Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2001-0192

    Buffer overflows in CTRLServer in XMail allows attackers to execute arbitrary commands via the cfgfileget or domaindel functions.... Read more

    Affected Products : xmail
    • EPSS Score: %5.00
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 7.6

    HIGH
    CVE-2001-0198

    Buffer overflow in QuickTime Player plugin 4.1.2 (Japanese) allows remote attackers to execute arbitrary commands via a long HREF parameter in an EMBED tag.... Read more

    Affected Products : quicktime
    • EPSS Score: %5.70
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0179

    Allaire JRun 3.0 allows remote attackers to list contents of the WEB-INF directory, and the web.xml file in the WEB-INF directory, via a malformed URL that contains a "."... Read more

    Affected Products : jrun
    • EPSS Score: %2.96
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0173

    Buffer overflow in qDecoder library 5.08 and earlier, as used in CrazyWWWBoard, CrazySearch, and other CGI programs, allows remote attackers to execute arbitrary commands via a long MIME Content-Type header.... Read more

    Affected Products : crazywwwboard qdecoder
    • EPSS Score: %4.85
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0168

    Buffer overflow in AT&T WinVNC (Virtual Network Computing) server 3.3.3r7 and earlier allows remote attackers to execute arbitrary commands via a long HTTP GET request when the DebugLevel registry key is greater than 0.... Read more

    Affected Products : winvnc
    • EPSS Score: %67.36
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2001-0273

    pgp4pine Pine/PGP interface version 1.75-6 does not properly check to see if a public key has expired when obtaining the keys via Gnu Privacy Guard (GnuPG), which causes the message to be sent in cleartext.... Read more

    Affected Products : pgp4pine
    • EPSS Score: %0.59
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2001-0276

    ext.dll in BadBlue 1.02.07 Personal Edition web server allows remote attackers to determine the physical path of the server by directly calling ext.dll without any arguments, which produces an error message that contains the path.... Read more

    Affected Products : badblue
    • EPSS Score: %3.57
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2001-0278

    Vulnerability in linkeditor in HP MPE/iX 6.5 and earlier allows local users to gain privileges.... Read more

    Affected Products : mpe_ix
    • EPSS Score: %0.09
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0286

    Directory traversal vulnerability in A1 HTTP server 1.0a allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP GET request.... Read more

    Affected Products : http_server
    • EPSS Score: %3.05
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0296

    Buffer overflow in WFTPD Pro 3.00 allows remote attackers to execute arbitrary commands via a long CWD command.... Read more

    Affected Products : wftpd_pro
    • EPSS Score: %6.96
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0308

    UploadServlet in Bajie HTTP JServer 0.78, and possibly other versions before 0.80, allows remote attackers to execute arbitrary commands by calling the servlet to upload a program, then using a ... (modified ..) to access the file that was created for the... Read more

    Affected Products : java_http_server
    • EPSS Score: %7.89
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2001-0324

    Windows 98 and Windows 2000 Java clients allow remote attackers to cause a denial of service via a Java applet that opens a large number of UDP sockets, which prevents the host from establishing any additional UDP connections, and possibly causes a crash.... Read more

    Affected Products : windows_2000 windows_98
    • EPSS Score: %3.55
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0228

    Directory traversal vulnerability in GoAhead web server 2.1 and earlier allows remote attackers to read arbitrary files via a .. attack in an HTTP GET request.... Read more

    Affected Products : goahead_webserver
    • EPSS Score: %3.78
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0293

    Directory traversal vulnerability in FtpXQ FTP server 2.0.93 allows remote attackers to read arbitrary files via a .. (dot dot) in the GET command.... Read more

    Affected Products : ftpxq
    • EPSS Score: %2.67
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0234

    NewsDaemon before 0.21b allows remote attackers to execute arbitrary SQL queries and gain privileges via a malformed user_username parameter.... Read more

    Affected Products : newsdaemon
    • EPSS Score: %0.86
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2001-0290

    Vulnerability in Mailman 2.0.1 and earlier allows list administrators to obtain user passwords.... Read more

    Affected Products : mailman
    • EPSS Score: %0.07
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0326

    Oracle Java Virtual Machine (JVM ) for Oracle 8.1.7 and Oracle Application Server 9iAS Release 1.0.2.0.1 allows remote attackers to read arbitrary files via the .jsp and .sqljsp file extensions when the server is configured to use the <<ALL FILES>> FilePe... Read more

    Affected Products : application_server oracle8i
    • EPSS Score: %1.52
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0304

    Directory traversal vulnerability in Caucho Resin 1.2.2 allows remote attackers to read arbitrary files via a "\.." (dot dot) in a URL request.... Read more

    Affected Products : resin
    • EPSS Score: %3.05
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0180

    Lars Ellingsen guestserver.cgi allows remote attackers to execute arbitrary commands via shell metacharacters in the "email" parameter.... Read more

    Affected Products : guestserver
    • EPSS Score: %2.53
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0295

    Directory traversal vulnerability in War FTP 1.67.04 allows remote attackers to list directory contents and possibly read files via a "dir *./../.." command.... Read more

    Affected Products : war_ftpd
    • EPSS Score: %4.31
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025
Showing 20 of 291312 Results