Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2001-1061

    Vulnerability in lsmcode in unknown versions of AIX, possibly related to a usage error.... Read more

    Affected Products : aix
    • EPSS Score: %0.56
    • Published: Aug. 31, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0995

    PHProjekt before 2.4a allows remote attackers to perform actions as other PHProjekt users by modifying the ID number in an HTTP request to PHProjekt CGI programs.... Read more

    Affected Products : phpprojekt
    • EPSS Score: %0.87
    • Published: Aug. 31, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1065

    Web-based configuration utility in Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap binds itself to port 80 even when web-based configuration services are disabled, which could leave the router open to attack.... Read more

    Affected Products : cbos
    • EPSS Score: %0.48
    • Published: Aug. 31, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-1041

    oracle program in Oracle 8.0.x, 8.1.x and 9.0.1 allows local users to overwrite arbitrary files via a symlink attack on an Oracle log trace (.trc) file that is created in an alternate home directory identified by the ORACLE_HOME environment variable.... Read more

    Affected Products : database_server
    • EPSS Score: %0.29
    • Published: Aug. 31, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1072

    Apache with mod_rewrite enabled on most UNIX systems allows remote attackers to bypass RewriteRules by inserting extra / (slash) characters into the requested path, which causes the regular expression in the RewriteRule to fail.... Read more

    Affected Products : http_server
    • EPSS Score: %0.85
    • Published: Aug. 31, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0981

    HP CIFS/9000 Server (SAMBA) A.01.07 and earlier with the "unix password sync" option enabled calls the passwd program without specifying the username of the user making the request, which could cause the server to change the password of a different user.... Read more

    Affected Products : cifs-9000_server
    • EPSS Score: %0.39
    • Published: Aug. 31, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1452

    By default, DNS servers on Windows NT 4.0 and Windows 2000 Server cache glue records received from non-delegated name servers, which allows remote attackers to poison the DNS cache via spoofed DNS responses.... Read more

    Affected Products : windows_2000 windows_nt
    • EPSS Score: %5.37
    • Published: Aug. 31, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0971

    Directory traversal vulnerability in ACI 4d webserver allows remote attackers to read arbitrary files via a .. (dot dot) or drive letter (e.g., C:) in an HTTP request.... Read more

    Affected Products : 4d_webserver
    • EPSS Score: %0.56
    • Published: Aug. 31, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-1195

    telnet daemon (telnetd) from the Linux netkit package before netkit-telnet-0.16 allows remote attackers to bypass authentication when telnetd is running with the -L command line option.... Read more

    • EPSS Score: %0.35
    • Published: Aug. 31, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1073

    Webridge PX Application Suite allows remote attackers to obtain sensitive information via a malformed request that generates a server error message, which includes full pathname or internal IP address information in the variables (1) APPL_PHYSICAL_PATH, (... Read more

    Affected Products : px_application_suite
    • EPSS Score: %0.81
    • Published: Aug. 31, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1039

    The JetAdmin web interface for HP JetDirect does not set a password for the telnet interface when the admin password is changed, which allows remote attackers to gain access to the printer.... Read more

    Affected Products : jetadmin
    • EPSS Score: %0.60
    • Published: Aug. 31, 2001
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2001-1040

    HP LaserJet, and possibly other JetDirect devices, resets the admin password when the device is turned off, which could allow remote attackers to access the device without the password.... Read more

    Affected Products : jetadmin
    • EPSS Score: %0.52
    • Published: Aug. 31, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-1025

    PHP-Nuke 5.x allows remote attackers to perform arbitrary SQL operations by modifying the "prefix" variable when calling any scripts that do not already define the prefix variable (e.g., by including mainfile.php), such as article.php.... Read more

    Affected Products : php-nuke
    • EPSS Score: %0.07
    • Published: Aug. 31, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-1194

    Argosoft FRP server 1.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long string to the (1) USER or (2) CWD commands.... Read more

    Affected Products : ftp_server
    • EPSS Score: %2.91
    • Published: Aug. 31, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-1192

    Buffer overflow in BTT Software SNMP Trap Watcher 1.16 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long string trap.... Read more

    Affected Products : snmp_trap_watcher
    • EPSS Score: %2.28
    • Published: Aug. 31, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-1027

    Buffer overflow in WindowMaker (aka wmaker) 0.64 and earlier allows remote attackers to execute arbitrary code via a long window title.... Read more

    Affected Products : windowmaker
    • EPSS Score: %23.72
    • Published: Aug. 31, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1200

    Windows NT allows remote attackers to list all users in a domain by obtaining the domain SID with the LsaQueryInformationPolicy policy function via a null session and using the SID to list the users.... Read more

    Affected Products : windows_nt
    • EPSS Score: %20.50
    • Published: Aug. 31, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-1009

    Fetchmail (aka fetchmail-ssl) before 5.8.17 allows a remote malicious (1) IMAP server or (2) POP/POP3 server to overwrite arbitrary memory and possibly gain privileges via a negative index number as part of a response to a LIST request.... Read more

    Affected Products : fetchmail
    • EPSS Score: %13.12
    • Published: Aug. 31, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0711

    Cisco IOS 11.x and 12.0 with ATM support allows attackers to cause a denial of service via the undocumented Interim Local Management Interface (ILMI) SNMP community string.... Read more

    Affected Products : ios
    • EPSS Score: %13.01
    • Published: Aug. 31, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1191

    htsearch program in htDig 3.2 beta, 3.1.6, 3.1.5, and earlier allows remote attackers to determine the physical path of the server by requesting a non-existent configuration file using the config parameter, which generates an error message that includes t... Read more

    Affected Products : htdig
    • EPSS Score: %2.00
    • Published: Aug. 31, 2001
    • Modified: Apr. 03, 2025
Showing 20 of 291558 Results