Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2000-0684

    BEA WebLogic 5.1.x does not properly restrict access to the JSPServlet, which could allow remote attackers to compile and execute Java JSP code by directly invoking the servlet on any source file.... Read more

    Affected Products : weblogic_server
    • EPSS Score: %5.20
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0683

    BEA WebLogic 5.1.x allows remote attackers to read source code for parsed pages by inserting /*.shtml/ into the URL, which invokes the SSIServlet.... Read more

    Affected Products : weblogic_server
    • EPSS Score: %0.60
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-0746

    Vulnerabilities in IIS 4.0 and 5.0 do not properly protect against cross-site scripting (CSS) attacks. They allow a malicious web site operator to embed scripts in a link to a trusted site, which are returned without quoting in an error message back to t... Read more

    • EPSS Score: %11.72
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-0707

    PCCS MySQLDatabase Admin Tool Manager 1.2.4 and earlier installs the file dbconnect.inc within the web root, which allows remote attackers to obtain sensitive information such as the administrative password.... Read more

    Affected Products : mysqldatabase_admin_tool
    • EPSS Score: %0.85
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2000-0759

    Jakarta Tomcat 3.1 under Apache reveals physical path information when a remote attacker requests a URL that does not exist, which generates an error message that includes the physical path.... Read more

    Affected Products : tomcat
    • EPSS Score: %39.82
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-1213

    ping in iputils before 20001010, as distributed on Red Hat Linux 6.2 through 7J and other operating systems, does not drop privileges after acquiring a raw socket, which increases ping's exposure to bugs that otherwise would occur at lower privileges.... Read more

    Affected Products : linux immunix iputils
    • EPSS Score: %0.53
    • Published: Oct. 18, 2000
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2000-1214

    Buffer overflows in the (1) outpack or (2) buf variables of ping in iputils before 20001010, as distributed on Red Hat Linux 6.2 through 7J and other operating systems, may allow local users to gain privileges.... Read more

    Affected Products : linux immunix iputils
    • EPSS Score: %0.12
    • Published: Oct. 18, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-1999-1563

    Nachuatec D435 and D445 printer allows remote attackers to cause a denial of service via ICMP redirect storm.... Read more

    Affected Products : d435 d445
    • EPSS Score: %0.68
    • Published: Oct. 14, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1204

    Vulnerability in the mod_vhost_alias virtual hosting module for Apache 1.3.9, 1.3.11 and 1.3.12 allows remote attackers to obtain the source code for CGI programs if the cgi-bin directory is under the document root.... Read more

    Affected Products : http_server
    • EPSS Score: %4.01
    • Published: Oct. 13, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0816

    Linux tmpwatch --fuser option allows local users to execute arbitrary commands by creating files whose names contain shell metacharacters.... Read more

    Affected Products : linux
    • EPSS Score: %0.22
    • Published: Oct. 06, 2000
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2000-1207

    userhelper in the usermode package on Red Hat Linux executes non-setuid programs as root, which does not activate the security measures in glibc and allows the programs to be exploited via format string vulnerabilities in glibc via the LANG or LC_ALL envi... Read more

    Affected Products : linux
    • EPSS Score: %0.15
    • Published: Sep. 30, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0354

    mirror 2.8.x in Linux systems allows remote attackers to create files one level above the local target directory.... Read more

    Affected Products : mirror
    • EPSS Score: %0.73
    • Published: Sep. 28, 2000
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-1999-0761

    Buffer overflow in FreeBSD fts library routines allows local user to modify arbitrary files via the periodic program.... Read more

    Affected Products : freebsd
    • EPSS Score: %0.06
    • Published: Sep. 16, 2000
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-1079

    Interactions between the CIFS Browser Protocol and NetBIOS as implemented in Microsoft Windows 95, 98, NT, and 2000 allow remote attackers to modify dynamic NetBIOS name cache entries via a spoofed Browse Frame Request in a unicast or UDP broadcast datagr... Read more

    • EPSS Score: %11.15
    • Published: Aug. 29, 2000
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2000-0545

    Buffer overflow in mailx mail command (aka Mail) on Linux systems allows local users to gain privileges via a long -c (carbon copy) parameter.... Read more

    Affected Products : mailx
    • EPSS Score: %0.20
    • Published: Aug. 08, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0278

    The SalesLogix Eviewer allows remote attackers to cause a denial of service by accessing the URL for the slxweb.dll administration program, which does not authenticate the user.... Read more

    Affected Products : corporation_eviewer
    • EPSS Score: %4.02
    • Published: Aug. 03, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0668

    pam_console PAM module in Linux systems allows a user to access the system console and reboot the system when a display manager such as gdm or kdm has XDMCP enabled.... Read more

    Affected Products : linux linux pam_console
    • EPSS Score: %4.09
    • Published: Jul. 27, 2000
    • Modified: Apr. 03, 2025

  • 3.6

    LOW
    CVE-2000-0667

    Vulnerability in gpm in Caldera Linux allows local users to delete arbitrary files or conduct a denial of service.... Read more

    Affected Products : linux
    • EPSS Score: %0.09
    • Published: Jul. 27, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0673

    The NetBIOS Name Server (NBNS) protocol does not perform authentication, which allows remote attackers to cause a denial of service by sending a spoofed Name Conflict or Name Release datagram, aka the "NetBIOS Name Server Protocol Spoofing" vulnerability.... Read more

    Affected Products : windows_2000 windows_nt
    • EPSS Score: %17.33
    • Published: Jul. 27, 2000
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2000-0637

    Microsoft Excel 97 and 2000 allows an attacker to execute arbitrary commands by specifying a malicious .dll using the Register.ID function, aka the "Excel REGISTER.ID Function" vulnerability.... Read more

    Affected Products : excel
    • EPSS Score: %2.73
    • Published: Jul. 26, 2000
    • Modified: Apr. 03, 2025
Showing 20 of 292762 Results