Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2001-1032

    admin.php in PHP-Nuke 5.2 and earlier, except 5.0RC1, does not check login credentials for upload operations, which allows remote attackers to copy and upload arbitrary files and read the PHP-Nuke configuration file by directly calling admin.php with an u... Read more

    Affected Products : php-nuke
    • Published: Sep. 24, 2001
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2001-1034

    Format string vulnerability in Hylafax on FreeBSD allows local users to execute arbitrary code via format specifiers in the -h hostname argument for (1) faxrm or (2) faxalter.... Read more

    Affected Products : freebsd
    • Published: Sep. 23, 2001
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2001-0955

    Buffer overflow in fbglyph.c in XFree86 before 4.2.0, related to glyph clipping for large origins, allows attackers to cause a denial of service and possibly gain privileges via a large number of characters, possibly through the web page search form of KD... Read more

    Affected Products : linux x11r6
    • Published: Sep. 22, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-1023

    Xcache 2.1 allows remote attackers to determine the absolute path of web server documents by requesting a URL that is not cached by Xcache, which returns the full pathname in the Content-PageName header.... Read more

    Affected Products : xcache
    • Published: Sep. 21, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0940

    Buffer overflow in the GUI authentication code of Check Point VPN-1/FireWall-1 Management Server 4.0 and 4.1 allows remote attackers to execute arbitrary code via a long user name.... Read more

    Affected Products : firewall-1 vpn-1_firewall-1
    • Published: Sep. 21, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0649

    Personal Web Sharing 1.5.5 allows a remote attacker to cause a denial of service via a long HTTP request.... Read more

    Affected Products : personal_web_sharing
    • Published: Sep. 20, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-1029

    libutil in OpenSSH on FreeBSD 4.4 and earlier does not drop privileges before verifying the capabilities for reading the copyright and welcome files, which allows local users to bypass the capabilities checks and read arbitrary files by specifying alterna... Read more

    Affected Products : openssh freebsd
    • Published: Sep. 20, 2001
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2001-0507

    IIS 5.0 uses relative paths to find system files that will run in-process, which allows local users to gain privileges via a Trojan horse file, aka the "System file listing privilege elevation" vulnerability.... Read more

    Affected Products : internet_information_services iis
    • Published: Sep. 20, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0645

    Symantec/AXENT NetProwler 3.5.x contains several default passwords, which could allow remote attackers to (1) access to the management tier via the "admin" password, or (2) connect to a MySQL ODBC from the management tier using a blank password.... Read more

    Affected Products : netprowler
    • Published: Sep. 20, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0677

    Eudora 5.0.2 allows a remote attacker to read arbitrary files via an email with the path of the target file in the "Attachment Converted" MIME header, which sends the file when the email is forwarded to the attacker by the user.... Read more

    Affected Products : eudora
    • Published: Sep. 20, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0702

    Cerberus FTP 1.5 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long (1) username, (2) password, or (3) PASV command.... Read more

    • Published: Sep. 20, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0643

    Internet Explorer 5.5 does not display the Class ID (CLSID) when it is at the end of the file name, which could allow attackers to trick the user into executing dangerous programs by making it appear that the document is of a safe file type.... Read more

    Affected Products : internet_explorer
    • Published: Sep. 20, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0650

    Cisco devices IOS 12.0 and earlier allow a remote attacker to cause a crash, or bad route updates, via malformed BGP updates with unrecognized transitive attribute.... Read more

    Affected Products : ios
    • Published: Sep. 20, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0636

    Buffer overflows in Raytheon SilentRunner allow remote attackers to (1) cause a denial of service in the collector (cle.exe) component of SilentRunner 2.0 via traffic containing long passwords, or (2) execute arbitrary commands via long HTTP queries in th... Read more

    Affected Products : silentrunner
    • Published: Sep. 20, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0642

    Directory traversal vulnerability in IncrediMail version 1400185 and earlier allows local users to overwrite files on the local hard drive by appending .. (dot dot) sequences to filenames listed in the content.ini file.... Read more

    Affected Products : incredimail
    • Published: Sep. 20, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0508

    Vulnerability in IIS 5.0 allows remote attackers to cause a denial of service (restart) via a long, invalid WebDAV request.... Read more

    Affected Products : internet_information_services iis
    • Published: Sep. 20, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2001-0686

    Buffer overflow in mail included with SunOS 5.8 for x86 allows a local user to gain privileges via a long HOME environment variable.... Read more

    Affected Products : solaris
    • Published: Sep. 20, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0689

    Vulnerability in TrendMicro Virus Control System 1.8 allows a remote attacker to view configuration files and change the configuration via a certain CGI program.... Read more

    Affected Products : virus_control_system
    • Published: Sep. 20, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0694

    Directory traversal vulnerability in WFTPD 3.00 R5 allows a remote attacker to view arbitrary files via a dot dot attack in the CD command.... Read more

    Affected Products : wftpd
    • Published: Sep. 20, 2001
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2001-0699

    Buffer overflow in cb_reset in the System Service Processor (SSP) package of SunOS 5.8 allows a local user to execute arbitrary code via a long argument.... Read more

    Affected Products : solaris sunos
    • Published: Sep. 20, 2001
    • Modified: Apr. 03, 2025
Showing 20 of 294516 Results