Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2000-0010

    WebWho+ whois.cgi program allows remote attackers to execute commands via shell metacharacters in the TLD parameter.... Read more

    Affected Products : webwho\+
    • EPSS Score: %5.17
    • Published: Dec. 26, 1999
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-1999-0455

    The Expression Evaluator sample application in ColdFusion allows remote attackers to read or delete files on the server via exprcalc.cfm, which does not restrict access to the server properly.... Read more

    Affected Products : coldfusion_server
    • EPSS Score: %9.13
    • Published: Dec. 25, 1999
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-1999-0477

    The Expression Evaluator in the ColdFusion Application Server allows a remote attacker to upload files to the server via openfile.cfm, which does not restrict access to the server properly.... Read more

    Affected Products : coldfusion_server
    • EPSS Score: %6.85
    • Published: Dec. 25, 1999
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2000-0006

    strace allows local users to read arbitrary files via memory mapped file names.... Read more

    Affected Products : linux_kernel strace
    • EPSS Score: %0.18
    • Published: Dec. 25, 1999
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-1999-0892

    Buffer overflow in Netscape Communicator before 4.7 via a dynamic font whose length field is less than the size of the font.... Read more

    Affected Products : communicator
    • EPSS Score: %0.09
    • Published: Dec. 24, 1999
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2000-0028

    Internet Explorer 5.0 and 5.01 allows remote attackers to bypass the cross frame security policy and read files via the external.NavigateAndFind function.... Read more

    Affected Products : internet_explorer ie
    • EPSS Score: %21.84
    • Published: Dec. 23, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0040

    glFtpD allows local users to gain privileges via metacharacters in the SITE ZIPCHK command.... Read more

    Affected Products : glftpd
    • EPSS Score: %0.41
    • Published: Dec. 23, 1999
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0001

    RealMedia server allows remote attackers to cause a denial of service via a long ramgen request.... Read more

    Affected Products : realserver
    • EPSS Score: %3.93
    • Published: Dec. 23, 1999
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-0038

    glFtpD includes a default glftpd user account with a default password and a UID of 0.... Read more

    Affected Products : glftpd
    • EPSS Score: %2.98
    • Published: Dec. 23, 1999
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-1999-1066

    Quake 1 server responds to an initial UDP game connection request with a large amount of traffic, which allows remote attackers to use the server as an amplifier in a "Smurf" style attack on another host, by spoofing the connection request.... Read more

    Affected Products : quake_1_server
    • EPSS Score: %0.66
    • Published: Dec. 22, 1999
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0030

    Solaris dmispd dmi_cmd allows local users to fill up restricted disk space by adding files to the /var/dmi/db database.... Read more

    Affected Products : solaris sunos
    • EPSS Score: %0.44
    • Published: Dec. 22, 1999
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2000-0119

    The default configurations for McAfee Virus Scan and Norton Anti-Virus virus checkers do not check files in the RECYCLED folder that is used by the Windows Recycle Bin utility, which allows attackers to store malicious code without detection.... Read more

    Affected Products : norton_antivirus virusscan
    • EPSS Score: %0.96
    • Published: Dec. 22, 1999
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0036

    Outlook Express 5 for Macintosh downloads attachments to HTML mail without prompting the user, aka the "HTML Mail Attachment" vulnerability.... Read more

    Affected Products : outlook_express ie
    • EPSS Score: %19.71
    • Published: Dec. 22, 1999
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0034

    Netscape 4.7 records user passwords in the preferences.js file during an IMAP or POP session, even if the user has not enabled "remember passwords."... Read more

    Affected Products : communicator
    • EPSS Score: %0.61
    • Published: Dec. 22, 1999
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-1999-1109

    Sendmail before 8.10.0 allows remote attackers to cause a denial of service by sending a series of ETRN commands then disconnecting from the server, while Sendmail continues to process the commands after the connection has been terminated.... Read more

    Affected Products : sendmail
    • EPSS Score: %5.22
    • Published: Dec. 22, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0002

    Buffer overflow in ZBServer Pro 1.50 allows remote attackers to execute commands via a long GET request.... Read more

    Affected Products : zbserver
    • EPSS Score: %9.29
    • Published: Dec. 22, 1999
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2000-0018

    wmmon in FreeBSD allows local users to gain privileges via the .wmmonrc configuration file.... Read more

    Affected Products : wmmon
    • EPSS Score: %0.15
    • Published: Dec. 22, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0032

    Solaris dmi_cmd allows local users to crash the dmispd daemon by adding a malformed file to the /var/dmi/db database.... Read more

    Affected Products : solaris sunos
    • EPSS Score: %1.02
    • Published: Dec. 22, 1999
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0025

    IIS 4.0 and Site Server 3.0 allow remote attackers to read source code for ASP files if the file is in a virtual directory whose name includes extensions such as .com, .exe, .sh, .cgi, or .dll, aka the "Virtual Directory Naming" vulnerability.... Read more

    • EPSS Score: %46.05
    • Published: Dec. 21, 1999
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-1999-1497

    Ipswitch IMail 5.0 and 6.0 uses weak encryption to store passwords in registry keys, which allows local attackers to read passwords for e-mail accounts.... Read more

    Affected Products : imail
    • EPSS Score: %0.22
    • Published: Dec. 21, 1999
    • Modified: Apr. 03, 2025
Showing 20 of 291741 Results