Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
  • 6.4

    MEDIUM
    CVE-2001-1512

    Unknown vulnerability in Allaire JRun 3.1 allows remote attackers to directly access the WEB-INF and META-INF directories and execute arbitrary JavaServer Pages (JSP), a variant of CVE-2000-1050.... Read more

    Affected Products : jrun
    • EPSS Score: %0.38
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025
  • 7.5

    HIGH
    CVE-2001-1529

    Buffer overflow in rpc.yppasswdd (yppasswd server) in AIX allows attackers to gain unauthorized access via a long string. NOTE: due to lack of details in the vendor advisory, it is not clear if this is the same issue as CVE-2001-0779.... Read more

    Affected Products : aix
    • EPSS Score: %0.60
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025
  • 5.0

    MEDIUM
    CVE-2001-1556

    The log files in Apache web server contain information directly supplied by clients and does not filter or quote control characters, which could allow remote attackers to hide HTTP requests and spoof source IP addresses when logs are viewed with UNIX prog... Read more

    Affected Products : http_server
    • EPSS Score: %1.65
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025
  • 4.6

    MEDIUM
    CVE-2001-1535

    Slashcode 2.0 creates new accounts with an 8-character random password, which could allow local users to obtain session ID's from cookies and gain unauthorized access via a brute force attack.... Read more

    Affected Products : slashcode
    • EPSS Score: %0.15
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025
  • 7.5

    HIGH
    CVE-2001-1543

    Axis network camera 2120, 2110, 2100, 200+ and 200 contains a default administration password "pass", which allows remote attackers to gain access to the camera.... Read more

    • EPSS Score: %0.90
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025
  • 7.5

    HIGH
    CVE-2001-1500

    ProFTPD 1.2.2rc2, and possibly other versions, does not properly verify reverse-resolved hostnames by performing forward resolution, which allows remote attackers to bypass ACLs or cause an incorrect client hostname to be logged.... Read more

    Affected Products : proftpd
    • EPSS Score: %1.08
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025
  • 5.0

    MEDIUM
    CVE-2001-1501

    The glob functionality in ProFTPD 1.2.1, and possibly other versions allows remote attackers to cause a denial of service (CPU and memory consumption) via commands with large numbers of wildcard and other special characters, as demonstrated using an ls co... Read more

    Affected Products : proftpd
    • EPSS Score: %8.15
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025
  • 5.0

    MEDIUM
    CVE-2001-1528

    AmTote International homebet program returns different error messages when invalid account numbers and PIN codes are provided, which allows remote attackers to determine the existence of valid account numbers via a brute force attack.... Read more

    Affected Products : homebet
    • EPSS Score: %7.86
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025
  • 7.2

    HIGH
    CVE-2001-1561

    Buffer overflow in Xvt 2.1 in Debian Linux 2.2 allows local users to execute arbitrary code via long (1) -name and (2) -T arguments.... Read more

    Affected Products : debian_linux xvt
    • EPSS Score: %0.22
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025
  • 5.0

    MEDIUM
    CVE-2001-1544

    Directory traversal vulnerability in Macromedia JRun Web Server (JWS) 2.3.3, 3.0 and 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTP GET request.... Read more

    Affected Products : jrun
    • EPSS Score: %0.38
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025
  • 7.5

    HIGH
    CVE-2001-1502

    webcart.cgi in Mountain Network Systems WebCart 8.4 allows remote attackers to execute arbitrary commands via shell metacharacters in the NEXTPAGE parameter.... Read more

    Affected Products : webcart
    • EPSS Score: %8.72
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025
  • 7.2

    HIGH
    CVE-2001-1478

    Buffer overflow in xlock in UnixWare 7.1.0 and 7.1.1 and Open Unix 8.0.0 allows local users to execute arbitrary code.... Read more

    Affected Products : unixware openunix
    • EPSS Score: %0.06
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025
  • 5.0

    MEDIUM
    CVE-2001-1545

    Macromedia JRun 3.0 and 3.1 appends the jsessionid to URL requests (a.k.a. rewriting) when client browsers have cookies enabled, which allows remote attackers to obtain session IDs and hijack sessions via HTTP referrer fields or sniffing.... Read more

    Affected Products : jrun
    • EPSS Score: %0.39
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025
  • 4.3

    MEDIUM
    CVE-2001-1522

    Cross-site scripting (XSS) vulnerability in im.php in IMessenger for PHP-Nuke allows remote attackers to inject arbitrary web script or HTML via a message.... Read more

    Affected Products : php-nuke
    • EPSS Score: %0.02
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025
  • 7.5

    HIGH
    CVE-2001-1495

    network_query.php in Network Query Tool 1.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the target parameter.... Read more

    • EPSS Score: %0.98
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025
  • 5.0

    MEDIUM
    CVE-2001-1483

    One-Time Passwords In Everything (a.k.a OPIE) 2.32 and 2.4 allows remote attackers to determine the existence of user accounts by printing random passphrases if the user account does not exist and static passphrases if the user account does exist.... Read more

    Affected Products : one-time_passwords_in_everything
    • EPSS Score: %1.47
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025
  • 7.5

    HIGH
    CVE-2001-1577

    Unknown vulnerability in CDE in Caldera OpenUnix 7.1.0, 7.1.1, and 8.0 allows an xterm session to gain privileges when the session is reused.... Read more

    Affected Products : unixware openunix
    • EPSS Score: %0.53
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025
  • 2.1

    LOW
    CVE-2001-1517

    RunAs (runas.exe) in Windows 2000 stores cleartext authentication information in memory, which could allow attackers to obtain usernames and passwords by executing a process that is allocated the same memory page after termination of a RunAs command. NOT... Read more

    Affected Products : windows_2000
    • EPSS Score: %2.27
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025
  • 2.1

    LOW
    CVE-2001-1565

    Point to Point Protocol daemon (pppd) in MacOS x 10.0 and 10.1 through 10.1.5 provides the username and password on the command line, which allows local users to obtain authentication information via the ps command.... Read more

    Affected Products : mac_os_x
    • EPSS Score: %0.18
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025
  • 4.3

    MEDIUM
    CVE-2001-1516

    Cross-site scripting (XSS) vulnerability in phpReview 0.9.0 rc2 and earlier allows remote attackers to inject arbitrary web script or HTML via user-submitted reviews.... Read more

    Affected Products : phpreview
    • EPSS Score: %0.30
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025
Showing 20 of 291562 Results