Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2000-0975

    Directory traversal vulnerability in apexec.pl in Anaconda Foundation Directory allows remote attackers to read arbitrary files via a .. (dot dot) attack.... Read more

    Affected Products : foundation_directory
    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-0982

    Internet Explorer before 5.5 forwards cached user credentials for a secure web site to insecure pages on the same web site, which could allow remote attackers to obtain the credentials by monitoring connections to the web server, aka the "Cached Web Crede... Read more

    Affected Products : internet_explorer
    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-0817

    Buffer overflow in the HTTP protocol parser for Microsoft Network Monitor (Netmon) allows remote attackers to execute arbitrary commands via malformed data, aka the "Netmon Protocol Parsing" vulnerability.... Read more

    Affected Products : network_monitor
    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0811

    Auction Weaver 1.0 through 1.04 allows remote attackers to read arbitrary files via a .. (dot dot) attack on the username or bidfile form fields.... Read more

    Affected Products : auction_weaver
    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2000-0940

    Directory traversal vulnerability in Metertek pagelog.cgi allows remote attackers to read arbitrary files via a .. (dot dot) attack on the "name" or "display" parameter.... Read more

    Affected Products : pagelog.cgi
    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2000-0995

    Format string vulnerability in OpenBSD yp_passwd program (and possibly other BSD-based operating systems) allows attackers to gain root privileges a malformed name.... Read more

    Affected Products : openbsd
    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0904

    Voyager web server 2.01B in the demo disks for QNX 405 stores sensitive web client information in the .photon directory in the web document root, which allows remote attackers to obtain that information.... Read more

    Affected Products : voyager
    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025

  • 5.5

    MEDIUM
    CVE-2000-0972

    HP-UX 11.00 crontab allows local users to read arbitrary files via the -e option by creating a symlink to the target file during the crontab session, quitting the session, and reading the error messages that crontab generates.... Read more

    Affected Products : hp-ux
    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0962

    The IPSEC implementation in OpenBSD 2.7 does not properly handle empty AH/ESP packets, which allows remote attackers to cause a denial of service.... Read more

    Affected Products : openbsd
    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2000-0987

    Buffer overflow in oidldapd in Oracle 8.1.6 allow local users to gain privileges via a long "connect" command line parameter.... Read more

    Affected Products : internet_directory oracle8i
    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0989

    Buffer overflow in Intel InBusiness eMail Station 1.04.87 POP service allows remote attackers to cause a denial of service and possibly execute commands via a long username.... Read more

    Affected Products : inbusiness_email_station
    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2000-0935

    Samba Web Administration Tool (SWAT) in Samba 2.0.7 allows local users to overwrite arbitrary files via a symlink attack on the cgi.log file.... Read more

    Affected Products : samba
    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0947

    Format string vulnerability in cfd daemon in GNU CFEngine before 1.6.0a11 allows attackers to execute arbitrary commands via format characters in the CAUTH command.... Read more

    Affected Products : cfengine
    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2000-0950

    Format string vulnerability in x-gw in TIS Firewall Toolkit (FWTK) allows local users to execute arbitrary commands via a malformed display name.... Read more

    Affected Products : internet_firewall_toolkit
    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0953

    Shambala Server 4.5 allows remote attackers to cause a denial of service by opening then closing a connection.... Read more

    Affected Products : shambala_server
    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2000-0963

    Buffer overflow in ncurses library allows local users to execute arbitrary commands via long environmental information such as TERM or TERMINFO_DIRS.... Read more

    Affected Products : freebsd ncurses linux immunix
    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0984

    The HTTP server in Cisco IOS 12.0 through 12.1 allows local users to cause a denial of service (crash and reload) via a URL containing a "?/" string.... Read more

    Affected Products : ios
    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0971

    Avirt Mail 4.0 and 4.2 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long "RCPT TO" or "MAIL FROM" command.... Read more

    Affected Products : avirt_mail_server
    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0969

    Format string vulnerability in Half Life dedicated server build 3104 and earlier allows remote attackers to execute arbitrary commands by injecting format strings into the changelevel command, via the system console or rcon.... Read more

    Affected Products : half-life_dedicated_server
    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-0974

    GnuPG (gpg) 1.0.3 does not properly check all signatures of a file containing multiple documents, which allows an attacker to modify contents of all documents but the first without detection.... Read more

    Affected Products : privacy_guard
    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025
Showing 20 of 293508 Results