Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2001-0796

    SGI IRIX 6.5 through 6.5.12f and possibly earlier versions, and FreeBSD 3.0, allows remote attackers to cause a denial of service via a malformed IGMP multicast packet with a small response delay.... Read more

    Affected Products : freebsd irix
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0847

    Lotus Domino Web Server 5.x allows remote attackers to gain sensitive information by accessing the default navigator $defaultNav via (1) URL encoding the request, or (2) directly requesting the ReplicaID.... Read more

    Affected Products : domino_web_server
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2001-0856

    Common Cryptographic Architecture (CCA) in IBM 4758 allows an attacker with physical access to the system and Combine_Key_Parts permissions, to steal DES and 3DES keys by using a brute force attack to create a 3DES exporter key.... Read more

    Affected Products : 4758
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0726

    Outlook Web Access (OWA) in Microsoft Exchange 5.5 Server, when used with Internet Explorer, does not properly detect certain inline script, which can allow remote attackers to perform arbitrary actions on a user's Exchange mailbox via an HTML e-mail mess... Read more

    Affected Products : exchange_server
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 3.6

    LOW
    CVE-2001-0806

    Apple MacOS X 10.0 and 10.1 allow a local user to read and write to a user's desktop folder via insecure default permissions for the Desktop when it is created in some languages.... Read more

    Affected Products : mac_os_x
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0838

    Format string vulnerability in Network Solutions Rwhoisd 1.5.x allows remote attackers to execute arbitrary code via format string specifiers in the -soa command.... Read more

    Affected Products : rwhoisd
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0808

    gnatsweb.pl in GNATS GnatsWeb 2.7 through 3.95 allows remote attackers to execute arbitrary commands via certain characters in the help_file parameter.... Read more

    Affected Products : gnatsweb
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0863

    Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not handle the "fragment" keyword in a compiled ACL (Turbo ACL) for packets that are sent to the router, which allows remote attackers to cause a denial of service via a flood of fragments.... Read more

    Affected Products : 12000_router
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0852

    TUX HTTP server 2.1.0-2 in Red Hat Linux allows remote attackers to cause a denial of service via a long Host: header.... Read more

    Affected Products : linux
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-2001-0829

    A cross-site scripting vulnerability in Apache Tomcat 3.2.1 allows a malicious webmaster to embed Javascript in a request for a .JSP file, which causes the Javascript to be inserted into an error message.... Read more

    Affected Products : tomcat
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2001-0801

    lpstat in IRIX 6.5.13f and earlier allows local users to gain root privileges by specifying a Trojan Horse nettype shared library.... Read more

    Affected Products : irix
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0804

    Directory traversal vulnerability in story.pl in Interactive Story 1.3 allows a remote attacker to read arbitrary files via a .. (dot dot) attack on the "next" parameter.... Read more

    Affected Products : interactive_story
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2001-0848

    join.cfm in e-Zone Media Fuse Talk allows a local user to execute arbitrary SQL code via a semi-colon (;) in a form variable.... Read more

    Affected Products : fuse_talk
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0830

    6tunnel 0.08 and earlier does not properly close sockets that were initiated by a client, which allows remote attackers to cause a denial of service (resource exhaustion) by repeatedly connecting to and disconnecting from the server.... Read more

    Affected Products : 6tunnel
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0671

    Buffer overflows in (1) send_status, (2) kill_print, and (3) chk_fhost in lpd in AIX 4.3 and 5.1 allow remote attackers to gain root privileges.... Read more

    Affected Products : aix
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2001-0831

    Unknown vulnerability in Oracle Label Security in Oracle 8.1.7 and 9.0.1, when audit functionality, SET_LABEL, or SQL*Predicate is being used, allows local users to gain additional access.... Read more

    Affected Products : database_server
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2001-0855

    Buffer overflow in db_loader in ClearCase 4.2 and earlier allows local users to gain root privileges via a long TERM environment variable.... Read more

    Affected Products : clearcase
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0820

    Buffer overflows in GazTek ghttpd 1.4 allows a remote attacker to execute arbitrary code via long arguments that are passed to (1) the Log function in util.c, or (2) serveconnection in protocol.c.... Read more

    Affected Products : ghttp
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0860

    Terminal Services Manager MMC in Windows 2000 and XP trusts the Client Address (IP address) that is provided by the client instead of obtaining it from the packet headers, which allows clients to spoof their public IP address, e.g. through a Network Addre... Read more

    Affected Products : windows_2000 windows_xp
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0866

    Cisco 12000 with IOS 12.0 and lines card based on Engine 2 does not properly handle an outbound ACL when an input ACL is not configured on all the interfaces of a multi port line card, which could allow remote attackers to bypass the intended access contr... Read more

    Affected Products : 12000_router
    • Published: Dec. 06, 2001
    • Modified: Apr. 03, 2025
Showing 20 of 294530 Results