Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.6

    LOW
    CVE-2000-0726

    CGIMail.exe CGI program in Stalkerlab Mailers 1.1.2 allows remote attackers to read arbitrary files by specifying the file in the $Attach$ hidden form variable.... Read more

    Affected Products : mailers
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2000-0749

    Buffer overflow in the Linux binary compatibility module in FreeBSD 3.x through 5.x allows local users to gain root privileges via long filenames in the linux shadow file system.... Read more

    Affected Products : freebsd
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0691

    The faxrunq and faxrunqd in the mgetty package allows local users to create or modify arbitrary files via a symlink attack which creates a symlink in from /var/spool/fax/outgoing/.last_run to the target file.... Read more

    Affected Products : linux mgetty
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0734

    eEye IRIS 1.01 beta allows remote attackers to cause a denial of service via a large number of UDP connections.... Read more

    Affected Products : iris capturenet
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0679

    The CVS 1.10.8 client trusts pathnames that are provided by the CVS server, which allows the server to force the client to create arbitrary files.... Read more

    Affected Products : cvs
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0764

    Intel Express 500 series switches allow a remote attacker to cause a denial of service via a malformed IP packet.... Read more

    Affected Products : express_8100
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 6.2

    MEDIUM
    CVE-2000-0719

    VariCAD 7.0 is installed with world-writeable files, which allows local users to replace the VariCAD programs with a Trojan horse program.... Read more

    Affected Products : varicad
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2000-0695

    Buffer overflows in pgxconfig in the Raptor GFX configuration tool allow local users to gain privileges via command line options.... Read more

    Affected Products : raptor_gfx_pgx32
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 6.2

    MEDIUM
    CVE-2000-0031

    The initscripts package in Red Hat Linux allows local users to gain privileges via a symlink attack.... Read more

    Affected Products : linux
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0683

    BEA WebLogic 5.1.x allows remote attackers to read source code for parsed pages by inserting /*.shtml/ into the URL, which invokes the SSIServlet.... Read more

    Affected Products : weblogic_server
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2000-0759

    Jakarta Tomcat 3.1 under Apache reveals physical path information when a remote attacker requests a URL that does not exist, which generates an error message that includes the physical path.... Read more

    Affected Products : tomcat
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0800

    String parsing error in rpc.kstatd in the linuxnfs or knfsd packages in SuSE and possibly other Linux systems allows remote attackers to gain root privileges.... Read more

    Affected Products : suse_linux
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0778

    IIS 5.0 allows remote attackers to obtain source code for .ASP files and other scripts via an HTTP GET request with a "Translate: f" header, aka the "Specialized Header" vulnerability.... Read more

    Affected Products : internet_information_services iis
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0732

    Worm HTTP server allows remote attackers to cause a denial of service via a long URL.... Read more

    Affected Products : worm_webserver
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 6.2

    MEDIUM
    CVE-2000-0722

    Helix GNOME Updater helix-update 0.5 and earlier allows local users to install arbitrary RPM packages by creating the /tmp/helix-install installation directory before root has begun installing packages.... Read more

    Affected Products : gnome_updater
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2000-0748

    OpenLDAP 1.2.11 and earlier improperly installs the ud binary with group write permissions, which could allow any user in that group to replace the binary with a Trojan horse.... Read more

    Affected Products : openldap
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2000-0694

    pgxconfig in the Raptor GFX configuration tool allows local users to gain privileges via a symlink attack.... Read more

    Affected Products : raptor_gfx_pgx32
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2000-0767

    The ActiveX control for invoking a scriptlet in Internet Explorer 4.x and 5.x renders arbitrary file types instead of HTML, which allows an attacker to read arbitrary files, aka the "Scriptlet Rendering" vulnerability.... Read more

    Affected Products : internet_explorer
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-0689

    Account Manager LITE does not properly authenticate attempts to change the administrator password, which allows remote attackers to gain privileges for the Account Manager by directly calling the amadmin.pl script with the setpasswd parameter.... Read more

    Affected Products : account_manager
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0705

    ntop running in web mode allows remote attackers to read arbitrary files via a .. (dot dot) attack.... Read more

    Affected Products : ntop
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025
Showing 20 of 293515 Results