Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2000-1027

    Cisco Secure PIX Firewall 5.2(2) allows remote attackers to determine the real IP address of a target FTP server by flooding the server with PASV requests, which includes the real IP address in the response when passive mode is established.... Read more

    Affected Products : pix_firewall_software
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1025

    eWave ServletExec JSP/Java servlet engine, versions 3.0C and earlier, allows remote attackers to cause a denial of service via a URL that contains the "/servlet/" string, which invokes the ServletExec servlet and causes an exception if the servlet is alre... Read more

    Affected Products : ewave_servletexec
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-1015

    The default configuration of Slashcode before version 2.0 Alpha has a default administrative password, which allows remote attackers to gain Slashcode privileges and possibly execute arbitrary commands.... Read more

    Affected Products : slashcode
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-1040

    Format string vulnerability in logging function of ypbind 3.3, while running in debug mode, leaks file descriptors and allows an attacker to cause a denial of service.... Read more

    Affected Products : suse_linux linux
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2000-1072

    iCal 2.1 Patch 2 installs many files with world-writeable permissions, which allows local users to modify the iCal configuration and execute arbitrary commands by replacing the iplncal.sh program with a Trojan horse.... Read more

    Affected Products : iplanet_ical
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-1037

    Check Point Firewall-1 session agent 3.0 through 4.1 generates different error messages for invalid user names versus invalid passwords, which allows remote attackers to determine valid usernames and guess a password via a brute force attack.... Read more

    Affected Products : firewall-1
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1002

    POP3 daemon in Stalker CommuniGate Pro 3.3.2 generates different error messages for invalid usernames versus invalid passwords, which allows remote attackers to determine valid email addresses on the server for SPAM attacks.... Read more

    Affected Products : communigate_pro
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-1029

    Buffer overflow in host command allows a remote attacker to execute arbitrary commands via a long response to an AXFR query.... Read more

    Affected Products : bind
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1050

    Allaire JRun 3.0 http servlet server allows remote attackers to directly access the WEB-INF directory via a URL request that contains an extra "/" in the beginning of the request (aka the "extra leading slash").... Read more

    Affected Products : jrun
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0999

    Format string vulnerabilities in OpenBSD ssh program (and possibly other BSD-based operating systems) allow attackers to gain root privileges.... Read more

    Affected Products : openssh
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2000-1003

    NETBIOS client in Windows 95 and Windows 98 allows a remote attacker to cause a denial of service by changing a file sharing service to return an unknown driver type, which causes the client to crash.... Read more

    Affected Products : windows_95 windows_98 windows_98se
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-1020

    Heap overflow in Worldclient in Mdaemon 3.1.1 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long URL.... Read more

    Affected Products : mdaemon
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2000-1008

    PalmOS 3.5.2 and earlier uses weak encryption to store the user password, which allows attackers with physical access to the Palm device to decrypt the password and gain access to the device.... Read more

    Affected Products : palm_os
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2000-1009

    dump in Red Hat Linux 6.2 trusts the pathname specified by the RSH environmental variable, which allows local users to obtain root privileges by modifying the RSH variable to point to a Trojan horse program.... Read more

    Affected Products : linux secure_linux
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-1022

    The mailguard feature in Cisco Secure PIX Firewall 5.2(2) and earlier does not properly restrict access to SMTP commands, which allows remote attackers to execute restricted commands by sending a DATA command before sending the restricted commands.... Read more

    Affected Products : pix_firewall_software
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1051

    Directory traversal vulnerability in Allaire JRun 2.3 server allows remote attackers to read arbitrary files via the SSIFilter servlet.... Read more

    Affected Products : jrun
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2000-1013

    The setlocale function in FreeBSD 5.0 and earlier, and possibly other OSes, allows local users to read arbitrary files via the LANG environmental variable.... Read more

    Affected Products : freebsd
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1065

    Vulnerability in IP implementation of HP JetDirect printer card Firmware x.08.20 and earlier allows remote attackers to cause a denial of service (printer crash) via a malformed packet.... Read more

    Affected Products : jetdirect
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1038

    The web administration interface for IBM AS/400 Firewall allows remote attackers to cause a denial of service via an empty GET request.... Read more

    Affected Products : as400_firewall
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1062

    Buffer overflow in the FTP service in HP JetDirect printer card Firmware x.08.20 and earlier allows remote attackers to cause a denial of service.... Read more

    Affected Products : jetdirect
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025
Showing 20 of 293505 Results