Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2001-1549

    Tiny Personal Firewall 1.0 and 2.0 allows local users to bypass filtering via non-standard TCP packets created with non-Windows protocol adapters.... Read more

    Affected Products : tiny_personal_firewall
    • EPSS Score: %0.14
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1515

    Macintosh clients, when using NT file system volumes on Windows 2000 SP1, create subdirectories and automatically modify the inherited NTFS permissions, which may cause the directories to have less restrictive permissions than intended.... Read more

    Affected Products : windows_2000
    • EPSS Score: %0.78
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-1518

    RunAs (runas.exe) in Windows 2000 only creates one session instance at a time, which allows local users to cause a denial of service (RunAs hang) by creating a named pipe session with the authentication server without any request for service. NOTE: the v... Read more

    Affected Products : windows_2000
    • EPSS Score: %0.61
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-1497

    Microsoft Internet Explorer 4.0 through 6.0 could allow local users to differentiate between alphanumeric and non-alphanumeric characters used in a password by pressing certain control keys that jump between non-alphanumeric characters, which makes it eas... Read more

    Affected Products : internet_explorer ie
    • EPSS Score: %0.56
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2001-1509

    geteuid in Itanium Architecture (IA) running on HP-UX 11.20 does not properly identify a user's effective user id, which could allow local users to gain privileges.... Read more

    Affected Products : hp-ux
    • EPSS Score: %0.10
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-1570

    Windows XP with fast user switching and account lockout enabled allows local users to deny user account access by setting the fast user switch to the same user (self) multiple times, which causes other accounts to be locked out.... Read more

    Affected Products : windows_xp
    • EPSS Score: %0.32
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 5.5

    MEDIUM
    CVE-2001-1559

    The uipc system calls (uipc_syscalls.c) in OpenBSD 2.9 and 3.0 provide user mode return instead of versus rval kernel mode values to the fdrelease function, which allows local users to cause a denial of service and trigger a null dereference.... Read more

    Affected Products : openbsd
    • EPSS Score: %0.40
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 9.8

    CRITICAL
    CVE-2001-1496

    Off-by-one buffer overflow in Basic Authentication in Acme Labs thttpd 1.95 through 2.20 allows remote attackers to cause a denial of service and possibly execute arbitrary code.... Read more

    Affected Products : thttpd
    • EPSS Score: %19.07
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1552

    ssdpsrv.exe in Windows ME allows remote attackers to cause a denial of service by sending multiple newlines in a Simple Service Discovery Protocol (SSDP) message. NOTE: multiple replies to the original post state that the problem could not be reproduced.... Read more

    Affected Products : windows_me
    • EPSS Score: %22.39
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-1481

    Xitami 2.4 through 2.5 b4 stores the Administrator password in plaintext in the default.aut file, whose default permissions are world-readable, which allows remote attackers to gain privileges.... Read more

    Affected Products : xitami
    • EPSS Score: %1.70
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-1534

    mod_usertrack in Apache 1.3.11 through 1.3.20 generates session ID's using predictable information including host IP address, system time and server process ID, which allows local users to obtain session ID's and bypass authentication when these session I... Read more

    Affected Products : http_server
    • EPSS Score: %0.12
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2001-1487

    popauth utility in Qualcomm Qpopper 4.0 and earlier allows local users to overwrite arbitrary files and execute commands as the pop user via a symlink attack on the -trace file option.... Read more

    Affected Products : qpopper
    • EPSS Score: %0.11
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-1578

    Unknown vulnerability in SCO OpenServer 5.0.6 and earlier allows local users to modify critical information such as certain CPU registers and segment descriptors.... Read more

    Affected Products : openserver
    • EPSS Score: %0.08
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1556

    The log files in Apache web server contain information directly supplied by clients and does not filter or quote control characters, which could allow remote attackers to hide HTTP requests and spoof source IP addresses when logs are viewed with UNIX prog... Read more

    Affected Products : http_server
    • EPSS Score: %1.65
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2001-1568

    CMG WAP gateway does not verify the fully qualified domain name URL with X.509 certificates from root certificate authorities, which allows remote attackers to spoof SSL certificates via a man-in-the-middle attack.... Read more

    Affected Products : wap_gateway
    • EPSS Score: %0.18
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1554

    IBM AIX 430 does not properly unlock IPPMTU_LOCK, which allows remote attackers to cause a denial of service (hang) via Path Maximum Transmit Unit (PMTU) IP packets.... Read more

    Affected Products : aix
    • EPSS Score: %0.79
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1491

    Opera 5.11 allows remote attackers to cause a denial of service (CPU consumption and memory leak) via a web page with a large number of images.... Read more

    Affected Products : opera_web_browser
    • EPSS Score: %4.72
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2001-1524

    Cross-site scripting (XSS) vulnerability in PHP-Nuke 5.3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) uname parameter in user.php, (2) ttitle, letter and file parameters in modules.php, (3) subject, story and st... Read more

    Affected Products : php-nuke
    • EPSS Score: %0.11
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1572

    The MAC module in Netfilter in Linux kernel 2.4.1 through 2.4.11, when configured to filter based on MAC addresses, allows remote attackers to bypass packet filters via small packets.... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.40
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1510

    Allaire JRun 2.3.3, 3.0 and 3.1 running on IIS 4.0 and 5.0, iPlanet, Apache, JRun web server (JWS), and possibly other web servers allows remote attackers to read arbitrary files and directories by appending (1) "%3f.jsp", (2) "?.jsp" or (3) "?" to the re... Read more

    Affected Products : jrun
    • EPSS Score: %3.38
    • Published: Dec. 31, 2001
    • Modified: Apr. 03, 2025
Showing 20 of 292386 Results