Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.6

    MEDIUM
    CVE-2000-0901

    Format string vulnerability in screen 3.9.5 and earlier allows local users to gain root privileges via format characters in the vbell_msg initialization variable.... Read more

    Affected Products : weigert_screen
    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0887

    named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a denial of service by making a compressed zone transfer (ZXFR) request and performing a name service query on an authoritative record that is not cached, aka the "zxfr bug."... Read more

    Affected Products : bind
    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-0923

    authenticate.cgi CGI program in Aplio PRO allows remote attackers to execute arbitrary commands via shell metacharacters in the password parameter.... Read more

    Affected Products : aplio_phone
    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0919

    Directory traversal vulnerability in PHPix Photo Album 1.0.2 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack.... Read more

    Affected Products : phpix
    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0961

    Buffer overflow in IMAP server in Netscape Messaging Server 4.15 Patch 2 allows local users to execute arbitrary commands via a long LIST command.... Read more

    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-0909

    Buffer overflow in the automatic mail checking component of Pine 4.21 and earlier allows remote attackers to execute arbitrary commands via a long From: header.... Read more

    Affected Products : linux pine
    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0922

    Directory traversal vulnerability in Bytes Interactive Web Shopper shopping cart program (shopper.cgi) 2.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack on the newpage parameter.... Read more

    Affected Products : web_shopper
    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0977

    mailfile.cgi CGI program in MailFile 1.10 allows remote attackers to read arbitrary files by specifying the target file name in the "filename" parameter in a POST request, which is then sent by email to the address specified in the "email" parameter.... Read more

    Affected Products : mail_file
    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0920

    Directory traversal vulnerability in BOA web server 0.94.8.2 and earlier allows remote attackers to read arbitrary files via a modified .. (dot dot) attack in the GET HTTP request that uses a "%2E" instead of a "."... Read more

    Affected Products : boa_webserver
    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0947

    Format string vulnerability in cfd daemon in GNU CFEngine before 1.6.0a11 allows attackers to execute arbitrary commands via format characters in the CAUTH command.... Read more

    Affected Products : cfengine
    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0811

    Auction Weaver 1.0 through 1.04 allows remote attackers to read arbitrary files via a .. (dot dot) attack on the username or bidfile form fields.... Read more

    Affected Products : auction_weaver
    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-0900

    Directory traversal vulnerability in ssi CGI program in thttpd 2.19 and earlier allows remote attackers to read arbitrary files via a "%2e%2e" string, a variation of the .. (dot dot) attack.... Read more

    Affected Products : thttpd
    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0912

    MultiHTML CGI script allows remote attackers to read arbitrary files and possibly execute arbitrary commands by specifying the file name to the "multi" parameter.... Read more

    Affected Products : multihtml
    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0932

    MAILsweeper for SMTP 3.x does not properly handle corrupt CDA documents in a ZIP file and hangs, which allows remote attackers to cause a denial of service.... Read more

    Affected Products : mailsweeper_for_smtp
    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2000-0940

    Directory traversal vulnerability in Metertek pagelog.cgi allows remote attackers to read arbitrary files via a .. (dot dot) attack on the "name" or "display" parameter.... Read more

    Affected Products : pagelog.cgi
    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0938

    Samba Web Administration Tool (SWAT) in Samba 2.0.7 supplies a different error message when a valid username is provided versus an invalid name, which allows remote attackers to identify valid users on the server.... Read more

    Affected Products : samba
    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-0885

    Buffer overflows in Microsoft Network Monitor (Netmon) allow remote attackers to execute arbitrary commands via a long Browser Name in a CIFS Browse Frame, a long SNMP community name, or a long username or filename in an SMB session, aka the "Netmon Proto... Read more

    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0928

    WQuinn QuotaAdvisor 4.1 allows users to list directories and files by running a report on the targeted shares.... Read more

    Affected Products : diskadvisor
    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0924

    Directory traversal vulnerability in search.cgi CGI script in Armada Master Index allows remote attackers to read arbitrary files via a .. (dot dot) attack in the "catigory" parameter.... Read more

    Affected Products : master_index
    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0903

    Directory traversal vulnerability in Voyager web server 2.01B in the demo disks for QNX 405 allows remote attackers to read arbitrary files via a .. (dot dot) attack.... Read more

    Affected Products : voyager
    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025
Showing 20 of 293284 Results