Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2001-1245

    Opera 5.0 for Linux does not properly handle malformed HTTP headers, which allows remote attackers to cause a denial of service, possibly with a header whose value is the same as a MIME header name.... Read more

    Affected Products : opera_web_browser
    • Published: Jul. 09, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1158

    Check Point VPN-1/FireWall-1 4.1 base.def contains a default macro, accept_fw1_rdp, which can allow remote attackers to bypass intended restrictions with forged RDP (internal protocol) headers to UDP port 259 of arbitrary hosts.... Read more

    Affected Products : firewall-1
    • Published: Jul. 09, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1026

    Trend Micro InterScan AppletTrap 2.0 does not properly filter URLs when they are modified in certain ways such as (1) using a double slash (//) instead of a single slash, (2) URL-encoded characters, (3) requesting the IP address instead of the domain name... Read more

    Affected Products : interscan_applettrap
    • Published: Jul. 09, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1244

    Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with ... Read more

    • Published: Jul. 07, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1081

    Format string vulnerabilities in Livingston/Lucent RADIUS before 2.1.va.1 may allow local or remote attackers to cause a denial of service and possibly execute arbitrary code via format specifiers that are injected into log messages.... Read more

    Affected Products : radius radius
    • Published: Jul. 06, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1045

    Directory traversal vulnerability in basilix.php3 in Basilix Webmail 1.0.3beta and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the request_id[DUMMY] parameter.... Read more

    Affected Products : basilix_webmail
    • Published: Jul. 06, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1087

    The default configuration of the config.http.tunnel.allow_ports option on NetCache devices is set to +all, which allows remote attackers to connect to arbitrary ports on remote systems behind the device.... Read more

    Affected Products : netcache
    • Published: Jul. 05, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1408

    Directory traversal vulnerability in readmsg.php in WebMail 2.0.1 in Cobalt Qube 3 allows remote attackers to read arbitrary files via a .. (dot dot) in the mailbox parameter.... Read more

    Affected Products : qube webmail
    • Published: Jul. 05, 2001
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2001-1076

    Buffer overflow in whodo in Solaris SunOS 5.5.1 through 5.8 allows local users to execute arbitrary code via a long (1) SOR or (2) CFIME environment variable.... Read more

    Affected Products : solaris sunos
    • Published: Jul. 05, 2001
    • Modified: Apr. 03, 2025

  • 3.7

    LOW
    CVE-2001-1085

    Lmail 2.7 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file.... Read more

    Affected Products : lmail
    • Published: Jul. 05, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1243

    Scripting.FileSystemObject in asp.dll for Microsoft IIS 4.0 and 5.0 allows local or remote attackers to cause a denial of service (crash) via (1) creating an ASP program that uses Scripting.FileSystemObject to open a file with an MS-DOS device name, or (2... Read more

    • Published: Jul. 04, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1086

    XDM in XFree86 3.3 and 3.3.3 generates easily guessable cookies using gettimeofday() when compiled with the HasXdmXauth option, which allows remote attackers to gain unauthorized access to the X display via a brute force attack.... Read more

    Affected Products : x11r6
    • Published: Jul. 04, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1075

    poprelayd script before 2.0 in Cobalt RaQ3 servers allows remote attackers to bypass authentication for relaying by causing a "POP login by user" string that includes the attacker's IP address to be injected into the maillog log file.... Read more

    Affected Products : cobalt_raq_3i
    • Published: Jul. 04, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1266

    Directory traversal vulnerability in Doug Neal's HTTPD Daemon (DNHTTPD) before 0.4.1 allows remote attackers to view arbitrary files via a .. (dot dot) attack using the dot hex code '%2E'.... Read more

    Affected Products : dnhttpd
    • Published: Jul. 03, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1084

    Cross-site scripting vulnerability in Allaire JRun 3.0 and 2.3.3 allows a malicious webmaster to embed Javascript in a request for a .JSP, .shtml, .jsp10, .jrun, or .thtml file that does not exist, which causes the Javascript to be inserted into an error ... Read more

    Affected Products : jrun
    • Published: Jul. 02, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1159

    load_prefs.php and supporting include files in SquirrelMail 1.0.4 and earlier do not properly initialize certain PHP variables, which allows remote attackers to (1) view sensitive files via the config_php and data_dir options, and (2) execute arbitrary co... Read more

    Affected Products : squirrelmail
    • Published: Jul. 02, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0440

    Buffer overflow in logging functions of licq before 1.0.3 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands.... Read more

    Affected Products : linux mandrake_linux licq
    • Published: Jul. 02, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0386

    AnalogX SimpleServer:WWW 1.08 allows remote attackers to cause a denial of service via an HTTP request to the /aux directory.... Read more

    Affected Products : simpleserver_www
    • Published: Jul. 02, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0406

    Samba before 2.2.0 allows local attackers to overwrite arbitrary files via a symlink attack using (1) a printer queue query, (2) the more command in smbclient, or (3) the mput command in smbclient.... Read more

    Affected Products : samba
    • Published: Jul. 02, 2001
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2001-0424

    BubbleMon 1.31 does not properly drop group privileges before executing programs, which allows local users to execute arbitrary commands with the kmem group id.... Read more

    Affected Products : freebsd bubblemon
    • Published: Jul. 02, 2001
    • Modified: Apr. 03, 2025
Showing 20 of 293658 Results