Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2000-1046

    Multiple buffer overflows in the ESMTP service of Lotus Domino 5.0.2c and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via long (1) "RCPT TO," (2) "SAML FROM," or (3) "SOML FROM" commands.... Read more

    Affected Products : domino
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-1018

    shred 1.0 file wiping utility does not properly open a file for overwriting or flush its buffers, which prevents shred from properly replacing the file's data and allows local users to recover the file.... Read more

    Affected Products : shred
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1000

    Format string vulnerability in AOL Instant Messenger (AIM) 4.1.2010 allows remote attackers to cause a denial of service and possibly execute arbitrary commands by transferring a file whose name includes format characters.... Read more

    Affected Products : instant_messenger
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1058

    Buffer overflow in OverView5 CGI program in HP OpenView Network Node Manager (NNM) 6.1 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, in the SNMP service (snmp.exe), aka the "Java SNMP MIB Browse... Read more

    Affected Products : openview_network_node_manager
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-1026

    Multiple buffer overflows in LBNL tcpdump allow remote attackers to execute arbitrary commands.... Read more

    Affected Products : tcpdump
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2000-1073

    csstart program in iCal 2.1 Patch 2 searches for the cshttpd program in the current working directory, which allows local users to gain root privileges by creating a Trojan Horse cshttpd program in a directory and calling csstart from that directory.... Read more

    Affected Products : iplanet_ical
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1049

    Allaire JRun 3.0 http servlet server allows remote attackers to cause a denial of service via a URL that contains a long string of "." characters.... Read more

    Affected Products : jrun
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2000-1222

    AIX sysback before 4.2.1.13 uses a relative path to find and execute the hostname program, which allows local users to gain privileges by modifying the path to point to a malicious hostname program.... Read more

    Affected Products : aix
    • Published: Dec. 10, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1224

    Caucho Technology Resin 1.2 and possibly earlier allows remote attackers to view JSP source via an HTTP request to a .jsp file with certain characters appended to the file name, such as (1) "..", (2) "%2e..", (3) "%81", (4) "%82", and others.... Read more

    Affected Products : resin
    • Published: Nov. 23, 2000
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2000-1217

    Microsoft Windows 2000 before Service Pack 2 (SP2), when running in a non-Windows 2000 domain and using NTLM authentication, and when credentials of an account are locally cached, allows local users to bypass account lockout policies and make an unlimited... Read more

    Affected Products : windows_2000
    • Published: Nov. 21, 2000
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-1223

    quikstore.cgi in Quikstore Shopping Cart allows remote attackers to execute arbitrary commands via shell metacharacters in the URL portion of an HTTP GET request.... Read more

    Affected Products : quikstore
    • Published: Nov. 20, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0837

    FTP Serv-U 2.5e allows remote attackers to cause a denial of service by sending a large number of null bytes.... Read more

    Affected Products : ftp_serv-u
    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-0846

    Buffer overflow in Darxite 0.4 and earlier allows a remote attacker to execute arbitrary commands via a long username or password.... Read more

    Affected Products : darxite
    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0858

    Vulnerability in Microsoft Windows NT 4.0 allows remote attackers to cause a denial of service in IIS by sending it a series of malformed requests which cause INETINFO.EXE to fail, aka the "Invalid URL" vulnerability.... Read more

    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2000-0865

    Buffer overflow in dvtermtype in Tridia Double Vision 3.07.00 allows local users to gain root privileges via a long terminal type argument.... Read more

    Affected Products : doublevision
    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0877

    mailform.pl CGI script in MailForm 2.0 allows remote attackers to read arbitrary files by specifying the file name in the XX-attach_file parameter, which MailForm then sends to the attacker.... Read more

    Affected Products : mailform
    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0833

    Buffer overflow in WinSMTP 1.06f and 2.X allows remote attackers to cause a denial of service via a long (1) USER or (2) HELO command.... Read more

    Affected Products : winsmtp
    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0860

    The file upload capability in PHP versions 3 and 4 allows remote attackers to read arbitrary files by setting hidden form fields whose names match the names of internal PHP script variables.... Read more

    Affected Products : php
    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2000-0849

    Race condition in Microsoft Windows Media server allows remote attackers to cause a denial of service in the Windows Media Unicast Service via a malformed request, aka the "Unicast Service Race Condition" vulnerability.... Read more

    Affected Products : windows_media_services
    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0873

    netstat in AIX 4.x.x does not properly restrict access to the -Zi option, which allows local users to clear network interface statistics and possibly hide evidence of unusual network activities.... Read more

    Affected Products : aix
    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025
Showing 20 of 293608 Results