Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2001-0847

    Lotus Domino Web Server 5.x allows remote attackers to gain sensitive information by accessing the default navigator $defaultNav via (1) URL encoding the request, or (2) directly requesting the ReplicaID.... Read more

    Affected Products : domino_web_server
    • EPSS Score: %0.85
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0830

    6tunnel 0.08 and earlier does not properly close sockets that were initiated by a client, which allows remote attackers to cause a denial of service (resource exhaustion) by repeatedly connecting to and disconnecting from the server.... Read more

    Affected Products : 6tunnel
    • EPSS Score: %7.22
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2001-0848

    join.cfm in e-Zone Media Fuse Talk allows a local user to execute arbitrary SQL code via a semi-colon (;) in a form variable.... Read more

    Affected Products : fuse_talk
    • EPSS Score: %0.08
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0842

    Directory traversal vulnerability in Search.cgi in Leoboard LB5000 LB5000II 1029 and earlier allows remote attackers to overwrite files and gain privileges via .. (dot dot) sequences in the amembernamecookie cookie.... Read more

    Affected Products : lb5000
    • EPSS Score: %1.96
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0726

    Outlook Web Access (OWA) in Microsoft Exchange 5.5 Server, when used with Internet Explorer, does not properly detect certain inline script, which can allow remote attackers to perform arbitrary actions on a user's Exchange mailbox via an HTML e-mail mess... Read more

    Affected Products : exchange_server
    • EPSS Score: %9.90
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 3.6

    LOW
    CVE-2001-0806

    Apple MacOS X 10.0 and 10.1 allow a local user to read and write to a user's desktop folder via insecure default permissions for the Desktop when it is created in some languages.... Read more

    Affected Products : mac_os_x
    • EPSS Score: %0.08
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0859

    2.4.3-12 kernel in Red Hat Linux 7.1 Korean installation program sets the setting default umask for init to 000, which installs files with world-writeable permissions.... Read more

    Affected Products : linux
    • EPSS Score: %0.47
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0800

    lpsched in IRIX 6.5.13f and earlier allows remote attackers to execute arbitrary commands via shell metacharacters.... Read more

    Affected Products : irix
    • EPSS Score: %78.03
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2001-0831

    Unknown vulnerability in Oracle Label Security in Oracle 8.1.7 and 9.0.1, when audit functionality, SET_LABEL, or SQL*Predicate is being used, allows local users to gain additional access.... Read more

    Affected Products : database_server
    • EPSS Score: %0.30
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0821

    The default configuration of DCShop 1.002 beta places sensitive files in the cgi-bin directory, which could allow remote attackers to read sensitive data via an HTTP GET request for (1) orders.txt or (2) auth_user_file.txt.... Read more

    Affected Products : dcshop
    • EPSS Score: %11.73
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0720

    Internet Explorer 5.1 for Macintosh on Mac OS X allows remote attackers to execute arbitrary commands by causing a BinHex or MacBinary file type to be downloaded, which causes the files to be executed if automatic decoding is enabled.... Read more

    Affected Products : mac_os_x
    • EPSS Score: %1.01
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0663

    Terminal Server in Windows NT and Windows 2000 allows remote attackers to cause a denial of service via a sequence of invalid Remote Desktop Protocol (RDP) packets.... Read more

    Affected Products : windows_2000 windows_nt
    • EPSS Score: %23.05
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0843

    Squid proxy server 2.4 and earlier allows remote attackers to cause a denial of service (crash) via a mkdir-only FTP PUT request.... Read more

    Affected Products : squid_web_proxy
    • EPSS Score: %24.97
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2001-0722

    Internet Explorer 5.5 and 6.0 allows remote attackers to read and modify user cookies via Javascript in an about: URL, aka the "First Cookie Handling Vulnerability."... Read more

    Affected Products : internet_explorer
    • EPSS Score: %45.91
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0716

    Citrix MetaFrame 1.8 Server with Service Pack 3, and XP Server Service Pack 1 and earlier, allows remote attackers to cause a denial of service (crash) via a large number of incomplete connections to the server.... Read more

    Affected Products : metaframe
    • EPSS Score: %1.11
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0819

    A buffer overflow in Linux fetchmail before 5.8.6 allows remote attackers to execute arbitrary code via a large 'To:' field in an email header.... Read more

    Affected Products : fetchmail
    • EPSS Score: %7.16
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0803

    Buffer overflow in the client connection routine of libDtSvc.so.1 in CDE Subprocess Control Service (dtspcd) allows remote attackers to execute arbitrary commands.... Read more

    Affected Products : cde_common_desktop_environment
    • EPSS Score: %64.86
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2001-0834

    htsearch CGI program in htdig (ht://Dig) 3.1.5 and earlier allows remote attackers to use the -c option to specify an alternate configuration file, which could be used to (1) cause a denial of service (CPU consumption) by specifying a large file such as /... Read more

    Affected Products : debian_linux suse_linux linux linux htdig
    • EPSS Score: %2.51
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0866

    Cisco 12000 with IOS 12.0 and lines card based on Engine 2 does not properly handle an outbound ACL when an input ACL is not configured on all the interfaces of a multi port line card, which could allow remote attackers to bypass the intended access contr... Read more

    Affected Products : 12000_router
    • EPSS Score: %0.45
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0815

    Buffer overflow in PerlIS.dll in Activestate ActivePerl 5.6.1.629 and earlier allows remote attackers to execute arbitrary code via an HTTP request for a long filename that ends in a .pl extension.... Read more

    Affected Products : activeperl
    • EPSS Score: %42.27
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025
Showing 20 of 291384 Results