Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2001-1244

    Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with ... Read more

    • EPSS Score: %8.69
    • Published: Jul. 07, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1045

    Directory traversal vulnerability in basilix.php3 in Basilix Webmail 1.0.3beta and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the request_id[DUMMY] parameter.... Read more

    Affected Products : basilix_webmail
    • EPSS Score: %8.58
    • Published: Jul. 06, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1081

    Format string vulnerabilities in Livingston/Lucent RADIUS before 2.1.va.1 may allow local or remote attackers to cause a denial of service and possibly execute arbitrary code via format specifiers that are injected into log messages.... Read more

    Affected Products : radius radius
    • EPSS Score: %2.12
    • Published: Jul. 06, 2001
    • Modified: Apr. 03, 2025

  • 3.7

    LOW
    CVE-2001-1085

    Lmail 2.7 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file.... Read more

    Affected Products : lmail
    • EPSS Score: %0.15
    • Published: Jul. 05, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1087

    The default configuration of the config.http.tunnel.allow_ports option on NetCache devices is set to +all, which allows remote attackers to connect to arbitrary ports on remote systems behind the device.... Read more

    Affected Products : netcache
    • EPSS Score: %0.72
    • Published: Jul. 05, 2001
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2001-1076

    Buffer overflow in whodo in Solaris SunOS 5.5.1 through 5.8 allows local users to execute arbitrary code via a long (1) SOR or (2) CFIME environment variable.... Read more

    Affected Products : solaris sunos
    • EPSS Score: %0.21
    • Published: Jul. 05, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1408

    Directory traversal vulnerability in readmsg.php in WebMail 2.0.1 in Cobalt Qube 3 allows remote attackers to read arbitrary files via a .. (dot dot) in the mailbox parameter.... Read more

    Affected Products : qube webmail
    • EPSS Score: %3.78
    • Published: Jul. 05, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1086

    XDM in XFree86 3.3 and 3.3.3 generates easily guessable cookies using gettimeofday() when compiled with the HasXdmXauth option, which allows remote attackers to gain unauthorized access to the X display via a brute force attack.... Read more

    Affected Products : x11r6
    • EPSS Score: %3.17
    • Published: Jul. 04, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1243

    Scripting.FileSystemObject in asp.dll for Microsoft IIS 4.0 and 5.0 allows local or remote attackers to cause a denial of service (crash) via (1) creating an ASP program that uses Scripting.FileSystemObject to open a file with an MS-DOS device name, or (2... Read more

    • EPSS Score: %8.36
    • Published: Jul. 04, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1075

    poprelayd script before 2.0 in Cobalt RaQ3 servers allows remote attackers to bypass authentication for relaying by causing a "POP login by user" string that includes the attacker's IP address to be injected into the maillog log file.... Read more

    Affected Products : cobalt_raq_3i
    • EPSS Score: %3.55
    • Published: Jul. 04, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1266

    Directory traversal vulnerability in Doug Neal's HTTPD Daemon (DNHTTPD) before 0.4.1 allows remote attackers to view arbitrary files via a .. (dot dot) attack using the dot hex code '%2E'.... Read more

    Affected Products : dnhttpd
    • EPSS Score: %1.48
    • Published: Jul. 03, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1159

    load_prefs.php and supporting include files in SquirrelMail 1.0.4 and earlier do not properly initialize certain PHP variables, which allows remote attackers to (1) view sensitive files via the config_php and data_dir options, and (2) execute arbitrary co... Read more

    Affected Products : squirrelmail
    • EPSS Score: %1.98
    • Published: Jul. 02, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0464

    Buffer overflow in websync.exe in Cyberscheduler allows remote attackers to execute arbitrary commands via a long tzs (timezone) parameter.... Read more

    Affected Products : cyberscheduler
    • EPSS Score: %6.60
    • Published: Jul. 02, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1042

    Transsoft Broker 5.9.5.0 allows remote attackers to read arbitrary files and directories by uploading a .lnk (link) file that points to the target file.... Read more

    Affected Products : broker_ftp_server
    • EPSS Score: %1.58
    • Published: Jul. 02, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0431

    Vulnerability in iPlanet Web Server Enterprise Edition 4.x.... Read more

    Affected Products : iplanet_web_server
    • EPSS Score: %0.48
    • Published: Jul. 02, 2001
    • Modified: Apr. 03, 2025

  • 6.8

    MEDIUM
    CVE-2001-1441

    Cross-site scripting (XSS) vulnerability in VisualAge for Java 3.5 Professional allows remote attackers to execute JavaScript on other clients via the URL, which injects the script in the resulting error message.... Read more

    Affected Products : visualage_for_java
    • EPSS Score: %1.20
    • Published: Jul. 02, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0396

    The pre-login mode in the System Administrator interface of Lightwave ConsoleServer 3200 allows remote attackers to obtain sensitive information such as system status, configuration, and users.... Read more

    Affected Products : consoleserver
    • EPSS Score: %0.91
    • Published: Jul. 02, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0384

    ppd in Reliant Sinix allows local users to corrupt arbitrary files via a symlink attack in the /tmp/ppd.trace file.... Read more

    Affected Products : reliant_unix
    • EPSS Score: %0.13
    • Published: Jul. 02, 2001
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2001-0421

    FTP server in Solaris 8 and earlier allows local and remote attackers to cause a core dump in the root directory, possibly with world-readable permissions, by providing a valid username with an invalid password followed by a CWD ~ command, which could rel... Read more

    Affected Products : solaris sunos
    • EPSS Score: %2.44
    • Published: Jul. 02, 2001
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2001-0422

    Buffer overflow in Xsun in Solaris 8 and earlier allows local users to execute arbitrary commands via a long HOME environmental variable.... Read more

    Affected Products : solaris sunos
    • EPSS Score: %0.26
    • Published: Jul. 02, 2001
    • Modified: Apr. 03, 2025
Showing 20 of 291255 Results