Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2001-0971

    Directory traversal vulnerability in ACI 4d webserver allows remote attackers to read arbitrary files via a .. (dot dot) or drive letter (e.g., C:) in an HTTP request.... Read more

    Affected Products : 4d_webserver
    • EPSS Score: %0.56
    • Published: Aug. 31, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-1192

    Buffer overflow in BTT Software SNMP Trap Watcher 1.16 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long string trap.... Read more

    Affected Products : snmp_trap_watcher
    • EPSS Score: %2.28
    • Published: Aug. 31, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1196

    PSCOErrPage.htm in Netscape PublishingXpert 2.5 before SP2 allows remote attackers to read arbitrary files by specifying the target file in the errPagePath parameter.... Read more

    Affected Products : publishingxpert
    • EPSS Score: %8.51
    • Published: Aug. 31, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1005

    Starfish Truesync Desktop 2.0b as used on the REX 5000 PDA uses weak encryption to store the user password in a registry key, which allows attackers who have access to the registry key to decrypt the password and gain privileges.... Read more

    Affected Products : truesync_desktop
    • EPSS Score: %0.22
    • Published: Aug. 31, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1200

    Windows NT allows remote attackers to list all users in a domain by obtaining the domain SID with the LsaQueryInformationPolicy policy function via a null session and using the SID to list the users.... Read more

    Affected Products : windows_nt
    • EPSS Score: %20.50
    • Published: Aug. 31, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0711

    Cisco IOS 11.x and 12.0 with ATM support allows attackers to cause a denial of service via the undocumented Interim Local Management Interface (ILMI) SNMP community string.... Read more

    Affected Products : ios
    • EPSS Score: %13.01
    • Published: Aug. 31, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-1009

    Fetchmail (aka fetchmail-ssl) before 5.8.17 allows a remote malicious (1) IMAP server or (2) POP/POP3 server to overwrite arbitrary memory and possibly gain privileges via a negative index number as part of a response to a LIST request.... Read more

    Affected Products : fetchmail
    • EPSS Score: %13.12
    • Published: Aug. 31, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-1197

    POP2 or POP3 server (pop3d) in imap-uw IMAP package on FreeBSD and other operating systems creates lock files with predictable names, which allows local users to cause a denial of service (lack of mail access) for other users by creating lock files for ot... Read more

    Affected Products : imap
    • EPSS Score: %0.08
    • Published: Aug. 31, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-1025

    PHP-Nuke 5.x allows remote attackers to perform arbitrary SQL operations by modifying the "prefix" variable when calling any scripts that do not already define the prefix variable (e.g., by including mainfile.php), such as article.php.... Read more

    Affected Products : php-nuke
    • EPSS Score: %0.07
    • Published: Aug. 31, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1068

    qpopper 4.01 with PAM based authentication on Red Hat systems generates different error messages when an invalid username is provided instead of a valid name, which allows remote attackers to determine valid usernames on the system.... Read more

    Affected Products : qpopper
    • EPSS Score: %1.22
    • Published: Aug. 31, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1191

    htsearch program in htDig 3.2 beta, 3.1.6, 3.1.5, and earlier allows remote attackers to determine the physical path of the server by requesting a non-existent configuration file using the config parameter, which generates an error message that includes t... Read more

    Affected Products : htdig
    • EPSS Score: %2.00
    • Published: Aug. 31, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1193

    Performance Metrics Collector Daemon (PMCD) in Performance Copilot in IRIX 6.x allows remote attackers to cause a denial of service (resource exhaustion) via an extremely long string to the PMCD port.... Read more

    Affected Products : irix
    • EPSS Score: %4.19
    • Published: Aug. 31, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1154

    Cyrus 2.0.15, 2.0.16, and 1.6.24 on BSDi 4.2, with IMAP enabled, allows remote attackers to cause a denial of service (hang) using PHP IMAP clients.... Read more

    Affected Products : bsd_os cyrus_imap_server
    • EPSS Score: %0.74
    • Published: Aug. 30, 2001
    • Modified: Apr. 03, 2025

  • 5.5

    MEDIUM
    CVE-2001-0682

    ZoneAlarm and ZoneAlarm Pro allows a local attacker to cause a denial of service by running a trojan to initialize a ZoneAlarm mutex object which prevents ZoneAlarm from starting.... Read more

    Affected Products : zonealarm zonealarm_pro
    • EPSS Score: %0.13
    • Published: Aug. 29, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1389

    Multiple vulnerabilities in xinetd 2.3.0 and earlier, and additional variants until 2.3.3, may allow remote attackers to cause a denial of service or execute arbitrary code, primarily via buffer overflows or improper NULL termination.... Read more

    Affected Products : linux xinetd
    • EPSS Score: %2.44
    • Published: Aug. 29, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1379

    The PostgreSQL authentication modules (1) mod_auth_pgsql 0.9.5, and (2) mod_auth_pgsql_sys 0.9.4, allow remote attackers to bypass authentication and execute arbitrary SQL via a SQL injection attack on the user name.... Read more

    Affected Products : mod_auth_pgsql
    • EPSS Score: %1.72
    • Published: Aug. 29, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1168

    Directory traversal vulnerability in index.php in PhpMyExplorer before 1.2.1 allows remote attackers to read arbitrary files via a ..%2F (modified dot dot) in the chemin parameter.... Read more

    • EPSS Score: %0.49
    • Published: Aug. 29, 2001
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2001-1153

    lpsystem in OpenUnix 8.0.0 allows local users to cause a denial of service and possibly execute arbitrary code via a long command line argument.... Read more

    Affected Products : openunix
    • EPSS Score: %0.05
    • Published: Aug. 28, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1443

    KTH Kerberos IV and Kerberos V (Heimdal) for Telnet clients do not encrypt connections if the server does not support the requested encryption, which allows remote attackers to read communications via a man-in-the-middle attack.... Read more

    Affected Products : kth_kerberos
    • EPSS Score: %0.70
    • Published: Aug. 27, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1444

    The Kerberos Telnet protocol, as implemented by KTH Kerberos IV and Kerberos V (Heimdal), does not encrypt authentication and encryption options sent from the server, which allows remote attackers to downgrade authentication and encryption mechanisms via ... Read more

    Affected Products : kth_kerberos
    • EPSS Score: %0.68
    • Published: Aug. 27, 2001
    • Modified: Apr. 03, 2025
Showing 20 of 291209 Results