Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2001-0489

    Format string vulnerability in gftp prior to 2.0.8 allows remote malicious FTP servers to execute arbitrary commands.... Read more

    Affected Products : gftp
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2001-0481

    Vulnerability in rpmdrake in Mandrake Linux 8.0 related to insecure temporary file handling.... Read more

    Affected Products : mandrake_linux
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0388

    time server daemon timed allows remote attackers to cause a denial of service via malformed packets.... Read more

    Affected Products : freebsd suse_linux mandrake_linux
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2001-1164

    Buffer overflow in uucp utilities in UnixWare 7 allows local users to execute arbitrary code via long command line arguments to (1) uucp, (2) uux, (3) bnuconvert, (4) uucico, (5) uuxcmd, or (6) uuxqt.... Read more

    Affected Products : unixware
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0487

    AIX SNMP server snmpd allows remote attackers to cause a denial of service via a RST during the TCP connection.... Read more

    Affected Products : aix_snmp
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0336

    The Microsoft MS00-060 patch for IIS 5.0 and earlier introduces an error which allows attackers to cause a denial of service via a malformed request.... Read more

    Affected Products : internet_information_server
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2001-0450

    Directory traversal vulnerability in Transsoft FTP Broker before 5.5 allows attackers to (1) delete arbitrary files via DELETE, or (2) list arbitrary directories via LIST, via a .. (dot dot) in the file name.... Read more

    Affected Products : broker_ftp_server
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0473

    Format string vulnerability in Mutt before 1.2.5 allows a remote malicious IMAP server to execute arbitrary commands.... Read more

    Affected Products : mutt linux linux mandrake_linux immunix
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2001-0496

    kdesu in kdelibs package creates world readable temporary files containing authentication info, which can allow local users to gain privileges.... Read more

    Affected Products : linux mandrake_linux
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2001-0484

    Tektronix PhaserLink 850 does not require authentication for access to configuration pages such as _ncl_subjects.shtml and _ncl_items.shtml, which allows remote attackers to modify configuration information and cause a denial of service by accessing the p... Read more

    Affected Products : phaserlink
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 4.0

    MEDIUM
    CVE-2001-0361

    Implementations of SSH version 1.5, including (1) OpenSSH up to version 2.3.0, (2) AppGate, and (3) ssh-1 up to version 1.2.31, in certain configurations, allow a remote attacker to decrypt and/or alter traffic via a "Bleichenbacher attack" on PKCS#1 vers... Read more

    Affected Products : openssh ssh
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0493

    Small HTTP server 2.03 allows remote attackers to cause a denial of service via a URL that contains an MS-DOS device name such as aux.... Read more

    Affected Products : small_http_server
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0329

    Bugzilla 2.10 allows remote attackers to execute arbitrary commands via shell metacharacters in a username that is then processed by (1) the Bugzilla_login cookie in post_bug.cgi, or (2) the who parameter in process_bug.cgi.... Read more

    Affected Products : bugzilla
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0490

    Buffer overflow in WINAMP 2.6x and 2.7x allows attackers to execute arbitrary code via a long string in an AIP file.... Read more

    Affected Products : winamp
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2001-0366

    saposcol in SAP R/3 Web Application Server Demo before 1.5 trusts the PATH environmental variable to find and execute the expand program, which allows local users to obtain root access by modifying the PATH to point to a Trojan horse expand program.... Read more

    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0335

    FTP service in IIS 5.0 and earlier allows remote attackers to enumerate Guest accounts in trusted domains by preceding the username with a special sequence of characters.... Read more

    Affected Products : internet_information_server iis
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0475

    index.php in Jelsoft vBulletin does not properly initialize a PHP variable that is used to store template information, which allows remote attackers to execute arbitrary PHP code via special characters in the templatecache parameter.... Read more

    Affected Products : vbulletin
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2001-0485

    Unknown vulnerability in netprint in IRIX 6.2, and possibly other versions, allows local users with lp privileges attacker to execute arbitrary commands via the -n option.... Read more

    Affected Products : irix
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0237

    Memory leak in Microsoft 2000 domain controller allows remote attackers to cause a denial of service by repeatedly connecting to the Kerberos service and then disconnecting without sending any data.... Read more

    Affected Products : windows_2000
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0480

    Directory traversal vulnerability in Alex's FTP Server 0.7 allows remote attackers to read arbitrary files via a ... (modified dot dot) in the (1) GET or (2) CD commands.... Read more

    Affected Products : alexs_ftp_server
    • Published: Jun. 27, 2001
    • Modified: Apr. 03, 2025
Showing 20 of 293969 Results