Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2001-0365

    Eudora before 5.1 allows a remote attacker to execute arbitrary code, when the 'Use Microsoft Viewer' and 'allow executables in HTML content' options are enabled, via an HTML email message containing Javascript, with ActiveX controls and malicious code wi... Read more

    Affected Products : eudora
    • EPSS Score: %4.82
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2001-0381

    The OpenPGP PGP standard allows an attacker to determine the private signature key via a cryptanalytic attack in which the attacker alters the encrypted private key file and captures a single message signed with the signature key.... Read more

    Affected Products : openpgp
    • EPSS Score: %0.09
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0359

    Format string vulnerability in Sierra Half-Life build 1573 and earlier allows a remote attacker to execute arbitrary code via the map command.... Read more

    • EPSS Score: %1.84
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 4.0

    MEDIUM
    CVE-2001-0361

    Implementations of SSH version 1.5, including (1) OpenSSH up to version 2.3.0, (2) AppGate, and (3) ssh-1 up to version 1.2.31, in certain configurations, allow a remote attacker to decrypt and/or alter traffic via a "Bleichenbacher attack" on PKCS#1 vers... Read more

    Affected Products : openssh ssh
    • EPSS Score: %1.49
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0493

    Small HTTP server 2.03 allows remote attackers to cause a denial of service via a URL that contains an MS-DOS device name such as aux.... Read more

    Affected Products : small_http_server
    • EPSS Score: %0.76
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0329

    Bugzilla 2.10 allows remote attackers to execute arbitrary commands via shell metacharacters in a username that is then processed by (1) the Bugzilla_login cookie in post_bug.cgi, or (2) the who parameter in process_bug.cgi.... Read more

    Affected Products : bugzilla
    • EPSS Score: %4.40
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0328

    TCP implementations that use random increments for initial sequence numbers (ISN) can allow remote attackers to perform session hijacking or disruption by injecting a flood of packets with a range of ISN values, one of which may match the expected ISN.... Read more

    Affected Products :
    • EPSS Score: %28.62
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2001-0484

    Tektronix PhaserLink 850 does not require authentication for access to configuration pages such as _ncl_subjects.shtml and _ncl_items.shtml, which allows remote attackers to modify configuration information and cause a denial of service by accessing the p... Read more

    Affected Products : phaserlink
    • EPSS Score: %3.44
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0441

    Buffer overflow in (1) wrapping and (2) unwrapping functions of slrn news reader before 0.9.7.0 allows remote attackers to execute arbitrary commands via a long message header.... Read more

    • EPSS Score: %1.44
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0337

    The Microsoft MS01-014 and MS01-016 patches for IIS 5.0 and earlier introduce a memory leak which allows attackers to cause a denial of service via a series of requests.... Read more

    Affected Products : internet_information_server
    • EPSS Score: %4.62
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2001-1164

    Buffer overflow in uucp utilities in UnixWare 7 allows local users to execute arbitrary code via long command line arguments to (1) uucp, (2) uux, (3) bnuconvert, (4) uucico, (5) uuxcmd, or (6) uuxqt.... Read more

    Affected Products : unixware
    • EPSS Score: %0.06
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0241

    Buffer overflow in Internet Printing ISAPI extension in Windows 2000 allows remote attackers to gain root privileges via a long print request that is passed to the extension through IIS 5.0.... Read more

    Affected Products : windows_2000
    • EPSS Score: %88.82
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2001-0407

    Directory traversal vulnerability in MySQL before 3.23.36 allows local users to modify arbitrary files and gain privileges by creating a database whose name starts with .. (dot dot).... Read more

    Affected Products : mysql
    • EPSS Score: %0.71
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0458

    Multiple buffer overflows in ePerl before 2.2.14-0.7 allow local and remote attackers to execute arbitrary commands.... Read more

    • EPSS Score: %1.72
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1083

    Icecast 1.3.7, and other versions before 1.3.11 with HTTP server file streaming support enabled allows remote attackers to cause a denial of service (crash) via a URL that ends in . (dot), / (forward slash), or \ (backward slash).... Read more

    Affected Products : icecast
    • EPSS Score: %16.70
    • Published: Jun. 26, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2001-1324

    cvmlogin and statfile in Paul Jarc idtools before 2001.06.27 do not properly check the return value of a call to the pathexec_env function, which could cause the setstate utility to setuid to the UID environment variable and allow local users to gain priv... Read more

    Affected Products : idtools
    • EPSS Score: %0.07
    • Published: Jun. 26, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-1162

    Directory traversal vulnerability in the %m macro in the smb.conf configuration file in Samba before 2.2.0a allows remote attackers to overwrite certain files via a .. in a NETBIOS name, which is used as the name for a .log file.... Read more

    Affected Products : samba cifs-9000_server
    • EPSS Score: %30.17
    • Published: Jun. 23, 2001
    • Modified: Apr. 03, 2025

  • 6.2

    MEDIUM
    CVE-2001-0906

    teTeX filter before 1.0.7 allows local users to gain privileges via a symlink attack on temporary files that are produced when printing .dvi files using lpr.... Read more

    Affected Products : tetex
    • EPSS Score: %0.22
    • Published: Jun. 22, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1328

    Buffer overflow in ypbind daemon in Solaris 5.4 through 8 allows remote attackers to execute arbitrary code.... Read more

    Affected Products : sunos
    • EPSS Score: %6.21
    • Published: Jun. 22, 2001
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2001-1276

    ispell before 3.1.20 allows local users to overwrite files of other users via a symlink attack on a temporary file.... Read more

    Affected Products : ispell
    • EPSS Score: %0.09
    • Published: Jun. 21, 2001
    • Modified: Apr. 03, 2025
Showing 20 of 291219 Results