Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2001-0253

    Directory traversal vulnerability in hsx.cgi program in iWeb Hyperseek 2000 allows remote attackers to read arbitrary files and directories via a .. (dot dot) attack in the show parameter.... Read more

    Affected Products : hyperseek
    • Published: Jun. 02, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0211

    Directory traversal vulnerability in WebSPIRS 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) attack on the sp.nextform parameter.... Read more

    Affected Products : webspirs
    • Published: Jun. 02, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0224

    Muscat Empower CGI program allows remote attackers to obtain the absolute pathname of the server via an invalid request in the DB parameter.... Read more

    Affected Products : muscat_empower
    • Published: Jun. 02, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0146

    IIS 5.0 and Microsoft Exchange 2000 allow remote attackers to cause a denial of service (memory allocation error) by repeatedly sending a series of specially formatted URL's.... Read more

    • Published: Jun. 02, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2001-0157

    Debugging utility in the backdoor mode of Palm OS 3.5.2 and earlier allows attackers with physical access to a Palm device to bypass access restrictions and obtain passwords, even if the system lockout mechanism is enabled.... Read more

    Affected Products : palm_os
    • Published: Jun. 02, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0164

    Buffer overflow in Netscape Directory Server 4.12 and earlier allows remote attackers to cause a denial of service or execute arbitrary commands via a malformed recipient field.... Read more

    Affected Products : directory_server
    • Published: Jun. 02, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0216

    PALS Library System pals-cgi program allows remote attackers to execute arbitrary commands via shell metacharacters in the documentName parameter.... Read more

    Affected Products : webpals
    • Published: Jun. 02, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0252

    iPlanet (formerly Netscape) Enterprise Server 4.1 allows remote attackers to cause a denial of service via a long HTTP GET request that contains many "/../" (dot dot) sequences.... Read more

    Affected Products : iplanet_enterprise_server
    • Published: Jun. 02, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0300

    oidldapd 2.1.1.1 in Oracle 8.1.7 records log files in a directory (ldaplog) that has world-writable permissions, which may allow local users to delete logs and/or overwrite other files via a symlink attack.... Read more

    Affected Products : internet_directory
    • Published: Jun. 02, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0251

    The Web Publishing feature in Netscape Enterprise Server 3.x allows remote attackers to cause a denial of service via the REVLOG command.... Read more

    Affected Products : enterprise_server
    • Published: Jun. 02, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0214

    Way-board CGI program allows remote attackers to read arbitrary files by specifying the filename in the db parameter and terminating the filename with a null byte.... Read more

    Affected Products : way-board
    • Published: Jun. 02, 2001
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2001-0220

    Buffer overflow in ja-elvis and ko-helvis ports of elvis allow local users to gain root privileges.... Read more

    Affected Products : ja-elvis ko-helvis
    • Published: Jun. 02, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0299

    Buffer overflow in Voyager web administration server for Nokia IP440 allows local users to cause a denial of service, and possibly execute arbitrary commands, via a long URL.... Read more

    Affected Products : ip440_firewall_vpn_appliance
    • Published: Jun. 02, 2001
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2001-0221

    Buffer overflow in ja-xklock 2.7.1 and earlier allows local users to gain root privileges.... Read more

    Affected Products : ja-xklock
    • Published: Jun. 02, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0206

    Directory traversal vulnerability in Soft Lite ServerWorx 3.00 allows remote attackers to read arbitrary files by inserting a .. (dot dot) or ... into the requested pathname of an HTTP GET request.... Read more

    Affected Products : serverworx
    • Published: Jun. 02, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0260

    Buffer overflow in Lotus Domino Mail Server 5.0.5 and earlier allows a remote attacker to crash the server or execute arbitrary code via a long "RCPT TO" command.... Read more

    Affected Products : domino_mail_server
    • Published: Jun. 02, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0225

    fortran math component in Infobot 0.44.5.3 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters.... Read more

    Affected Products : infobot
    • Published: Jun. 02, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0210

    Directory traversal vulnerability in commerce.cgi CGI program allows remote attackers to read arbitrary files via a .. (dot dot) attack in the page parameter.... Read more

    Affected Products : commerce.cgi
    • Published: Jun. 02, 2001
    • Modified: Apr. 03, 2025

  • 3.6

    LOW
    CVE-2001-0259

    ssh-keygen in ssh 1.2.27 - 1.2.30 with Secure-RPC can allow local attackers to recover a SUN-DES-1 magic phrase generated by another user, which the attacker can use to decrypt that user's private key file.... Read more

    Affected Products : ssh
    • Published: Jun. 02, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0318

    Format string vulnerability in ProFTPD 1.2.0rc2 may allow attackers to execute arbitrary commands by shutting down the FTP server while using a malformed working directory (cwd).... Read more

    Affected Products : proftpd
    • Published: Jun. 02, 2001
    • Modified: Apr. 03, 2025
Showing 20 of 293613 Results