Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2001-1511

    JRun 3.0 and 3.1 running on JRun Web Server (JWS) and IIS allows remote attackers to read arbitrary JavaServer Pages (JSP) source code via a request URL containing the source filename ending in (1) "jsp%00" or (2) "js%2570".... Read more

    Affected Products : jrun
    • EPSS Score: %0.59
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1554

    IBM AIX 430 does not properly unlock IPPMTU_LOCK, which allows remote attackers to cause a denial of service (hang) via Path Maximum Transmit Unit (PMTU) IP packets.... Read more

    Affected Products : aix
    • EPSS Score: %0.79
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1505

    tinc 1.0pre3 and 1.0pre4 allows remote attackers to inject data into user sessions by sniffing and replaying packets.... Read more

    Affected Products : tinc
    • EPSS Score: %0.38
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2001-1487

    popauth utility in Qualcomm Qpopper 4.0 and earlier allows local users to overwrite arbitrary files and execute commands as the pop user via a symlink attack on the -trace file option.... Read more

    Affected Products : qpopper
    • EPSS Score: %0.11
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2001-1568

    CMG WAP gateway does not verify the fully qualified domain name URL with X.509 certificates from root certificate authorities, which allows remote attackers to spoof SSL certificates via a man-in-the-middle attack.... Read more

    Affected Products : wap_gateway
    • EPSS Score: %0.18
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1480

    Java Runtime Environment (JRE) and SDK 1.2 through 1.3.0_04 allows untrusted applets to access the system clipboard.... Read more

    Affected Products : jre sdk jdk mac_os_runtime_for_java
    • EPSS Score: %0.54
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-1518

    RunAs (runas.exe) in Windows 2000 only creates one session instance at a time, which allows local users to cause a denial of service (RunAs hang) by creating a named pipe session with the authentication server without any request for service. NOTE: the v... Read more

    Affected Products : windows_2000
    • EPSS Score: %0.61
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2001-1576

    Buffer overflow in cron in Caldera UnixWare 7 allows local users to execute arbitrary code via a command line argument.... Read more

    Affected Products : unixware
    • EPSS Score: %0.09
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2001-1524

    Cross-site scripting (XSS) vulnerability in PHP-Nuke 5.3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) uname parameter in user.php, (2) ttitle, letter and file parameters in modules.php, (3) subject, story and st... Read more

    Affected Products : php-nuke
    • EPSS Score: %0.11
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-1573

    Buffer overflow in smtpscan.dll for Trend Micro InterScan VirusWall 3.51 for Windows NT has allows remote attackers to execute arbitrary code via a certain configuration parameter.... Read more

    Affected Products : interscan_viruswall
    • EPSS Score: %1.95
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-1534

    mod_usertrack in Apache 1.3.11 through 1.3.20 generates session ID's using predictable information including host IP address, system time and server process ID, which allows local users to obtain session ID's and bypass authentication when these session I... Read more

    Affected Products : http_server
    • EPSS Score: %0.12
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1510

    Allaire JRun 2.3.3, 3.0 and 3.1 running on IIS 4.0 and 5.0, iPlanet, Apache, JRun web server (JWS), and possibly other web servers allows remote attackers to read arbitrary files and directories by appending (1) "%3f.jsp", (2) "?.jsp" or (3) "?" to the re... Read more

    Affected Products : jrun
    • EPSS Score: %3.38
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1572

    The MAC module in Netfilter in Linux kernel 2.4.1 through 2.4.11, when configured to filter based on MAC addresses, allows remote attackers to bypass packet filters via small packets.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.40
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-1550

    CentraOne 5.2 and Centra ASP with basic authentication enabled creates world-writable base64 encoded log files, which allows local users to obtain cleartext passwords from decoded log files and impersonate users.... Read more

    Affected Products : asp centraone smart_connect
    • EPSS Score: %0.18
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 5.3

    MEDIUM
    CVE-2001-1533

    Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to cause a denial of service via a flood of fragmented UDP packets. NOTE: the vendor disputes this issue, saying that it requires high bandwidth to exploit, and the se... Read more

    Affected Products : isa_server
    • EPSS Score: %26.89
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 9.8

    CRITICAL
    CVE-2001-1496

    Off-by-one buffer overflow in Basic Authentication in Acme Labs thttpd 1.95 through 2.20 allows remote attackers to cause a denial of service and possibly execute arbitrary code.... Read more

    Affected Products : thttpd
    • EPSS Score: %19.07
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1538

    SpeedXess HA-120 DSL router has a default administrative password of "speedxess", which allows remote attackers to gain access.... Read more

    Affected Products : ha-120_dsl_router
    • EPSS Score: %1.40
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1581

    The File Blocker feature in Clearswift MAILsweeper for SMTP 4.2 allows remote attackers to bypass e-mail attachment filtering policies via a modified name in a Content-Type header.... Read more

    Affected Products : mailsweeper
    • EPSS Score: %0.25
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1557

    Buffer overflow in ftpd in IBM AIX 4.3 and 5.1 allows attackers to gain privileges.... Read more

    Affected Products : aix
    • EPSS Score: %0.42
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1208

    Format string vulnerability in DayDream BBS allows remote attackers to execute arbitrary code via format string specifiers in a file containing a ~#RA control code.... Read more

    Affected Products : daydream_bbs
    • EPSS Score: %1.62
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025
Showing 20 of 291617 Results