Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2001-0862

    Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not block non-initial packet fragments, which allows remote attackers to bypass the ACL.... Read more

    Affected Products : 12000_router
    • EPSS Score: %0.45
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2001-0831

    Unknown vulnerability in Oracle Label Security in Oracle 8.1.7 and 9.0.1, when audit functionality, SET_LABEL, or SQL*Predicate is being used, allows local users to gain additional access.... Read more

    Affected Products : database_server
    • EPSS Score: %0.30
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0663

    Terminal Server in Windows NT and Windows 2000 allows remote attackers to cause a denial of service via a sequence of invalid Remote Desktop Protocol (RDP) packets.... Read more

    Affected Products : windows_2000 windows_nt
    • EPSS Score: %23.05
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0821

    The default configuration of DCShop 1.002 beta places sensitive files in the cgi-bin directory, which could allow remote attackers to read sensitive data via an HTTP GET request for (1) orders.txt or (2) auth_user_file.txt.... Read more

    Affected Products : dcshop
    • EPSS Score: %11.73
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0720

    Internet Explorer 5.1 for Macintosh on Mac OS X allows remote attackers to execute arbitrary commands by causing a BinHex or MacBinary file type to be downloaded, which causes the files to be executed if automatic decoding is enabled.... Read more

    Affected Products : mac_os_x
    • EPSS Score: %1.01
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0842

    Directory traversal vulnerability in Search.cgi in Leoboard LB5000 LB5000II 1029 and earlier allows remote attackers to overwrite files and gain privileges via .. (dot dot) sequences in the amembernamecookie cookie.... Read more

    Affected Products : lb5000
    • EPSS Score: %1.96
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0859

    2.4.3-12 kernel in Red Hat Linux 7.1 Korean installation program sets the setting default umask for init to 000, which installs files with world-writeable permissions.... Read more

    Affected Products : linux
    • EPSS Score: %0.47
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 3.6

    LOW
    CVE-2001-0806

    Apple MacOS X 10.0 and 10.1 allow a local user to read and write to a user's desktop folder via insecure default permissions for the Desktop when it is created in some languages.... Read more

    Affected Products : mac_os_x
    • EPSS Score: %0.08
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0800

    lpsched in IRIX 6.5.13f and earlier allows remote attackers to execute arbitrary commands via shell metacharacters.... Read more

    Affected Products : irix
    • EPSS Score: %78.03
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0726

    Outlook Web Access (OWA) in Microsoft Exchange 5.5 Server, when used with Internet Explorer, does not properly detect certain inline script, which can allow remote attackers to perform arbitrary actions on a user's Exchange mailbox via an HTML e-mail mess... Read more

    Affected Products : exchange_server
    • EPSS Score: %9.90
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0843

    Squid proxy server 2.4 and earlier allows remote attackers to cause a denial of service (crash) via a mkdir-only FTP PUT request.... Read more

    Affected Products : squid_web_proxy
    • EPSS Score: %24.97
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2001-1247

    PHP 4.0.4pl1 and 4.0.5 in safe mode allows remote attackers to read and write files owned by the web server UID by uploading a PHP script that uses the error_log function to access the files.... Read more

    Affected Products : php
    • EPSS Score: %0.65
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0719

    Buffer overflow in Microsoft Windows Media Player 6.4 allows remote attackers to execute arbitrary code via a malformed Advanced Streaming Format (ASF) file.... Read more

    Affected Products : windows_media_player
    • EPSS Score: %17.15
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2001-0858

    Buffer overflow in pppattach and other linked PPP utilities in Caldera Open Unix 8.0 and UnixWare 7.1.0 and 7.1.1 allows local users to gain privileges.... Read more

    Affected Products : unixware openunix
    • EPSS Score: %0.08
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0824

    Cross-site scripting vulnerability in IBM WebSphere 3.02 and 3.5 FP2 allows remote attackers to execute Javascript by inserting the Javascript into (1) a request for a .JSP file, or (2) a request to the webapp/examples/ directory, which inserts the Javasc... Read more

    Affected Products : websphere_application_server
    • EPSS Score: %0.84
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0837

    DeltaThree Pc-To-Phone 3.0.3 places sensitive data in world-readable locations in the installation directory, which allows local users to read the information in (1) temp.html, (2) the log folder, and (3) the PhoneBook folder.... Read more

    Affected Products : pc-to-phone
    • EPSS Score: %0.07
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0840

    Buffer overflow in Compaq Insight Manager XE 2.1b and earlier allows remote attackers to execute arbitrary code via (1) SNMP and (2) DMI.... Read more

    Affected Products : insight_manager_xe
    • EPSS Score: %12.53
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2001-0801

    lpstat in IRIX 6.5.13f and earlier allows local users to gain root privileges by specifying a Trojan Horse nettype shared library.... Read more

    Affected Products : irix
    • EPSS Score: %0.05
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0832

    Vulnerability in Oracle 8.0.x through 9.0.1 on Unix allows local users to overwrite arbitrary files, possibly via a symlink attack or incorrect file permissions in (1) the ORACLE_HOME/rdbms/log directory or (2) an alternate directory as specified in the O... Read more

    Affected Products : database_server
    • EPSS Score: %0.24
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0844

    Vulnerability in (1) Book of guests and (2) Post it! allows remote attackers to execute arbitrary code via shell metacharacters in the email parameter.... Read more

    Affected Products : book_of_guests post_it
    • EPSS Score: %2.31
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025
Showing 20 of 292212 Results