Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.4

    MEDIUM
    CVE-2000-0862

    Vulnerability in an administrative interface utility for Allaire Spectra 1.0.1 allows remote attackers to read and modify sensitive configuration information.... Read more

    Affected Products : spectra
    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0883

    The default configuration of mod_perl for Apache as installed on Mandrake Linux 6.1 through 7.1 sets the /perl/ directory to be browseable, which allows remote attackers to list the contents of that directory.... Read more

    Affected Products : mandrake_linux
    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0859

    The web configuration server for NTMail V5 and V6 allows remote attackers to cause a denial of service via a series of partial HTTP requests.... Read more

    Affected Products : ntmail
    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2000-0824

    The unsetenv function in glibc 2.1.1 does not properly unset an environmental variable if the variable is provided twice to a program, which could allow local users to execute arbitrary commands in setuid programs by specifying their own duplicate environ... Read more

    Affected Products : glibc linux
    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0869

    The default configuration of Apache 1.3.12 in SuSE Linux 6.4 enables WebDAV, which allows remote attackers to list arbitrary directories via the PROPFIND HTTP request method.... Read more

    Affected Products : http_server suse_linux
    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-0831

    Buffer overflow in Fastream FTP++ 2.0 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long username.... Read more

    Affected Products : ftp\+\+_server
    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0871

    Buffer overflow in EFTP allows remote attackers to cause a denial of service by sending a string that does not contain a newline, then disconnecting from the server.... Read more

    Affected Products : eftp
    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-0850

    Netegrity SiteMinder before 4.11 allows remote attackers to bypass its authentication mechanism by appending "$/FILENAME.ext" (where ext is .ccc, .class, or .jpg) to the requested URL.... Read more

    Affected Products : siteminder
    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0881

    The dccscan setuid program in LPPlus does not properly check if the user has the permissions to print the file that is specified to dccscan, which allows local users to print arbitrary files.... Read more

    Affected Products : lpplus
    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2000-0851

    Buffer overflow in the Still Image Service in Windows 2000 allows local users to gain additional privileges via a long WM_USER message, aka the "Still Image Service Privilege Escalation" vulnerability.... Read more

    Affected Products : windows_2000
    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0874

    Eudora mail client includes the absolute path of the sender's host within a virtual card (VCF).... Read more

    Affected Products : eudora
    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025

  • 6.2

    MEDIUM
    CVE-2000-0864

    Race condition in the creation of a Unix domain socket in GNOME esound 0.2.19 and earlier allows a local user to change the permissions of arbitrary files and directories, and gain additional privileges, via a symlink attack.... Read more

    Affected Products : linux esound
    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-0834

    The Windows 2000 telnet client attempts to perform NTLM authentication by default, which allows remote attackers to capture and replay the NTLM challenge/response via a telnet:// URL that points to the malicious server, aka the "Windows 2000 Telnet Client... Read more

    Affected Products : windows_2000
    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-0870

    Buffer overflow in EFTP allows remote attackers to cause a denial of service via a long string.... Read more

    Affected Products : eftp
    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0873

    netstat in AIX 4.x.x does not properly restrict access to the -Zi option, which allows local users to clear network interface statistics and possibly hide evidence of unusual network activities.... Read more

    Affected Products : aix
    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0829

    The tmpwatch utility in Red Hat Linux forks a new process for each directory level, which allows local users to cause a denial of service by creating deeply nested directories in /tmp or /var/tmp/.... Read more

    Affected Products : linux tmpwatch
    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2000-0861

    Mailman 1.1 allows list administrators to execute arbitrary commands via shell metacharacters in the %(listname) macro expansion.... Read more

    Affected Products : mailman
    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-0847

    Buffer overflow in University of Washington c-client library (used by pine and other programs) allows remote attackers to execute arbitrary commands via a long X-Keywords header.... Read more

    Affected Products : imap pine
    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-0857

    The logging capability in muh 2.05d IRC server does not properly cleanse user-injected format strings, which allows remote attackers to cause a denial of service or execute arbitrary commands via a malformed nickname.... Read more

    Affected Products : muh
    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2000-0849

    Race condition in Microsoft Windows Media server allows remote attackers to cause a denial of service in the Windows Media Unicast Service via a malformed request, aka the "Unicast Service Race Condition" vulnerability.... Read more

    Affected Products : windows_media_services
    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025
Showing 20 of 293357 Results