Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2000-1075

    Directory traversal vulnerability in iPlanet Certificate Management System 4.2 and Directory Server 4.12 allows remote attackers to read arbitrary files via a .. (dot dot) attack in the Agent, End Entity, or Administrator services.... Read more

    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2000-1057

    Vulnerabilities in database configuration scripts in HP OpenView Network Node Manager (NNM) 6.1 and earlier allows local users to gain privileges, possibly via insecure permissions.... Read more

    Affected Products : openview_network_node_manager
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-1054

    Buffer overflow in CSAdmin module in CiscoSecure ACS Server 2.4(2) and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a large packet.... Read more

    Affected Products : secure_access_control_server
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-1037

    Check Point Firewall-1 session agent 3.0 through 4.1 generates different error messages for invalid user names versus invalid passwords, which allows remote attackers to determine valid usernames and guess a password via a brute force attack.... Read more

    Affected Products : firewall-1
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1066

    The getnameinfo function in FreeBSD 4.1.1 and earlier, and possibly other operating systems, allows a remote attacker to cause a denial of service via a long DNS hostname.... Read more

    Affected Products : freebsd
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-1077

    Buffer overflow in the SHTML logging functionality of iPlanet Web Server 4.x allows remote attackers to execute arbitrary commands via a long filename with a .shtml extension.... Read more

    Affected Products : iplanet_web_server
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-1042

    Buffer overflow in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an attacker to gain root privileges when ypserv is built without a vsyslog() function.... Read more

    Affected Products : mandrake_linux
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-1023

    The Alabanza Control Panel does not require passwords to access administrative commands, which allows remote attackers to modify domain name information via the nsManager.cgi CGI program.... Read more

    Affected Products : control_panel
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-1024

    eWave ServletExec 3.0C and earlier does not restrict access to the UploadServlet Java/JSP servlet, which allows remote attackers to upload files and execute arbitrary commands.... Read more

    Affected Products : ewave_servletexec
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1052

    Allaire JRun 2.3 server allows remote attackers to obtain source code for executable content by directly calling the SSIFilter servlet.... Read more

    Affected Products : jrun
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-1001

    add_2_basket.asp in Element InstantShop allows remote attackers to modify price information via the "price" hidden form variable.... Read more

    Affected Products : element_instantshop
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-1014

    Format string vulnerability in the search97.cgi CGI script in SCO help http server for Unixware 7 allows remote attackers to execute arbitrary commands via format characters in the queryText parameter.... Read more

    Affected Products : unixware
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1030

    CS&T CorporateTime for the Web returns different error messages for invalid usernames and invalid passwords, which allows remote attackers to determine valid usernames on the server.... Read more

    Affected Products : corporatetime_for_the_web
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1070

    pollit.cgi in Poll It 2.01 and earlier uses data files that are located under the web document root, which allows remote attackers to access sensitive or private information.... Read more

    Affected Products : poll_it poll_it_pro
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1063

    Buffer overflow in the Telnet service in HP JetDirect printer card Firmware x.08.20 and earlier allows remote attackers to cause a denial of service.... Read more

    Affected Products : jetdirect
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1049

    Allaire JRun 3.0 http servlet server allows remote attackers to cause a denial of service via a URL that contains a long string of "." characters.... Read more

    Affected Products : jrun
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0999

    Format string vulnerabilities in OpenBSD ssh program (and possibly other BSD-based operating systems) allow attackers to gain root privileges.... Read more

    Affected Products : openssh
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1038

    The web administration interface for IBM AS/400 Firewall allows remote attackers to cause a denial of service via an empty GET request.... Read more

    Affected Products : as400_firewall
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2000-1013

    The setlocale function in FreeBSD 5.0 and earlier, and possibly other OSes, allows local users to read arbitrary files via the LANG environmental variable.... Read more

    Affected Products : freebsd
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1051

    Directory traversal vulnerability in Allaire JRun 2.3 server allows remote attackers to read arbitrary files via the SSIFilter servlet.... Read more

    Affected Products : jrun
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025
Showing 20 of 293640 Results