Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.2

    HIGH
    CVE-2001-0267

    NM debug in HP MPE/iX 6.5 and earlier does not properly handle breakpoints, which allows local users to gain privileges.... Read more

    Affected Products : mpe_ix
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0196

    inetd ident server in FreeBSD 4.x and earlier does not properly set group permissions, which allows remote attackers to read the first 16 bytes of files that are accessible by the wheel group.... Read more

    Affected Products : freebsd
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2001-0290

    Vulnerability in Mailman 2.0.1 and earlier allows list administrators to obtain user passwords.... Read more

    Affected Products : mailman
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0191

    gnuserv before 3.12, as shipped with XEmacs, does not properly check the specified length of an X Windows MIT-MAGIC-COOKIE cookie, which allows remote attackers to execute arbitrary commands via a buffer overflow, or brute force authentication by using a ... Read more

    Affected Products : linux xemacs gnuserv
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0180

    Lars Ellingsen guestserver.cgi allows remote attackers to execute arbitrary commands via shell metacharacters in the "email" parameter.... Read more

    Affected Products : guestserver
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2001-0279

    Buffer overflow in sudo earlier than 1.6.3p6 allows local users to gain root privileges.... Read more

    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0228

    Directory traversal vulnerability in GoAhead web server 2.1 and earlier allows remote attackers to read arbitrary files via a .. attack in an HTTP GET request.... Read more

    Affected Products : goahead_webserver
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0154

    HTML e-mail feature in Internet Explorer 5.5 and earlier allows attackers to execute attachments by setting an unusual MIME type for the attachment, which Internet Explorer does not process correctly.... Read more

    Affected Products : internet_explorer
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0152

    The password protection option for the Compressed Folders feature in Plus! for Windows 98 and Windows Me writes password information to a file, which allows local users to recover the passwords and read the compressed folders.... Read more

    Affected Products : plus
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0199

    Directory traversal vulnerability in SEDUM HTTP Server 2.0 allows remote attackers to read arbitrary files via a .. (dot dot) attack in the HTTP GET request.... Read more

    Affected Products : sedum
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2001-0165

    Buffer overflow in ximp40 shared library in Solaris 7 and Solaris 8 allows local users to gain privileges via a long "arg0" (process name) argument.... Read more

    Affected Products : solaris sunos
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 7.6

    HIGH
    CVE-2001-0167

    Buffer overflow in AT&T WinVNC (Virtual Network Computing) client 3.3.3r7 and earlier allows remote attackers to execute arbitrary commands via a long rfbConnFailed packet with a long reason string.... Read more

    Affected Products : winvnc
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0173

    Buffer overflow in qDecoder library 5.08 and earlier, as used in CrazyWWWBoard, CrazySearch, and other CGI programs, allows remote attackers to execute arbitrary commands via a long MIME Content-Type header.... Read more

    Affected Products : crazywwwboard qdecoder
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0236

    Buffer overflow in Solaris snmpXdmid SNMP to DMI mapper daemon allows remote attackers to execute arbitrary commands via a long "indication" event.... Read more

    Affected Products : solaris sunos
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0292

    PHP-Nuke 4.4.1a allows remote attackers to modify a user's email address and obtain the password by guessing the user id (UID) and calling user.php with the saveuser operator.... Read more

    Affected Products : php-nuke
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0269

    pam_ldap authentication module in Solaris 8 allows remote attackers to bypass authentication via a NULL password.... Read more

    Affected Products : sunos
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0282

    SEDUM 2.1 HTTP server allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long HTTP request.... Read more

    Affected Products : sedum
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0271

    mailnews.cgi 1.3 and earlier allows remote attackers to execute arbitrary commands via a user name that contains shell metacharacters.... Read more

    Affected Products : mailnews.cgi
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0297

    Directory traversal vulnerability in Simple Server HTTPd 1.0 (originally Free Java Server) allows remote attackers to read arbitrary files via a .. (dot dot) in the URL.... Read more

    Affected Products : simple_server
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0308

    UploadServlet in Bajie HTTP JServer 0.78, and possibly other versions before 0.80, allows remote attackers to execute arbitrary commands by calling the servlet to upload a program, then using a ... (modified ..) to access the file that was created for the... Read more

    Affected Products : java_http_server
    • Published: May. 03, 2001
    • Modified: Apr. 03, 2025
Showing 20 of 293425 Results