Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2001-1263

    telnet95.exe in Pragma InterAccess 4.0 build 5 allows remote attackers to cause a denial of service (crash) via a large number of characters to port 23, possibly due to a buffer overflow.... Read more

    Affected Products : interaccess
    • Published: Jun. 06, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-1088

    Microsoft Outlook 8.5 and earlier, and Outlook Express 5 and earlier, with the "Automatically put people I reply to in my address book" option enabled, do not notify the user when the "Reply-To" address is different than the "From" address, which could al... Read more

    Affected Products : outlook outlook_express
    • Published: Jun. 05, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2001-1345

    bctool in Jetico BestCrypt 0.7 and earlier trusts the user-supplied PATH to find and execute an fsck utility program, which allows local users to gain privileges by modifying the PATH to point to a Trojan horse program.... Read more

    Affected Products : bestcrypt
    • Published: Jun. 05, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0258

    The Easycom/Safecom Print Server (firmware 404.590) PrintGuide server allows remote attackers to cause a denial of service via a large number of connections that send null characters.... Read more

    Affected Products : easycom_safecom_print_server
    • Published: Jun. 02, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0254

    FaSTream FTP++ Server 2.0 allows remote attackers to obtain the real pathname of the server via the "pwd" command.... Read more

    Affected Products : ftp\+\+_server
    • Published: Jun. 02, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0156

    VShell SSH gateway 1.0.1 and earlier has a default port forwarding rule of 0.0.0.0/0.0.0.0, which could allow local users to conduct arbitrary port forwarding to other systems.... Read more

    Affected Products : vshell
    • Published: Jun. 02, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0315

    The locking feature in mIRC 5.7 allows local users to bypass the password mechanism by modifying the LockOptions registry key.... Read more

    Affected Products : mirc
    • Published: Jun. 02, 2001
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-2001-0150

    Internet Explorer 5.5 and earlier executes Telnet sessions using command line arguments that are specified by the web site, which could allow remote attackers to execute arbitrary commands if the IE client is using the Telnet client provided in Services f... Read more

    Affected Products : internet_explorer
    • Published: Jun. 02, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0217

    Directory traversal vulnerability in PALS Library System pals-cgi program allows remote attackers to read arbitrary files via a .. (dot dot) in the documentName parameter.... Read more

    Affected Products : webpals
    • Published: Jun. 02, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0310

    sort in FreeBSD 4.1.1 and earlier, and possibly other operating systems, uses predictable temporary file names and does not properly handle when the temporary file already exists, which causes sort to crash and possibly impacts security-sensitive scripts.... Read more

    Affected Products : freebsd
    • Published: Jun. 02, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0313

    Borderware Firewall Server 6.1.2 allows remote attackers to cause a denial of service via a ping to the broadcast address of the public network on which the server is placed, which causes the server to continuously send pings (echo requests) to the networ... Read more

    Affected Products : firewall_server
    • Published: Jun. 02, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0250

    The Web Publishing feature in Netscape Enterprise Server 4.x and earlier allows remote attackers to list arbitrary directories under the web server root via the INDEX command.... Read more

    Affected Products : enterprise_server
    • Published: Jun. 02, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0256

    FaSTream FTP++ Server 2.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long username.... Read more

    Affected Products : ftp\+\+_server
    • Published: Jun. 02, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0312

    IBM WebSphere plugin for Netscape Enterprise server allows remote attackers to read source code for JSP files via an HTTP request that contains a host header that references a host that is not in WebSphere's host aliases list, which will bypass WebSphere ... Read more

    Affected Products : websphere_plugin
    • Published: Jun. 02, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0148

    The WMP ActiveX Control in Windows Media Player 7 allows remote attackers to execute commands in Internet Explorer via javascript URLs, a variant of the "Frame Domain Verification" vulnerability.... Read more

    • Published: Jun. 02, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0164

    Buffer overflow in Netscape Directory Server 4.12 and earlier allows remote attackers to cause a denial of service or execute arbitrary commands via a malformed recipient field.... Read more

    Affected Products : directory_server
    • Published: Jun. 02, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0260

    Buffer overflow in Lotus Domino Mail Server 5.0.5 and earlier allows a remote attacker to crash the server or execute arbitrary code via a long "RCPT TO" command.... Read more

    Affected Products : domino_mail_server
    • Published: Jun. 02, 2001
    • Modified: Apr. 03, 2025

  • 3.6

    LOW
    CVE-2001-0259

    ssh-keygen in ssh 1.2.27 - 1.2.30 with Secure-RPC can allow local attackers to recover a SUN-DES-1 magic phrase generated by another user, which the attacker can use to decrypt that user's private key file.... Read more

    Affected Products : ssh
    • Published: Jun. 02, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0252

    iPlanet (formerly Netscape) Enterprise Server 4.1 allows remote attackers to cause a denial of service via a long HTTP GET request that contains many "/../" (dot dot) sequences.... Read more

    Affected Products : iplanet_enterprise_server
    • Published: Jun. 02, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2001-0157

    Debugging utility in the backdoor mode of Palm OS 3.5.2 and earlier allows attackers with physical access to a Palm device to bypass access restrictions and obtain passwords, even if the system lockout mechanism is enabled.... Read more

    Affected Products : palm_os
    • Published: Jun. 02, 2001
    • Modified: Apr. 03, 2025
Showing 20 of 293640 Results