local users to gain root privileges by specifying a Trojan Horse nettype shared library.... Read more

    Affected Products : irix
    • EPSS Score: %0.05
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0840

    Buffer overflow in Compaq Insight Manager XE 2.1b and earlier allows remote attackers to execute arbitrary code via (1) SNMP and (2) DMI.... Read more

    Affected Products : insight_manager_xe
    • EPSS Score: %12.53
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0837

    DeltaThree Pc-To-Phone 3.0.3 places sensitive data in world-readable locations in the installation directory, which allows local users to read the information in (1) temp.html, (2) the log folder, and (3) the PhoneBook folder.... Read more

    Affected Products : pc-to-phone
    • EPSS Score: %0.07
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0824

    Cross-site scripting vulnerability in IBM WebSphere 3.02 and 3.5 FP2 allows remote attackers to execute Javascript by inserting the Javascript into (1) a request for a .JSP file, or (2) a request to the webapp/examples/ directory, which inserts the Javasc... Read more

    Affected Products : websphere_application_server
    • EPSS Score: %0.84
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2001-0858

    Buffer overflow in pppattach and other linked PPP utilities in Caldera Open Unix 8.0 and UnixWare 7.1.0 and 7.1.1 allows local users to gain privileges.... Read more

    Affected Products : unixware openunix
    • EPSS Score: %0.08
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0719

    Buffer overflow in Microsoft Windows Media Player 6.4 allows remote attackers to execute arbitrary code via a malformed Advanced Streaming Format (ASF) file.... Read more

    Affected Products : windows_media_player
    • EPSS Score: %17.15
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2001-0833

    Buffer overflow in otrcrep in Oracle 8.0.x through 9.0.1 allows local users to execute arbitrary code via a long ORACLE_HOME environment variable, aka the "Oracle Trace Collection Security Vulnerability."... Read more

    Affected Products : database_server
    • EPSS Score: %0.45
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2001-1272

    wmtv 0.6.5 and earlier does not properly drop privileges, which allows local users to execute arbitrary commands via the -e (external command) option.... Read more

    Affected Products : wmtv
    • EPSS Score: %0.06
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0808

    gnatsweb.pl in GNATS GnatsWeb 2.7 through 3.95 allows remote attackers to execute arbitrary commands via certain characters in the help_file parameter.... Read more

    Affected Products : gnatsweb
    • EPSS Score: %3.10
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0865

    Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not support the "fragment" keyword in an outgoing ACL, which could allow fragmented packets in violation of the intended access.... Read more

    Affected Products : 12000_router
    • EPSS Score: %0.60
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0857

    Cross-site scripting vulnerability in status.php3 in Imp Webmail 2.2.6 and earlier allows remote attackers to gain access to the e-mail of other users by hijacking session cookies via the message parameter.... Read more

    Affected Products : webmail
    • EPSS Score: %7.73
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0854

    PHP-Nuke 5.2 allows remote attackers to copy and delete arbitrary files by calling case.filemanager.php with admin.php as an argument, which sets the $PHP_SELF variable and makes it appear that case.filemanager.php is being called by admin.php instead of ... Read more

    Affected Products : php-nuke
    • EPSS Score: %0.02
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0851

    Linux kernel 2.0, 2.2 and 2.4 with syncookies enabled allows remote attackers to bypass firewall rules by brute force guessing the cookie.... Read more

    • EPSS Score: %0.62
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0849

    viralator CGI script in Viralator 0.9pre1 and earlier allows remote attackers to execute arbitrary code via a URL for a file being downloaded, which is insecurely passed to a call to wget.... Read more

    Affected Products : viralator
    • EPSS Score: %1.98
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0838

    Format string vulnerability in Network Solutions Rwhoisd 1.5.x allows remote attackers to execute arbitrary code via format string specifiers in the -soa command.... Read more

    Affected Products : rwhoisd
    • EPSS Score: %4.45
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-2001-0829

    A cross-site scripting vulnerability in Apache Tomcat 3.2.1 allows a malicious webmaster to embed Javascript in a request for a .JSP file, which causes the Javascript to be inserted into an error message.... Read more

    Affected Products : tomcat
    • EPSS Score: %0.73
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0826

    Buffer overflows in CesarFTPD 0.98b allows remote attackers to execute arbitrary commands via long arguments to (1) HELP, (2) USER, (3) PASS, (4) PORT, (5) DELE, (6) REST, (7) RMD, or (8) MKD.... Read more

    Affected Products : cesarftp
    • EPSS Score: %1.15
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025
Showing 20 of 291222 Results