Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2001-0303

    tstisapi.dll in Pi3Web 1.0.1 web server allows remote attackers to determine the physical path of the server via a URL that requests a non-existent file.... Read more

    Affected Products : pi3web
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0307

    Bajie HTTP JServer 0.78, and other versions before 0.80, allows remote attackers to execute arbitrary commands via shell metacharacters in an HTTP request for a CGI program that does not exist.... Read more

    Affected Products : java_http_server
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2001-0316

    Linux kernel 2.4 and 2.2 allows local users to read kernel memory and possibly gain privileges via a negative argument to the sysctl call.... Read more

    Affected Products : linux_kernel
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2001-0283

    Directory traversal vulnerability in SunFTP build 9 allows remote attackers to read arbitrary files via .. (dot dot) characters in various commands, including (1) GET, (2) MKDIR, (3) RMDIR, (4) RENAME, or (5) PUT.... Read more

    Affected Products : sun_ftp
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0306

    Directory traversal vulnerability in ITAfrica WEBactive HTTP Server 1.00 allows remote attackers to read arbitrary files via a .. (dot dot) in a URL.... Read more

    Affected Products : webactive
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0270

    Marconi ASX-1000 ASX switches allow remote attackers to cause a denial of service in the telnet and web management interfaces via a malformed packet with the SYN-FIN and More Fragments attributes set.... Read more

    Affected Products : forethought asx-1000
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0287

    VERITAS Cluster Server (VCS) 1.3.0 on Solaris allows local users to cause a denial of service (system panic) via the -L option to the lltstat command.... Read more

    Affected Products : cluster_server
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0291

    Buffer overflow in post-query sample CGI program allows remote attackers to execute arbitrary commands via an HTTP POST request that contains at least 10001 parameters.... Read more

    Affected Products :
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0274

    kicq IRC client 1.0.0, and possibly later versions, allows remote attackers to execute arbitrary commands via shell metacharacters in a URL.... Read more

    Affected Products : kicq
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0171

    Buffer overflow in SlimServe HTTPd 1.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long GET request.... Read more

    Affected Products : slimserve
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0202

    Picserver web server allows remote attackers to read arbitrary files via a .. (dot dot) attack in an HTTP GET request.... Read more

    Affected Products : picserver
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2001-0229

    Chili!Soft ASP for Linux before 3.6 does not properly set group privileges when running in inherited mode, which could allow attackers to gain privileges via malicious scripts.... Read more

    Affected Products : chilisoft
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0186

    Directory traversal vulnerability in Free Java Web Server 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) attack.... Read more

    Affected Products : free_java_web_server
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2001-0267

    NM debug in HP MPE/iX 6.5 and earlier does not properly handle breakpoints, which allows local users to gain privileges.... Read more

    Affected Products : mpe_ix
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0196

    inetd ident server in FreeBSD 4.x and earlier does not properly set group permissions, which allows remote attackers to read the first 16 bytes of files that are accessible by the wheel group.... Read more

    Affected Products : freebsd
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0304

    Directory traversal vulnerability in Caucho Resin 1.2.2 allows remote attackers to read arbitrary files via a "\.." (dot dot) in a URL request.... Read more

    Affected Products : resin
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0191

    gnuserv before 3.12, as shipped with XEmacs, does not properly check the specified length of an X Windows MIT-MAGIC-COOKIE cookie, which allows remote attackers to execute arbitrary commands via a buffer overflow, or brute force authentication by using a ... Read more

    Affected Products : linux xemacs gnuserv
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0325

    Buffer overflow in QNX RTP 5.60 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a large number of arguments to the stat command.... Read more

    Affected Products : rtp
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0200

    HSWeb 2.0 HTTP server allows remote attackers to obtain the physical path of the server via a request to the /cgi/ directory, which will list the path if directory browsing is enabled.... Read more

    Affected Products : hsweb
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0326

    Oracle Java Virtual Machine (JVM ) for Oracle 8.1.7 and Oracle Application Server 9iAS Release 1.0.2.0.1 allows remote attackers to read arbitrary files via the .jsp and .sqljsp file extensions when the server is configured to use the <<ALL FILES>> FilePe... Read more

    Affected Products : application_server oracle8i
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025
Showing 20 of 293360 Results