Latest CVE Feed
-
5.0
MEDIUMCVE-2001-1007
Starfish Truesync Desktop 2.0b as used on the REX 5000 PDA uses a small keyspace for device keys and does not impose a delay when an incorrect key is entered, which allows attackers to more quickly guess the key via a brute force attack.... Read more
Affected Products : truesync_desktop- EPSS Score: %0.48
- Published: Aug. 31, 2001
- Modified: Apr. 03, 2025
-
4.6
MEDIUMCVE-2000-1199
PostgreSQL stores usernames and passwords in plaintext in (1) pg_shadow and (2) pg_pwd, which allows attackers with sufficient privileges to gain access to databases.... Read more
Affected Products : postgresql- EPSS Score: %0.50
- Published: Aug. 31, 2001
- Modified: Apr. 03, 2025
-
10.0
HIGHCVE-2001-0972
Surf-Net ASP Forum before 2.30 uses easily guessable cookies based on the UserID, which allows remote attackers to gain administrative privileges by calculating the value of the admin cookie (UserID 1), i.e. "0888888."... Read more
Affected Products : asp_forum- EPSS Score: %0.93
- Published: Aug. 31, 2001
- Modified: Apr. 03, 2025
-
7.2
HIGHCVE-2001-1069
libCoolType library as used in Adobe Acrobat (acroread) on Linux creates the AdobeFnt.lst file with world-writable permissions, which allows local users to modify the file and possibly modify acroread's behavior.... Read more
Affected Products : acrobat_reader- EPSS Score: %0.09
- Published: Aug. 31, 2001
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2000-1201
Check Point FireWall-1 allows remote attackers to cause a denial of service (high CPU) via a flood of packets to port 264.... Read more
Affected Products : firewall-1- EPSS Score: %0.66
- Published: Aug. 31, 2001
- Modified: Apr. 03, 2025
-
10.0
HIGHCVE-2001-0966
Directory traversal vulnerability in Nudester 1.10 and earlier allows remote attackers to read or write arbitrary files via a .. (dot dot) in the CD (CWD) command.... Read more
Affected Products : nudester- EPSS Score: %0.69
- Published: Aug. 31, 2001
- Modified: Apr. 03, 2025
-
10.0
HIGHCVE-2001-0969
ipfw in FreeBSD does not properly handle the use of "me" in its rules when point to point interfaces are used, which causes ipfw to allow connections from arbitrary remote hosts.... Read more
Affected Products : freebsd- EPSS Score: %0.43
- Published: Aug. 31, 2001
- Modified: Apr. 03, 2025
-
10.0
HIGHCVE-2001-1025
PHP-Nuke 5.x allows remote attackers to perform arbitrary SQL operations by modifying the "prefix" variable when calling any scripts that do not already define the prefix variable (e.g., by including mainfile.php), such as article.php.... Read more
Affected Products : php-nuke- EPSS Score: %0.07
- Published: Aug. 31, 2001
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2000-1192
Buffer overflow in BTT Software SNMP Trap Watcher 1.16 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long string trap.... Read more
Affected Products : snmp_trap_watcher- EPSS Score: %2.28
- Published: Aug. 31, 2001
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2000-1191
htsearch program in htDig 3.2 beta, 3.1.6, 3.1.5, and earlier allows remote attackers to determine the physical path of the server by requesting a non-existent configuration file using the config parameter, which generates an error message that includes t... Read more
Affected Products : htdig- EPSS Score: %2.00
- Published: Aug. 31, 2001
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2001-1002
The default configuration of the DVI print filter (dvips) in Red Hat Linux 7.0 and earlier does not run dvips in secure mode when dvips is executed by lpd, which could allow remote attackers to gain privileges by printing a DVI file that contains maliciou... Read more
Affected Products : linux- EPSS Score: %4.74
- Published: Aug. 31, 2001
- Modified: Apr. 03, 2025
-
10.0
HIGHCVE-2001-1009
Fetchmail (aka fetchmail-ssl) before 5.8.17 allows a remote malicious (1) IMAP server or (2) POP/POP3 server to overwrite arbitrary memory and possibly gain privileges via a negative index number as part of a response to a LIST request.... Read more
Affected Products : fetchmail- EPSS Score: %13.12
- Published: Aug. 31, 2001
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2001-0711
Cisco IOS 11.x and 12.0 with ATM support allows attackers to cause a denial of service via the undocumented Interim Local Management Interface (ILMI) SNMP community string.... Read more
Affected Products : ios- EPSS Score: %13.01
- Published: Aug. 31, 2001
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2000-1200
Windows NT allows remote attackers to list all users in a domain by obtaining the domain SID with the LsaQueryInformationPolicy policy function via a null session and using the SID to list the users.... Read more
Affected Products : windows_nt- EPSS Score: %20.50
- Published: Aug. 31, 2001
- Modified: Apr. 03, 2025
-
7.2
HIGHCVE-2001-1036
GNU locate in findutils 4.1 on Slackware 7.1 and 8.0 allows local users to gain privileges via an old formatted filename database (locatedb) that contains an entry with an out-of-range offset, which causes locate to write to arbitrary process memory.... Read more
- EPSS Score: %0.13
- Published: Aug. 31, 2001
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2000-1190
imwheel-solo in imwheel package allows local users to modify arbitrary files via a symlink attack from the .imwheelrc file.... Read more
Affected Products : imwheel- EPSS Score: %0.12
- Published: Aug. 31, 2001
- Modified: Apr. 03, 2025
-
4.6
MEDIUMCVE-2001-0983
UltraEdit uses weak encryption to record FTP passwords in the uedit32.ini file, which allows local users who can read the file to decrypt the passwords and gain privileges.... Read more
Affected Products : ultraedit-32- EPSS Score: %0.07
- Published: Aug. 31, 2001
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2001-1064
Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap allows remote attackers to cause a denial of service via multiple connections to the router on the (1) HTTP or (2) telnet service, which causes the router to become unresponsive and stop forwardi... Read more
Affected Products : cbos- EPSS Score: %5.66
- Published: Aug. 31, 2001
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2001-1066
ns6install installation script for Netscape 6.01 on Solaris, and other versions including 6.2.1 beta, allows local users to overwrite arbitrary files via a symlink attack.... Read more
Affected Products : solaris- EPSS Score: %0.09
- Published: Aug. 31, 2001
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2000-1193
Performance Metrics Collector Daemon (PMCD) in Performance Copilot in IRIX 6.x allows remote attackers to cause a denial of service (resource exhaustion) via an extremely long string to the PMCD port.... Read more
Affected Products : irix- EPSS Score: %4.19
- Published: Aug. 31, 2001
- Modified: Apr. 03, 2025