Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.6

    MEDIUM
    CVE-2001-0157

    Debugging utility in the backdoor mode of Palm OS 3.5.2 and earlier allows attackers with physical access to a Palm device to bypass access restrictions and obtain passwords, even if the system lockout mechanism is enabled.... Read more

    Affected Products : palm_os
    • EPSS Score: %0.07
    • Published: Jun. 02, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0206

    Directory traversal vulnerability in Soft Lite ServerWorx 3.00 allows remote attackers to read arbitrary files by inserting a .. (dot dot) or ... into the requested pathname of an HTTP GET request.... Read more

    Affected Products : serverworx
    • EPSS Score: %2.67
    • Published: Jun. 02, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0312

    IBM WebSphere plugin for Netscape Enterprise server allows remote attackers to read source code for JSP files via an HTTP request that contains a host header that references a host that is not in WebSphere's host aliases list, which will bypass WebSphere ... Read more

    Affected Products : websphere_plugin
    • EPSS Score: %0.43
    • Published: Jun. 02, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0156

    VShell SSH gateway 1.0.1 and earlier has a default port forwarding rule of 0.0.0.0/0.0.0.0, which could allow local users to conduct arbitrary port forwarding to other systems.... Read more

    Affected Products : vshell
    • EPSS Score: %0.10
    • Published: Jun. 02, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0299

    Buffer overflow in Voyager web administration server for Nokia IP440 allows local users to cause a denial of service, and possibly execute arbitrary commands, via a long URL.... Read more

    Affected Products : ip440_firewall_vpn_appliance
    • EPSS Score: %0.80
    • Published: Jun. 02, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0310

    sort in FreeBSD 4.1.1 and earlier, and possibly other operating systems, uses predictable temporary file names and does not properly handle when the temporary file already exists, which causes sort to crash and possibly impacts security-sensitive scripts.... Read more

    Affected Products : freebsd
    • EPSS Score: %0.09
    • Published: Jun. 02, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2001-0311

    Vulnerability in OmniBackII A.03.50 in HP 11.x and earlier allows attackers to gain unauthorized access to an OmniBack client.... Read more

    Affected Products : hp-ux omniback_ii
    • EPSS Score: %41.18
    • Published: Jun. 02, 2001
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2001-0323

    The ICMP path MTU (PMTU) discovery feature in various UNIX systems allows remote attackers to cause a denial of service by spoofing "ICMP Fragmentation needed but Don't Fragment (DF) set" packets between two target hosts, which could cause one host to low... Read more

    Affected Products : solaris
    • EPSS Score: %0.74
    • Published: Jun. 02, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0300

    oidldapd 2.1.1.1 in Oracle 8.1.7 records log files in a directory (ldaplog) that has world-writable permissions, which may allow local users to delete logs and/or overwrite other files via a symlink attack.... Read more

    Affected Products : internet_directory
    • EPSS Score: %0.47
    • Published: Jun. 02, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0257

    Buffer overflow in Easycom/Safecom Print Server Web service, version 404.590 and earlier, allows remote attackers to execute arbitrary commands via (1) a long URL or (2) a long HTTP header field such as "Host:".... Read more

    Affected Products : easycom_safecom_print_server
    • EPSS Score: %1.91
    • Published: Jun. 02, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0149

    Windows Scripting Host in Internet Explorer 5.5 and earlier allows remote attackers to read arbitrary files via the GetObject Javascript function and the htmlfile ActiveX object.... Read more

    Affected Products : internet_explorer
    • EPSS Score: %43.56
    • Published: Jun. 02, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0781

    Buffer overflow in SpoonFTP 1.0.0.12 allows remote attackers to execute arbitrary code via a long argument to the commands (1) CWD or (2) LIST.... Read more

    Affected Products : spoonftp
    • EPSS Score: %2.84
    • Published: May. 30, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1326

    Eudora 5.1 allows remote attackers to execute arbitrary code when the "Use Microsoft Viewer" option is enabled and the "allow executables in HTML content" option is disabled, via an HTML email with a form that is activated from an image that the attacker ... Read more

    Affected Products : eudora
    • EPSS Score: %3.75
    • Published: May. 29, 2001
    • Modified: Apr. 03, 2025

  • 3.7

    LOW
    CVE-2001-1349

    Sendmail before 8.11.4, and 8.12.0 before 8.12.0.Beta10, allows local users to cause a denial of service and possibly corrupt the heap and gain privileges via race conditions in signal handlers.... Read more

    Affected Products : sendmail
    • EPSS Score: %0.08
    • Published: May. 28, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1336

    CesarFTP 0.98b and earlier stores usernames and passwords in plaintext in the settings.ini file, which allows attackers to gain privileges.... Read more

    Affected Products : cesarftp
    • EPSS Score: %0.53
    • Published: May. 28, 2001
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2001-1028

    Buffer overflow in ultimate_source function of man 1.5 and earlier allows local users to gain privileges.... Read more

    Affected Products : linux
    • EPSS Score: %0.18
    • Published: May. 28, 2001
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2001-1074

    Webmin 0.84 and earlier does not properly clear the HTTP_AUTHORIZATION environment variable when the web server is restarted, which makes authentication information available to all CGI programs and allows local users to gain privileges.... Read more

    Affected Products : webmin
    • EPSS Score: %0.05
    • Published: May. 28, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1348

    TWIG 2.6.2 and earlier allows remote attackers to perform unauthorized database operations via a SQL injection attack on the id parameter.... Read more

    Affected Products : twig
    • EPSS Score: %0.60
    • Published: May. 28, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1335

    Directory traversal vulnerability in CesarFTP 0.98b and earlier allows remote authenticated users (such as anonymous) to read arbitrary files via a GET with a filename that contains a ...%5c (modified dot dot).... Read more

    Affected Products : cesarftp
    • EPSS Score: %3.45
    • Published: May. 27, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1338

    Beck IPC GmbH IPC@CHIP TelnetD server generates different responses when given valid and invalid login names, which allows remote attackers to determine accounts on the system.... Read more

    Affected Products : ipc_at_chip_telnetd_server
    • EPSS Score: %4.25
    • Published: May. 24, 2001
    • Modified: Apr. 03, 2025
Showing 20 of 291117 Results