Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2001-1188

    mailto.exe in Brian Dorricott MAILTO 1.0.9 and earlier allows remote attackers to send SPAM e-mail through remote servers by modifying the sendto, email, server, subject, and resulturl hidden form fields.... Read more

    Affected Products : mailto
    • EPSS Score: %2.37
    • Published: Dec. 11, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0890

    Certain backend drivers in the SANE library 1.0.3 and earlier, as used in frontend software such as XSane, allows local users to modify files via a symlink attack on temporary files.... Read more

    Affected Products : linux sane
    • EPSS Score: %0.09
    • Published: Dec. 11, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1187

    csvform.pl 0.1 allows remote attackers to execute arbitrary commands via metacharacters in the file parameter.... Read more

    Affected Products : csvform csvform_plus
    • EPSS Score: %3.12
    • Published: Dec. 11, 2001
    • Modified: Apr. 03, 2025

  • 6.2

    MEDIUM
    CVE-2001-1185

    Some AIO operations in FreeBSD 4.4 may be delayed until after a call to execve, which could allow a local user to overwrite memory of the new process and gain privileges.... Read more

    Affected Products : freebsd
    • EPSS Score: %0.13
    • Published: Dec. 10, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0953

    Kebi WebMail allows remote attackers to access the administrator menu and gain privileges via the /a/ hidden directory, which is installed under the web document root.... Read more

    Affected Products : kebi_community
    • EPSS Score: %1.10
    • Published: Dec. 08, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1184

    wrshdsp.exe in Denicomp Winsock RSHD/NT 2.21.00 and earlier allows remote attackers to cause a denial of service (CPU consumption) via (1) in 2.20.00 and earlier, an invalid port number such as a negative number, which causes a connection attempt to that ... Read more

    Affected Products : winsock_rshd_nt
    • EPSS Score: %19.48
    • Published: Dec. 08, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0951

    Windows 2000 allows remote attackers to cause a denial of service (CPU consumption) by flooding Internet Key Exchange (IKE) UDP port 500 with packets that contain a large number of dot characters.... Read more

    Affected Products : windows_2000
    • EPSS Score: %56.34
    • Published: Dec. 07, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0952

    THQ Volition Red Faction Game allows remote attackers to cause a denial of service (hang) of a client or server via packets to UDP port 7755.... Read more

    Affected Products : red_faction
    • EPSS Score: %4.72
    • Published: Dec. 07, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0954

    Lotus Domino 5.0.5 and 5.0.8, and possibly other versions, allows remote attackers to cause a denial of service (block access to databases that have not been previously accessed) via a URL that includes the . (dot) directory.... Read more

    Affected Products : domino
    • EPSS Score: %0.91
    • Published: Dec. 07, 2001
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2001-0722

    Internet Explorer 5.5 and 6.0 allows remote attackers to read and modify user cookies via Javascript in an about: URL, aka the "First Cookie Handling Vulnerability."... Read more

    Affected Products : internet_explorer
    • EPSS Score: %45.91
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0843

    Squid proxy server 2.4 and earlier allows remote attackers to cause a denial of service (crash) via a mkdir-only FTP PUT request.... Read more

    Affected Products : squid_web_proxy
    • EPSS Score: %24.97
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0835

    Cross-site scripting vulnerability in Webalizer 2.01-06, and possibly other versions, allows remote attackers to inject arbitrary HTML tags by specifying them in (1) search keywords embedded in HTTP referrer information, or (2) host names that are retriev... Read more

    Affected Products : webalizer
    • EPSS Score: %4.69
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0861

    Cisco 12000 with IOS 12.0 and line cards based on Engine 2 and earlier allows remote attackers to cause a denial of service (CPU consumption) by flooding the router with traffic that generates a large number of ICMP Unreachable replies.... Read more

    Affected Products : ios 12000_router
    • EPSS Score: %0.91
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2001-0858

    Buffer overflow in pppattach and other linked PPP utilities in Caldera Open Unix 8.0 and UnixWare 7.1.0 and 7.1.1 allows local users to gain privileges.... Read more

    Affected Products : unixware openunix
    • EPSS Score: %0.08
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0808

    gnatsweb.pl in GNATS GnatsWeb 2.7 through 3.95 allows remote attackers to execute arbitrary commands via certain characters in the help_file parameter.... Read more

    Affected Products : gnatsweb
    • EPSS Score: %3.10
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0827

    Cerberus FTP server 1.0 - 1.5 allows remote attackers to cause a denial of service (crash) via a large number of "PASV" requests.... Read more

    Affected Products : ceberus_ftp_server
    • EPSS Score: %0.96
    • Published: Dec. 06, 2001
    • Modified: Apr. 23, 2025

  • 7.2

    HIGH
    CVE-2001-0833

    Buffer overflow in otrcrep in Oracle 8.0.x through 9.0.1 allows local users to execute arbitrary code via a long ORACLE_HOME environment variable, aka the "Oracle Trace Collection Security Vulnerability."... Read more

    Affected Products : database_server
    • EPSS Score: %0.45
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0824

    Cross-site scripting vulnerability in IBM WebSphere 3.02 and 3.5 FP2 allows remote attackers to execute Javascript by inserting the Javascript into (1) a request for a .JSP file, or (2) a request to the webapp/examples/ directory, which inserts the Javasc... Read more

    Affected Products : websphere_application_server
    • EPSS Score: %0.84
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2001-1247

    PHP 4.0.4pl1 and 4.0.5 in safe mode allows remote attackers to read and write files owned by the web server UID by uploading a PHP script that uses the error_log function to access the files.... Read more

    Affected Products : php
    • EPSS Score: %0.65
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0860

    Terminal Services Manager MMC in Windows 2000 and XP trusts the Client Address (IP address) that is provided by the client instead of obtaining it from the packet headers, which allows clients to spoof their public IP address, e.g. through a Network Addre... Read more

    Affected Products : windows_2000 windows_xp
    • EPSS Score: %9.10
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025
Showing 20 of 291401 Results