Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2001-0472

    Hursley Software Laboratories Consumer Transaction Framework (HSLCTF) HTTP object allows remote attackers to cause a denial of service (crash) via an extremely long HTTP request.... Read more

    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0329

    Bugzilla 2.10 allows remote attackers to execute arbitrary commands via shell metacharacters in a username that is then processed by (1) the Bugzilla_login cookie in post_bug.cgi, or (2) the who parameter in process_bug.cgi.... Read more

    Affected Products : bugzilla
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 4.0

    MEDIUM
    CVE-2001-0361

    Implementations of SSH version 1.5, including (1) OpenSSH up to version 2.3.0, (2) AppGate, and (3) ssh-1 up to version 1.2.31, in certain configurations, allow a remote attacker to decrypt and/or alter traffic via a "Bleichenbacher attack" on PKCS#1 vers... Read more

    Affected Products : openssh ssh
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0493

    Small HTTP server 2.03 allows remote attackers to cause a denial of service via a URL that contains an MS-DOS device name such as aux.... Read more

    Affected Products : small_http_server
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2001-0496

    kdesu in kdelibs package creates world readable temporary files containing authentication info, which can allow local users to gain privileges.... Read more

    Affected Products : linux mandrake_linux
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2001-0450

    Directory traversal vulnerability in Transsoft FTP Broker before 5.5 allows attackers to (1) delete arbitrary files via DELETE, or (2) list arbitrary directories via LIST, via a .. (dot dot) in the file name.... Read more

    Affected Products : broker_ftp_server
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0473

    Format string vulnerability in Mutt before 1.2.5 allows a remote malicious IMAP server to execute arbitrary commands.... Read more

    Affected Products : mutt linux linux mandrake_linux immunix
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0378

    readline prior to 4.1, in OpenBSD 2.8 and earlier, creates history files with insecure permissions, which allows a local attacker to recover potentially sensitive information via readline history files.... Read more

    Affected Products : openbsd
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0359

    Format string vulnerability in Sierra Half-Life build 1573 and earlier allows a remote attacker to execute arbitrary code via the map command.... Read more

    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0479

    Directory traversal vulnerability in phpPgAdmin 2.2.1 and earlier versions allows remote attackers to execute arbitrary code via a .. (dot dot) in an argument to the sql.php script.... Read more

    Affected Products : phppgadmin
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-2001-0338

    Internet Explorer 5.5 and earlier does not properly validate digital certificates when Certificate Revocation List (CRL) checking is enabled, which could allow remote attackers to spoof trusted web sites, aka the "Server certificate validation vulnerabili... Read more

    Affected Products : internet_explorer
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0417

    Kerberos 4 (aka krb4) allows local users to overwrite arbitrary files via a symlink attack on new ticket files.... Read more

    Affected Products : kerberos_5 kerberos
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0241

    Buffer overflow in Internet Printing ISAPI extension in Windows 2000 allows remote attackers to gain root privileges via a long print request that is passed to the extension through IIS 5.0.... Read more

    Affected Products : windows_2000
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2001-0369

    Buffer overflow in lpsched on DGUX version R4.20MU06 and MU02 allows a local attacker to obtain root access via a long command line argument (non-existent printer name).... Read more

    Affected Products : unix
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0454

    Directory traversal vulnerability in SlimServe HTTPd 1.1a allows remote attackers to read arbitrary files via a ... (modified dot dot) in the HTTP request.... Read more

    Affected Products : slimserve
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0452

    BRS WebWeaver FTP server before 0.64 Beta allows remote attackers to obtain the real pathname of the server via a "CD *" command followed by an ls command.... Read more

    Affected Products : webweaver
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0461

    template.cgi in Free On-Line Dictionary of Computing (FOLDOC) allows remote attackers to read files and execute commands via shell metacharacters in the argument to template.cgi.... Read more

    Affected Products : foldoc
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0334

    FTP service in IIS 5.0 and earlier allows remote attackers to cause a denial of service via a wildcard sequence that generates a long string when it is expanded.... Read more

    Affected Products : internet_information_server
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0491

    Directory traversal vulnerability in RaidenFTPD Server 2.1 before build 952 allows attackers to access files outside the ftp root via dot dot attacks, such as (1) .... in CWD, (2) .. in NLST, or (3) ... in NLST.... Read more

    Affected Products : raidenftpd
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0453

    Directory traversal vulnerability in BRS WebWeaver HTTP server allows remote attackers to read arbitrary files via a .. (dot dot) attack in the (1) syshelp, (2) sysimages, or (3) scripts directories.... Read more

    Affected Products : webweaver
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025
Showing 20 of 293609 Results