Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2000-0804

    Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to bypass the directionality check via fragmented TCP connection requests or reopening closed TCP connection requests, aka "One-way Connection Enforcement Bypass."... Read more

    Affected Products : firewall-1
    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0854

    When a Microsoft Office 2000 document is launched, the directory of that document is first used to locate DLL's such as riched20.dll and msi.dll, which could allow an attacker to execute arbitrary commands by inserting a Trojan Horse DLL into the same dir... Read more

    Affected Products : office
    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0813

    Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to redirect FTP connections to other servers ("FTP Bounce") via invalid FTP commands that are processed improperly by FireWall-1, aka "FTP Connection Enforcement Bypass."... Read more

    Affected Products : firewall-1
    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0866

    Interbase 6 SuperServer for Linux allows an attacker to cause a denial of service via a query containing 0 bytes.... Read more

    Affected Products : interbase_superserver
    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0853

    YaBB Bulletin Board 9.1.2000 allows remote attackers to read arbitrary files via a .. (dot dot) attack.... Read more

    Affected Products : yabb
    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0874

    Eudora mail client includes the absolute path of the sender's host within a virtual card (VCF).... Read more

    Affected Products : eudora
    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0883

    The default configuration of mod_perl for Apache as installed on Mandrake Linux 6.1 through 7.1 sets the /perl/ directory to be browseable, which allows remote attackers to list the contents of that directory.... Read more

    Affected Products : mandrake_linux
    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0876

    WFTPD and WFTPD Pro 2.41 RC12 allows remote attackers to obtain the full pathname of the server via a "%C" command, which generates an error message that includes the pathname.... Read more

    Affected Products : wftpd wftpd_pro
    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0859

    The web configuration server for NTMail V5 and V6 allows remote attackers to cause a denial of service via a series of partial HTTP requests.... Read more

    Affected Products : ntmail
    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2000-0824

    The unsetenv function in glibc 2.1.1 does not properly unset an environmental variable if the variable is provided twice to a program, which could allow local users to execute arbitrary commands in setuid programs by specifying their own duplicate environ... Read more

    Affected Products : glibc linux
    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2000-0862

    Vulnerability in an administrative interface utility for Allaire Spectra 1.0.1 allows remote attackers to read and modify sensitive configuration information.... Read more

    Affected Products : spectra
    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-0807

    The OPSEC communications authentication mechanism (fwn1) in Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to spoof connections, aka the "OPSEC Authentication Vulnerability."... Read more

    Affected Products : firewall-1
    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0869

    The default configuration of Apache 1.3.12 in SuSE Linux 6.4 enables WebDAV, which allows remote attackers to list arbitrary directories via the PROPFIND HTTP request method.... Read more

    Affected Products : http_server suse_linux
    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-0831

    Buffer overflow in Fastream FTP++ 2.0 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long username.... Read more

    Affected Products : ftp\+\+_server
    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025

  • 3.6

    LOW
    CVE-2000-0880

    LPPlus creates the lpdprocess file with world-writeable permissions, which allows local users to kill arbitrary processes by specifying an alternate process ID and using the setuid dcclpdshut program to kill the process that was specified in the lpdproces... Read more

    Affected Products : lpplus
    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0871

    Buffer overflow in EFTP allows remote attackers to cause a denial of service by sending a string that does not contain a newline, then disconnecting from the server.... Read more

    Affected Products : eftp
    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-0850

    Netegrity SiteMinder before 4.11 allows remote attackers to bypass its authentication mechanism by appending "$/FILENAME.ext" (where ext is .ccc, .class, or .jpg) to the requested URL.... Read more

    Affected Products : siteminder
    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0881

    The dccscan setuid program in LPPlus does not properly check if the user has the permissions to print the file that is specified to dccscan, which allows local users to print arbitrary files.... Read more

    Affected Products : lpplus
    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2000-0851

    Buffer overflow in the Still Image Service in Windows 2000 allows local users to gain additional privileges via a long WM_USER message, aka the "Still Image Service Privilege Escalation" vulnerability.... Read more

    Affected Products : windows_2000
    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2000-0852

    Multiple buffer overflows in eject on FreeBSD and possibly other OSes allows local users to gain root privileges.... Read more

    Affected Products : freebsd
    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025
Showing 20 of 293280 Results