Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.2

    HIGH
    CVE-2001-0506

    Buffer overflow in ssinc.dll in IIS 5.0 and 4.0 allows local users to gain system privileges via a Server-Side Includes (SSI) directive for a long filename, which triggers the overflow when the directory name is added, aka the "SSI privilege elevation" vu... Read more

    • EPSS Score: %37.94
    • Published: Sep. 20, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0649

    Personal Web Sharing 1.5.5 allows a remote attacker to cause a denial of service via a long HTTP request.... Read more

    Affected Products : personal_web_sharing
    • EPSS Score: %4.01
    • Published: Sep. 20, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2001-0641

    Buffer overflow in man program in various distributions of Linux allows local user to execute arbitrary code as group man via a long -S option.... Read more

    Affected Products : suse_linux linux immunix
    • EPSS Score: %0.25
    • Published: Sep. 20, 2001
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2001-0507

    IIS 5.0 uses relative paths to find system files that will run in-process, which allows local users to gain privileges via a Trojan horse file, aka the "System file listing privilege elevation" vulnerability.... Read more

    Affected Products : internet_information_services iis
    • EPSS Score: %1.15
    • Published: Sep. 20, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0674

    Directory traversal vulnerability in RobTex Viking Web server before 1.07-381 allows remote attackers to read arbitrary files via a hexadecimal encoded dot-dot attack (eg. http://www.server.com/%2e%2e/%2e%2e) in an HTTP URL request.... Read more

    Affected Products : viking_server
    • EPSS Score: %0.46
    • Published: Sep. 20, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0681

    Buffer overflow in ftpd in QPC QVT/Net 5.0 and QVT/Term 5.0 allows a remote attacker to cause a denial of service via a long (1) username or (2) password.... Read more

    Affected Products : qvt_net qvt_term
    • EPSS Score: %0.71
    • Published: Sep. 20, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0677

    Eudora 5.0.2 allows a remote attacker to read arbitrary files via an email with the path of the target file in the "Attachment Converted" MIME header, which sends the file when the email is forwarded to the attacker by the user.... Read more

    Affected Products : eudora
    • EPSS Score: %0.98
    • Published: Sep. 20, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0692

    SMTP proxy in WatchGuard Firebox (2500 and 4500) 4.5 and 4.6 allows a remote attacker to bypass firewall filtering via a base64 MIME encoded email attachment whose boundary name ends in two dashes.... Read more

    Affected Products : firebox_2500 firebox_4500
    • EPSS Score: %0.43
    • Published: Sep. 20, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0964

    Buffer overflow in client for Half-Life 1.1.0.8 and earlier allows malicious remote servers to execute arbitrary code via a long console command.... Read more

    Affected Products : half-life
    • EPSS Score: %1.43
    • Published: Sep. 20, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0709

    Microsoft IIS 4.0 and before, when installed on a FAT partition, allows a remote attacker to obtain source code of ASP files via a URL encoded with Unicode.... Read more

    Affected Products : internet_information_server
    • EPSS Score: %26.03
    • Published: Sep. 20, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0694

    Directory traversal vulnerability in WFTPD 3.00 R5 allows a remote attacker to view arbitrary files via a dot dot attack in the CD command.... Read more

    Affected Products : wftpd
    • EPSS Score: %3.02
    • Published: Sep. 20, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0703

    tradecli.dll in Arcadia Internet Store 1.0 allows a remote attacker to cause a denial of service via a URL request with an MS-DOS device name in the template parameter.... Read more

    Affected Products : arcadia_internet_store
    • EPSS Score: %4.72
    • Published: Sep. 20, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0705

    Directory traversal vulnerability in tradecli.dll in Arcadia Internet Store 1.0 allows a remote attacker to read arbitrary files on the web server via a URL with "dot dot" sequences in the template argument.... Read more

    Affected Products : arcadia_internet_store
    • EPSS Score: %3.45
    • Published: Sep. 20, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0708

    Denicomp REXECD 1.05 and earlier allows a remote attacker to cause a denial of service (crash) via a long string.... Read more

    Affected Products : rexecd
    • EPSS Score: %0.66
    • Published: Sep. 20, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0696

    NetWin SurgeFTP 2.0a and 1.0b allows a remote attacker to cause a denial of service (crash) via a CD command to a directory with an MS-DOS device name such as con.... Read more

    Affected Products : surgeftp
    • EPSS Score: %0.92
    • Published: Sep. 20, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1018

    Lotus Domino web server 5.08 allows remote attackers to determine the internal IP address of the server when NAT is enabled via a GET request that contains a long sequence of / (slash) characters.... Read more

    Affected Products : domino
    • EPSS Score: %0.63
    • Published: Sep. 20, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0688

    Broker FTP Server 5.9.5.0 allows a remote attacker to cause a denial of service by repeatedly issuing an invalid CD or CWD ("CD . .") command.... Read more

    Affected Products : broker_ftp_server
    • EPSS Score: %2.96
    • Published: Sep. 20, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0693

    WebTrends HTTP Server 3.1c and 3.5 allows a remote attacker to view script source code via a filename followed by an encoded space (%20).... Read more

    • EPSS Score: %3.78
    • Published: Sep. 20, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0704

    tradecli.dll in Arcadia Internet Store 1.0 allows a remote attacker to discover the full path to the working directory via a URL with a template argument for a file that does not exist.... Read more

    Affected Products : arcadia_internet_store
    • EPSS Score: %3.06
    • Published: Sep. 20, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-1029

    libutil in OpenSSH on FreeBSD 4.4 and earlier does not drop privileges before verifying the capabilities for reading the copyright and welcome files, which allows local users to bypass the capabilities checks and read arbitrary files by specifying alterna... Read more

    Affected Products : openssh freebsd
    • EPSS Score: %0.13
    • Published: Sep. 20, 2001
    • Modified: Apr. 03, 2025
Showing 20 of 291274 Results