Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2001-0332

    Internet Explorer 5.5 and earlier does not properly verify the domain of a frame within a browser window, which allows remote web site operators to read certain files on the client by sending information from a local frame to a frame in a different domain... Read more

    Affected Products : internet_explorer
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0472

    Hursley Software Laboratories Consumer Transaction Framework (HSLCTF) HTTP object allows remote attackers to cause a denial of service (crash) via an extremely long HTTP request.... Read more

    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0458

    Multiple buffer overflows in ePerl before 2.2.14-0.7 allow local and remote attackers to execute arbitrary commands.... Read more

    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2001-0449

    Buffer overflow in WinZip 8.0 allows attackers to execute arbitrary commands via a long file name that is processed by the /zipandemail command line option.... Read more

    Affected Products : winzip
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0474

    Utah-glx in Mesa before 3.3-14 on Mandrake Linux 7.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/glxmemory file.... Read more

    Affected Products : mandrake_linux mesa
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0478

    Directory traversal vulnerability in phpMyAdmin 2.2.0 and earlier versions allows remote attackers to execute arbitrary code via a .. (dot dot) in an argument to the sql.php script.... Read more

    Affected Products : phpmyadmin
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2001-0468

    Buffer overflow in FTPFS allows local users to gain root privileges via a long user name.... Read more

    Affected Products : ftpfs
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2001-0459

    Buffer overflows in ascdc Afterstep while running setuid allows local users to gain root privileges via a long (1) -d option, (2) -m option, or (3) -f option.... Read more

    Affected Products : afterstep ascdc
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0457

    man2html before 1.5-22 allows remote attackers to cause a denial of service (memory exhaustion).... Read more

    Affected Products : debian_linux
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0456

    postinst installation script for Proftpd in Debian 2.2 does not properly change the "run as uid/gid root" configuration when the user enables anonymous access, which causes the server to run at a higher privilege than intended.... Read more

    Affected Products : debian_linux
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0471

    SSH daemon version 1 (aka SSHD-1 or SSH-1) 1.2.30 and earlier does not log repeated login attempts, which could allow remote attackers to compromise accounts without detection via a brute force attack.... Read more

    Affected Products : ssh
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0477

    Vulnerability in WebCalendar 0.9.26 allows remote command execution.... Read more

    Affected Products : webcalendar
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0460

    Websweeper 4.0 does not limit the length of certain HTTP headers, which allows remote attackers to cause a denial of service (memory exhaustion) via an extremely large HTTP Referrer: header.... Read more

    Affected Products : websweeper
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2001-0415

    REDIPlus program, REDI.exe, stores passwords and user names in cleartext in the StartLog.txt log file, which allows local users to gain access to other accounts.... Read more

    Affected Products : rediplus
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0425

    AdLibrary.pm in AdCycle 0.78b allows remote attackers to gain privileges to AdCycle via a malformed Agent: header in the HTTP request, which is inserted into a resulting SQL query that is used to verify login information.... Read more

    Affected Products : adcycle
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0367

    Mirabilis ICQ WebFront Plug-in ICQ2000b Build 3278 allows a remote attacker to create a denial of service via HTTP URL requests containing a large number of % characters.... Read more

    Affected Products : icq
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0494

    Buffer overflow in IPSwitch IMail SMTP server 6.06 and possibly prior versions allows remote attackers to execute arbitrary code via a long From: header.... Read more

    Affected Products : imail
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0368

    Directory traversal vulnerability in BearShare 2.2.2 and earlier allows a remote attacker to read certain files via a URL containing a series of . characters, a variation of the .. (dot dot) attack.... Read more

    Affected Products : bearshare
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0492

    Netcruiser Web server version 0.1.2.8 and earlier allows remote attackers to determine the physical path of the server via a URL containing (1) con, (2) com2, or (3) com3.... Read more

    Affected Products : netcruiser_web_server
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0488

    pcltotiff in HP-UX 10.x has unnecessary set group id permissions, which allows local users to cause a denial of service.... Read more

    Affected Products : hp-ux
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025
Showing 20 of 293608 Results