Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2001-0416

    sgml-tools (aka sgmltools) before 1.0.9-15 creates temporary files with insecure permissions, which allows other users to read files that are being processed by sgml-tools.... Read more

    Affected Products : linux mandrake_linux immunix sgml-tools
    • EPSS Score: %0.09
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-2001-0338

    Internet Explorer 5.5 and earlier does not properly validate digital certificates when Certificate Revocation List (CRL) checking is enabled, which could allow remote attackers to spoof trusted web sites, aka the "Server certificate validation vulnerabili... Read more

    Affected Products : internet_explorer
    • EPSS Score: %1.67
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0453

    Directory traversal vulnerability in BRS WebWeaver HTTP server allows remote attackers to read arbitrary files via a .. (dot dot) attack in the (1) syshelp, (2) sysimages, or (3) scripts directories.... Read more

    Affected Products : webweaver
    • EPSS Score: %0.89
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0494

    Buffer overflow in IPSwitch IMail SMTP server 6.06 and possibly prior versions allows remote attackers to execute arbitrary code via a long From: header.... Read more

    Affected Products : imail
    • EPSS Score: %0.56
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0367

    Mirabilis ICQ WebFront Plug-in ICQ2000b Build 3278 allows a remote attacker to create a denial of service via HTTP URL requests containing a large number of % characters.... Read more

    Affected Products : icq
    • EPSS Score: %0.63
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2001-0496

    kdesu in kdelibs package creates world readable temporary files containing authentication info, which can allow local users to gain privileges.... Read more

    Affected Products : linux mandrake_linux
    • EPSS Score: %0.07
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0473

    Format string vulnerability in Mutt before 1.2.5 allows a remote malicious IMAP server to execute arbitrary commands.... Read more

    Affected Products : mutt linux linux mandrake_linux immunix
    • EPSS Score: %0.81
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2001-0450

    Directory traversal vulnerability in Transsoft FTP Broker before 5.5 allows attackers to (1) delete arbitrary files via DELETE, or (2) list arbitrary directories via LIST, via a .. (dot dot) in the file name.... Read more

    Affected Products : broker_ftp_server
    • EPSS Score: %1.51
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0425

    AdLibrary.pm in AdCycle 0.78b allows remote attackers to gain privileges to AdCycle via a malformed Agent: header in the HTTP request, which is inserted into a resulting SQL query that is used to verify login information.... Read more

    Affected Products : adcycle
    • EPSS Score: %4.59
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0334

    FTP service in IIS 5.0 and earlier allows remote attackers to cause a denial of service via a wildcard sequence that generates a long string when it is expanded.... Read more

    Affected Products : internet_information_server
    • EPSS Score: %25.08
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2001-0407

    Directory traversal vulnerability in MySQL before 3.23.36 allows local users to modify arbitrary files and gain privileges by creating a database whose name starts with .. (dot dot).... Read more

    Affected Products : mysql
    • EPSS Score: %0.71
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2001-0484

    Tektronix PhaserLink 850 does not require authentication for access to configuration pages such as _ncl_subjects.shtml and _ncl_items.shtml, which allows remote attackers to modify configuration information and cause a denial of service by accessing the p... Read more

    Affected Products : phaserlink
    • EPSS Score: %3.44
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0243

    Windows Media Player 7 and earlier stores Internet shortcuts in a user's Temporary Files folder with a fixed filename instead of in the Internet Explorer cache, which causes the HTML in those shortcuts to run in the Local Computer Zone instead of the Inte... Read more

    Affected Products : windows_media_player
    • EPSS Score: %37.01
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0331

    Buffer overflow in Embedded Support Partner (ESP) daemon (rpc.espd) in IRIX 6.5.8 and earlier allows remote attackers to execute arbitrary commands.... Read more

    Affected Products : irix
    • EPSS Score: %1.03
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0495

    Directory traversal in DataWizard WebXQ server 1.204 allows remote attackers to view files outside of the web root via a .. (dot dot) attack.... Read more

    Affected Products : webxq
    • EPSS Score: %6.47
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0452

    BRS WebWeaver FTP server before 0.64 Beta allows remote attackers to obtain the real pathname of the server via a "CD *" command followed by an ls command.... Read more

    Affected Products : webweaver
    • EPSS Score: %3.45
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0330

    Bugzilla 2.10 allows remote attackers to access sensitive information, including the database username and password, via an HTTP request for the globals.pl file, which is normally returned by the web server without being executed.... Read more

    Affected Products : bugzilla
    • EPSS Score: %0.85
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0462

    Directory traversal vulnerability in Perl web server 0.3 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the URL.... Read more

    Affected Products : perl_web_server
    • EPSS Score: %4.09
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2001-0381

    The OpenPGP PGP standard allows an attacker to determine the private signature key via a cryptanalytic attack in which the attacker alters the encrypted private key file and captures a single message signed with the signature key.... Read more

    Affected Products : openpgp
    • EPSS Score: %0.09
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0359

    Format string vulnerability in Sierra Half-Life build 1573 and earlier allows a remote attacker to execute arbitrary code via the map command.... Read more

    • EPSS Score: %1.84
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025
Showing 20 of 291526 Results