Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.2

    HIGH
    CVE-2001-0507

    IIS 5.0 uses relative paths to find system files that will run in-process, which allows local users to gain privileges via a Trojan horse file, aka the "System file listing privilege elevation" vulnerability.... Read more

    Affected Products : internet_information_services iis
    • EPSS Score: %1.15
    • Published: Sep. 20, 2001
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2001-0506

    Buffer overflow in ssinc.dll in IIS 5.0 and 4.0 allows local users to gain system privileges via a Server-Side Includes (SSI) directive for a long filename, which triggers the overflow when the directory name is added, aka the "SSI privilege elevation" vu... Read more

    • EPSS Score: %37.94
    • Published: Sep. 20, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0709

    Microsoft IIS 4.0 and before, when installed on a FAT partition, allows a remote attacker to obtain source code of ASP files via a URL encoded with Unicode.... Read more

    Affected Products : internet_information_server
    • EPSS Score: %26.03
    • Published: Sep. 20, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0705

    Directory traversal vulnerability in tradecli.dll in Arcadia Internet Store 1.0 allows a remote attacker to read arbitrary files on the web server via a URL with "dot dot" sequences in the template argument.... Read more

    Affected Products : arcadia_internet_store
    • EPSS Score: %3.45
    • Published: Sep. 20, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0964

    Buffer overflow in client for Half-Life 1.1.0.8 and earlier allows malicious remote servers to execute arbitrary code via a long console command.... Read more

    Affected Products : half-life
    • EPSS Score: %1.43
    • Published: Sep. 20, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0703

    tradecli.dll in Arcadia Internet Store 1.0 allows a remote attacker to cause a denial of service via a URL request with an MS-DOS device name in the template parameter.... Read more

    Affected Products : arcadia_internet_store
    • EPSS Score: %4.72
    • Published: Sep. 20, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0692

    SMTP proxy in WatchGuard Firebox (2500 and 4500) 4.5 and 4.6 allows a remote attacker to bypass firewall filtering via a base64 MIME encoded email attachment whose boundary name ends in two dashes.... Read more

    Affected Products : firebox_2500 firebox_4500
    • EPSS Score: %0.43
    • Published: Sep. 20, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0694

    Directory traversal vulnerability in WFTPD 3.00 R5 allows a remote attacker to view arbitrary files via a dot dot attack in the CD command.... Read more

    Affected Products : wftpd
    • EPSS Score: %3.02
    • Published: Sep. 20, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2001-0653

    Sendmail 8.10.0 through 8.11.5, and 8.12.0 beta, allows local users to modify process memory and possibly gain privileges via a large value in the 'category' part of debugger (-d) command line arguments, which is interpreted as a negative number.... Read more

    Affected Products : sendmail
    • EPSS Score: %0.33
    • Published: Sep. 20, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0687

    Broker FTP server 5.9.5 for Windows NT and 9x allows a remote attacker to retrieve privileged web server system information by (1) issuing a CD command (CD C:) followed by the LS command, (2) specifying arbitrary paths in the UNC format (\\computername\sh... Read more

    Affected Products : broker_ftp_server
    • EPSS Score: %0.81
    • Published: Sep. 20, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0642

    Directory traversal vulnerability in IncrediMail version 1400185 and earlier allows local users to overwrite files on the local hard drive by appending .. (dot dot) sequences to filenames listed in the content.ini file.... Read more

    Affected Products : incredimail
    • EPSS Score: %0.12
    • Published: Sep. 20, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0674

    Directory traversal vulnerability in RobTex Viking Web server before 1.07-381 allows remote attackers to read arbitrary files via a hexadecimal encoded dot-dot attack (eg. http://www.server.com/%2e%2e/%2e%2e) in an HTTP URL request.... Read more

    Affected Products : viking_server
    • EPSS Score: %0.46
    • Published: Sep. 20, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0704

    tradecli.dll in Arcadia Internet Store 1.0 allows a remote attacker to discover the full path to the working directory via a URL with a template argument for a file that does not exist.... Read more

    Affected Products : arcadia_internet_store
    • EPSS Score: %3.06
    • Published: Sep. 20, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0677

    Eudora 5.0.2 allows a remote attacker to read arbitrary files via an email with the path of the target file in the "Attachment Converted" MIME header, which sends the file when the email is forwarded to the attacker by the user.... Read more

    Affected Products : eudora
    • EPSS Score: %0.98
    • Published: Sep. 20, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-1029

    libutil in OpenSSH on FreeBSD 4.4 and earlier does not drop privileges before verifying the capabilities for reading the copyright and welcome files, which allows local users to bypass the capabilities checks and read arbitrary files by specifying alterna... Read more

    Affected Products : openssh freebsd
    • EPSS Score: %0.13
    • Published: Sep. 20, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0659

    Buffer overflow in IrDA driver providing infrared data exchange on Windows 2000 allows attackers who are physically close to the machine to cause a denial of service (reboot) via a malformed IrDA packet.... Read more

    Affected Products : windows_2000
    • EPSS Score: %14.41
    • Published: Sep. 20, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0700

    Buffer overflow in w3m 0.2.1 and earlier allows a remote attacker to execute arbitrary code via a long base64 encoded MIME header.... Read more

    Affected Products : w3m w3m
    • EPSS Score: %13.31
    • Published: Sep. 20, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0690

    Format string vulnerability in exim (3.22-10 in Red Hat, 3.12 in Debian and 3.16 in Conectiva) in batched SMTP mode allows a remote attacker to execute arbitrary code via format strings in SMTP mail headers.... Read more

    Affected Products : debian_linux exim linux linux exim
    • EPSS Score: %19.93
    • Published: Sep. 20, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0650

    Cisco devices IOS 12.0 and earlier allow a remote attacker to cause a crash, or bad route updates, via malformed BGP updates with unrecognized transitive attribute.... Read more

    Affected Products : ios
    • EPSS Score: %1.31
    • Published: Sep. 20, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0680

    Directory traversal vulnerability in ftpd in QPC QVT/Net 4.0 and AVT/Term 5.0 allows a remote attacker to traverse directories on the web server via a "dot dot" attack in a LIST (ls) command.... Read more

    Affected Products : qvt_net avt_term
    • EPSS Score: %84.83
    • Published: Sep. 20, 2001
    • Modified: Apr. 03, 2025
Showing 20 of 291209 Results