Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.2

    HIGH
    CVE-2001-1171

    Check Point Firewall-1 3.0b through 4.0 SP1 follows symlinks and creates a world-writable temporary .cpp file when compiling Policy rules, which could allow local users to gain privileges or modify the firewall policy.... Read more

    Affected Products : firewall-1
    • EPSS Score: %0.05
    • Published: Apr. 01, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1174

    Buffer overflow in Elm 2.5.5 and earlier allows remote attackers to execute arbitrary code via a long Message-ID header.... Read more

    Affected Products : linux elm
    • EPSS Score: %4.26
    • Published: Apr. 01, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0078

    The zone determination function in Microsoft Internet Explorer 5.5 and 6.0 allows remote attackers to run scripts in the Local Computer zone by embedding the script in a cookie, aka the "Cookie-based Script Execution" vulnerability.... Read more

    Affected Products : internet_explorer
    • EPSS Score: %20.34
    • Published: Mar. 29, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-0040

    Vulnerability in SGI IRIX 6.5.11 through 6.5.15f allows local users to cause privileged applications to dump core via the HOSTALIASES environment variable, which might allow the users to gain privileges.... Read more

    Affected Products : irix
    • EPSS Score: %0.06
    • Published: Mar. 28, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0039

    rpcbind in SGI IRIX 6.5 through 6.5.15f, and possibly earlier versions, allows remote attackers to cause a denial of service (crash) via malformed RPC packets with invalid lengths.... Read more

    Affected Products : irix
    • EPSS Score: %0.66
    • Published: Mar. 28, 2002
    • Modified: Apr. 03, 2025

  • 6.2

    MEDIUM
    CVE-2002-0162

    LogWatch before 2.5 allows local users to execute arbitrary code via a symlink attack on the logwatch temporary directory.... Read more

    Affected Products : linux logwatch
    • EPSS Score: %0.12
    • Published: Mar. 27, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0163

    Heap-based buffer overflow in Squid before 2.4 STABLE4, and Squid 2.5 and 2.6 until March 12, 2002 distributions, allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via compressed DNS responses.... Read more

    Affected Products : squid squid
    • EPSS Score: %3.90
    • Published: Mar. 26, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0100

    AOL AOLserver 3.4.2 Win32 allows remote attackers to bypass authentication and read password-protected files via a URL that directly references the file.... Read more

    Affected Products : aol_server
    • EPSS Score: %0.66
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0140

    Domain Name Relay Daemon (dnrd) 2.10 and earlier allows remote malicious DNS sites to cause a denial of service and possibly execute arbitrary code via a long or malformed DNS reply, which is not handled properly by parse_query, get_objectname, and possib... Read more

    Affected Products : dnrd
    • EPSS Score: %4.80
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0145

    chuid 1.2 and earlier does not properly verify the ownership of files that will be changed, which allows remote attackers to change files owned by other users, such as root.... Read more

    Affected Products : chuid
    • EPSS Score: %0.72
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0122

    Siemens 3568i WAP mobile phones allows remote attackers to cause a denial of service (crash) via an SMS message containing unusual characters.... Read more

    Affected Products : 3568i_wap
    • EPSS Score: %1.32
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-0111

    Directory traversal vulnerability in Funsoft Dino's Webserver 1.2 and earlier allows remote attackers to read files or execute arbitrary commands via a .. (dot dot) in the URL.... Read more

    Affected Products : dinos_webserver
    • EPSS Score: %1.14
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0104

    AFTPD 5.4.4 allows remote attackers to gain sensitive information via a CD (CWD) ~ (tilde) command, which causes a core dump.... Read more

    Affected Products : aftpd
    • EPSS Score: %0.92
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-0137

    CDRDAO 1.1.4 and 1.1.5 allows local users to overwrite arbitrary files via a symlink attack on the $HOME/.cdrdao configuration file.... Read more

    Affected Products : cdrdao
    • EPSS Score: %0.12
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2002-0114

    EMC NetWorker (formerly Legato NetWorker) before 7.0 stores passwords in plaintext in the daemon.log file, which allows local users to gain privileges by reading the password from the file. NOTE: this was originally reported for Legato NetWorker 6.1 on t... Read more

    Affected Products : networker
    • EPSS Score: %0.07
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2002-0096

    The installation of Geeklog 1.3 creates an extra group_assignments record which is not properly deleted, which causes the first newly created user to be added to the GroupAdmin and UserAdmin groups, which could provide that user with administrative privil... Read more

    Affected Products : geeklog
    • EPSS Score: %0.05
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-0129

    efax 0.9 and earlier, when installed setuid root, allows local users to read arbitrary files via the -d option, which prints the contents of the file in a warning message.... Read more

    Affected Products : efax
    • EPSS Score: %0.21
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-0110

    Nevrona Designs MiraMail 1.04 and earlier stores authentication information such as POP usernames and passwords in plaintext in a .ini file, which allows an attacker to gain privileges by reading the passwords from the file.... Read more

    Affected Products : miramail
    • EPSS Score: %0.20
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1222

    Plesk Server Administrator (PSA) 1.0 allows remote attackers to obtain PHP source code via an HTTP request containing the target's IP address and a valid account name for the domain.... Read more

    Affected Products : plesk_server_administrator
    • EPSS Score: %2.26
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-0101

    Microsoft Internet Explorer 6.0 and earlier allows local users to cause a denial of service via an infinite loop for modeless dialogs showModelessDialog, which causes CPU usage while the focus for the dialog is not released.... Read more

    Affected Products : internet_explorer
    • EPSS Score: %10.62
    • Published: Mar. 25, 2002
    • Modified: Apr. 03, 2025
Showing 20 of 291634 Results