Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2000-1171

    Directory traversal vulnerability in cgiforum.pl script in CGIForum 1.0 allows remote attackers to ready arbitrary files via a .. (dot dot) attack in the "thesection" parameter.... Read more

    Affected Products : cgiforum
    • EPSS Score: %4.09
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-1161

    The installation of AdCycle banner management system leaves the build.cgi program in a web-accessible directory, which allows remote attackers to execute the program and view passwords or delete databases.... Read more

    Affected Products : adcycle
    • EPSS Score: %0.65
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1188

    Directory traversal vulnerability in Quikstore shopping cart program allows remote attackers to read arbitrary files via a .. (dot dot) attack in the "page" parameter.... Read more

    Affected Products : quikstore
    • EPSS Score: %1.96
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2000-1109

    Midnight Commander (mc) 4.5.51 and earlier does not properly process malformed directory names when a user opens a directory, which allows other local users to gain privileges by creating directories that contain special characters followed by the command... Read more

    Affected Products : midnight_commander
    • EPSS Score: %0.08
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2000-1137

    GNU ed before 0.2-18.1 allows local users to overwrite the files of other users via a symlink attack.... Read more

    Affected Products : ed linux
    • EPSS Score: %0.07
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-1176

    Directory traversal vulnerability in YaBB search.pl CGI script allows remote attackers to read arbitrary files via a .. (dot dot) attack in the "catsearch" form field.... Read more

    Affected Products : yabb
    • EPSS Score: %2.37
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2000-1087

    The xp_proxiedmetadata function in Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which ... Read more

    Affected Products : sql_server sql_server data_engine
    • EPSS Score: %43.14
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2000-1108

    cons.saver in Midnight Commander (mc) 4.5.42 and earlier does not properly verify if an output file descriptor is a TTY, which allows local users to corrupt files by creating a symbolic link to the target file, calling mc, and specifying that link as a TT... Read more

    Affected Products : midnight_commander
    • EPSS Score: %0.08
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2000-1095

    modprobe in the modutils 2.3.x package on Linux systems allows a local user to execute arbitrary commands via shell metacharacters.... Read more

    • EPSS Score: %0.21
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1181

    Real Networks RealServer 7 and earlier allows remote attackers to obtain portions of RealServer's memory contents, possibly including sensitive information, by accessing the /admin/includes/ URL.... Read more

    Affected Products : realserver
    • EPSS Score: %7.62
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-1089

    Buffer overflow in Microsoft Phone Book Service allows local users to execute arbitrary commands, aka the "Phone Book Service Buffer Overflow" vulnerability.... Read more

    Affected Products : windows_2000 windows_nt
    • EPSS Score: %68.84
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2000-1132

    DCForum cgforum.cgi CGI script allows remote attackers to read arbitrary files, and delete the program itself, via a malformed "forum" variable.... Read more

    Affected Products : dcforum
    • EPSS Score: %9.33
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-1131

    Bill Kendrick web site guestbook (GBook) allows remote attackers to execute arbitrary commands via shell metacharacters in the _MAILTO form variable.... Read more

    Affected Products : gbook.cgi
    • EPSS Score: %1.18
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-1130

    McAfee WebShield SMTP 4.5 allows remote attackers to bypass email content filtering rules by including Extended ASCII characters in name of the attachment.... Read more

    Affected Products : webshield_smtp
    • EPSS Score: %0.32
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 5.5

    MEDIUM
    CVE-2000-1178

    Joe text editor follows symbolic links when creating a rescue copy called DEADJOE during an abnormal exit, which allows local users to overwrite the files of other users whose joe session crashes.... Read more

    Affected Products : linux joe
    • EPSS Score: %0.14
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 9.0

    HIGH
    CVE-2000-1164

    WinVNC installs the WinVNC3 registry key with permissions that give Special Access (read and modify) to the Everybody group, which allows users to read and modify sensitive information such as passwords and gain access to the system.... Read more

    Affected Products : winvnc
    • EPSS Score: %0.31
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1039

    Various TCP/IP stacks and network applications allow remote attackers to cause a denial of service by flooding a target host with TCP connection attempts and completing the TCP/IP handshake without maintaining the connection state on the attacker host, ak... Read more

    • EPSS Score: %38.35
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2000-1112

    Microsoft Windows Media Player 7 executes scripts in custom skin (.WMS) files, which could allow remote attackers to gain privileges via a skin that contains a malicious script, aka the ".WMS Script Execution" vulnerability.... Read more

    Affected Products : windows_media_player
    • EPSS Score: %2.00
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1154

    RHConsole in RobinHood 1.1 web server in BeOS r5 pro and earlier allows remote attackers to cause a denial of service via long HTTP request.... Read more

    Affected Products : robinhood
    • EPSS Score: %5.14
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-2000-1099

    Java Runtime Environment in Java Development Kit (JDK) 1.2.2_05 and earlier can allow an untrusted Java class to call into a disallowed class, which could allow an attacker to escape the Java sandbox and conduct unauthorized activities.... Read more

    Affected Products : jdk
    • EPSS Score: %0.60
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025
Showing 20 of 291005 Results