Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2001-0400

    nph-maillist.pl allows remote attackers to execute arbitrary commands via shell metacharacters ("`") in the email address.... Read more

    Affected Products : nph-maillist
    • EPSS Score: %13.10
    • Published: Jul. 02, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0327

    iPlanet Web Server Enterprise Edition 4.1 and earlier allows remote attackers to retrieve sensitive data from memory allocation pools, or cause a denial of service, via a URL-encoded Host: header in the HTTP request, which reveals memory in the Location: ... Read more

    Affected Products : iplanet_web_server
    • EPSS Score: %1.90
    • Published: Jul. 02, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0428

    Cisco VPN 3000 series concentrators before 2.5.2(F) allow remote attackers to cause a denial of service via an IP packet with an invalid IP option.... Read more

    • EPSS Score: %0.76
    • Published: Jul. 02, 2001
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2001-0387

    Format string vulnerability in hfaxd in HylaFAX before 4.1.b2_2 allows local users to gain privileges via the -q command line argument.... Read more

    Affected Products : hylafax
    • EPSS Score: %0.06
    • Published: Jul. 02, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0486

    Remote attackers can cause a denial of service in Novell BorderManager 3.6 and earlier by sending TCP SYN flood to port 353.... Read more

    Affected Products : bordermanager
    • EPSS Score: %8.62
    • Published: Jul. 02, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0389

    IBM Websphere/NetCommerce3 3.1.2 allows remote attackers to determine the real path of the server by directly calling the macro.d2w macro with a NOEXISTINGHTMLBLOCK argument.... Read more

    • EPSS Score: %0.66
    • Published: Jul. 02, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0436

    dcboard.cgi in DCForum 2000 1.0 allows remote attackers to execute arbitrary commands by uploading a Perl program to the server and using a .. (dot dot) in the AZ parameter to reference the program.... Read more

    Affected Products : dcforum dcforum_2000
    • EPSS Score: %2.03
    • Published: Jul. 02, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0405

    ip_conntrack_ftp in the IPTables firewall for Linux 2.4 allows remote attackers to bypass access restrictions for an FTP server via a PORT command that lists an arbitrary IP address and port number, which is added to the RELATED table and allowed by the f... Read more

    Affected Products : linux_kernel linux
    • EPSS Score: %14.30
    • Published: Jul. 02, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0437

    upload_file.pl in DCForum 2000 1.0 allows remote attackers to upload arbitrary files without authentication by setting the az parameter to upload_file.... Read more

    Affected Products : dcforum dcforum_2000
    • EPSS Score: %0.76
    • Published: Jul. 02, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2001-0435

    The split key mechanism used by PGP 7.0 allows a key share holder to obtain access to the entire key by setting the "Cache passphrase while logged on" option and capturing the passphrases of other share holders as they authenticate.... Read more

    Affected Products : pgp
    • EPSS Score: %0.08
    • Published: Jul. 02, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1161

    Cross-site scripting (CSS) vulnerability in Lotus Domino 5.0.6 allows remote attackers to execute script on other web clients via a URL that ends in Javascript, which generates an error message that does not quote the resulting script.... Read more

    Affected Products : domino_r5_server
    • EPSS Score: %3.63
    • Published: Jul. 02, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0431

    Vulnerability in iPlanet Web Server Enterprise Edition 4.x.... Read more

    Affected Products : iplanet_web_server
    • EPSS Score: %0.48
    • Published: Jul. 02, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0391

    Xitami 2.5d4 and earlier allows remote attackers to crash the server via an HTTP request to the /aux directory.... Read more

    Affected Products : xitami
    • EPSS Score: %0.66
    • Published: Jul. 02, 2001
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2001-0423

    Buffer overflow in ipcs in Solaris 7 x86 allows local users to execute arbitrary code via a long TZ (timezone) environmental variable, a different vulnerability than CAN-2002-0093.... Read more

    Affected Products : solaris
    • EPSS Score: %0.33
    • Published: Jul. 02, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0443

    Buffer overflow in QPC QVT/Net Popd 4.20 in QVT/Net 5.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via (1) a long username, or (2) a long password.... Read more

    Affected Products : qvt_net qvt_term_plus
    • EPSS Score: %0.99
    • Published: Jul. 02, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0406

    Samba before 2.2.0 allows local attackers to overwrite arbitrary files via a symlink attack using (1) a printer queue query, (2) the more command in smbclient, or (3) the mput command in smbclient.... Read more

    Affected Products : samba
    • EPSS Score: %0.30
    • Published: Jul. 02, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0432

    Buffer overflows in various CGI programs in the remote administration service for Trend Micro Interscan VirusWall 3.01 allow remote attackers to execute arbitrary commands.... Read more

    Affected Products : interscan_viruswall
    • EPSS Score: %6.01
    • Published: Jul. 02, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1386

    WFTPD 3.00 allows remote attackers to read arbitrary files by uploading a (link) file that ends in a ".lnk." extension, which bypasses WFTPD's check for a ".lnk" extension.... Read more

    Affected Products : wftpd
    • EPSS Score: %0.73
    • Published: Jul. 01, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1043

    ArGoSoft FTP Server 1.2.2.2 allows remote attackers to read arbitrary files and directories by uploading a .lnk (link) file that points to the target file.... Read more

    Affected Products : ftp_server
    • EPSS Score: %1.81
    • Published: Jul. 01, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1246

    PHP 4.0.5 through 4.1.0 in safe mode does not properly cleanse the 5th parameter to the mail() function, which allows local users and possibly remote attackers to execute arbitrary commands via shell metacharacters.... Read more

    Affected Products : php
    • EPSS Score: %3.29
    • Published: Jun. 30, 2001
    • Modified: Apr. 03, 2025
Showing 20 of 291616 Results