Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.2

    HIGH
    CVE-2001-1178

    Buffer overflow in xman allows local users to gain privileges via a long MANPATH environment variable.... Read more

    Affected Products : x11r6
    • EPSS Score: %0.15
    • Published: Jul. 11, 2001
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2001-1120

    Vulnerabilities in ColdFusion 2.0 through 4.5.1 SP 2 allow remote attackers to (1) read or delete arbitrary files, or (2) overwrite ColdFusion Server templates.... Read more

    Affected Products : coldfusion_server
    • EPSS Score: %1.78
    • Published: Jul. 11, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1144

    Directory traversal vulnerability in McAfee ASaP VirusScan agent 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTP request.... Read more

    Affected Products : asap_virusscan
    • EPSS Score: %5.26
    • Published: Jul. 11, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1038

    Cisco SN 5420 Storage Router 1.1(3) and earlier allows remote attackers to cause a denial of service (reboot) via a series of connections to TCP port 8023.... Read more

    Affected Products : sn_5420_storage_router_firmware
    • EPSS Score: %0.28
    • Published: Jul. 11, 2001
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2001-1146

    AllCommerce with debugging enabled in EnGarde Secure Linux 1.0.1 creates temporary files with predictable names, which allows local users to modify files via a symlink attack.... Read more

    Affected Products : allcommerce
    • EPSS Score: %0.11
    • Published: Jul. 11, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1143

    IBM DB2 7.0 allows a remote attacker to cause a denial of service (crash) via a single byte to (1) db2ccs.exe on port 6790, or (2) db2jds.exe on port 6789.... Read more

    Affected Products : db2_universal_database
    • EPSS Score: %1.08
    • Published: Jul. 11, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-1240

    The default configuration of sudo in Engarde Secure Linux 1.0.1 allows any user in the admin group to run certain commands that could be leveraged to gain full root access.... Read more

    Affected Products : secure_linux
    • EPSS Score: %0.46
    • Published: Jul. 11, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1141

    The Pseudo-Random Number Generator (PRNG) in SSLeay and OpenSSL before 0.9.6b allows attackers to use the output of small PRNG requests to determine the internal state information, which could be used by attackers to predict future pseudo-random numbers.... Read more

    Affected Products : openssl ssleay
    • EPSS Score: %1.40
    • Published: Jul. 10, 2001
    • Modified: Apr. 03, 2025

  • 3.6

    LOW
    CVE-2001-1322

    xinetd 2.1.8 and earlier runs with a default umask of 0, which could allow local users to read or modify files that are created by an application that runs under xinetd but does not set its own safe umask.... Read more

    Affected Products : xinetd
    • EPSS Score: %0.10
    • Published: Jul. 10, 2001
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2001-1180

    FreeBSD 4.3 does not properly clear shared signal handlers when executing a process, which allows local users to gain privileges by calling rfork with a shared signal handler, having the child process execute a setuid program, and sending a signal to the ... Read more

    Affected Products : freebsd
    • EPSS Score: %0.15
    • Published: Jul. 10, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1245

    Opera 5.0 for Linux does not properly handle malformed HTTP headers, which allows remote attackers to cause a denial of service, possibly with a header whose value is the same as a MIME header name.... Read more

    Affected Products : opera_web_browser
    • EPSS Score: %1.10
    • Published: Jul. 09, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1026

    Trend Micro InterScan AppletTrap 2.0 does not properly filter URLs when they are modified in certain ways such as (1) using a double slash (//) instead of a single slash, (2) URL-encoded characters, (3) requesting the IP address instead of the domain name... Read more

    Affected Products : interscan_applettrap
    • EPSS Score: %0.79
    • Published: Jul. 09, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1158

    Check Point VPN-1/FireWall-1 4.1 base.def contains a default macro, accept_fw1_rdp, which can allow remote attackers to bypass intended restrictions with forged RDP (internal protocol) headers to UDP port 259 of arbitrary hosts.... Read more

    Affected Products : firewall-1
    • EPSS Score: %4.82
    • Published: Jul. 09, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1244

    Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with ... Read more

    • EPSS Score: %8.69
    • Published: Jul. 07, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1045

    Directory traversal vulnerability in basilix.php3 in Basilix Webmail 1.0.3beta and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the request_id[DUMMY] parameter.... Read more

    Affected Products : basilix_webmail
    • EPSS Score: %8.58
    • Published: Jul. 06, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1081

    Format string vulnerabilities in Livingston/Lucent RADIUS before 2.1.va.1 may allow local or remote attackers to cause a denial of service and possibly execute arbitrary code via format specifiers that are injected into log messages.... Read more

    Affected Products : radius radius
    • EPSS Score: %2.12
    • Published: Jul. 06, 2001
    • Modified: Apr. 03, 2025

  • 3.7

    LOW
    CVE-2001-1085

    Lmail 2.7 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file.... Read more

    Affected Products : lmail
    • EPSS Score: %0.15
    • Published: Jul. 05, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1087

    The default configuration of the config.http.tunnel.allow_ports option on NetCache devices is set to +all, which allows remote attackers to connect to arbitrary ports on remote systems behind the device.... Read more

    Affected Products : netcache
    • EPSS Score: %0.72
    • Published: Jul. 05, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1408

    Directory traversal vulnerability in readmsg.php in WebMail 2.0.1 in Cobalt Qube 3 allows remote attackers to read arbitrary files via a .. (dot dot) in the mailbox parameter.... Read more

    Affected Products : qube webmail
    • EPSS Score: %3.78
    • Published: Jul. 05, 2001
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2001-1076

    Buffer overflow in whodo in Solaris SunOS 5.5.1 through 5.8 allows local users to execute arbitrary code via a long (1) SOR or (2) CFIME environment variable.... Read more

    Affected Products : solaris sunos
    • EPSS Score: %0.21
    • Published: Jul. 05, 2001
    • Modified: Apr. 03, 2025
Showing 20 of 291128 Results