Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2000-0684

    BEA WebLogic 5.1.x does not properly restrict access to the JSPServlet, which could allow remote attackers to compile and execute Java JSP code by directly invoking the servlet on any source file.... Read more

    Affected Products : weblogic_server
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0683

    BEA WebLogic 5.1.x allows remote attackers to read source code for parsed pages by inserting /*.shtml/ into the URL, which invokes the SSIServlet.... Read more

    Affected Products : weblogic_server
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0700

    Cisco Gigabit Switch Routers (GSR) with Fast Ethernet / Gigabit Ethernet cards, from IOS versions 11.2(15)GS1A up to 11.2(19)GS0.2 and some versions of 12.0, do not properly handle line card failures, which allows remote attackers to bypass ACLs or force ... Read more

    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0800

    String parsing error in rpc.kstatd in the linuxnfs or knfsd packages in SuSE and possibly other Linux systems allows remote attackers to gain root privileges.... Read more

    Affected Products : suse_linux
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2000-0759

    Jakarta Tomcat 3.1 under Apache reveals physical path information when a remote attacker requests a URL that does not exist, which generates an error message that includes the physical path.... Read more

    Affected Products : tomcat
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0785

    WircSrv IRC Server 5.07s allows IRC operators to read arbitrary files via the importmotd command, which sets the Message of the Day (MOTD) to the specified file.... Read more

    Affected Products : irc_server
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2000-0791

    Trustix installs the httpsd program for Apache-SSL with world-writeable permissions, which allows local users to replace it with a Trojan horse.... Read more

    Affected Products : secure_linux
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0793

    Norton AntiVirus 5.00.01C with the Novell Netware client does not properly restart the auto-protection service after the first user has logged off of the system.... Read more

    Affected Products : norton_antivirus client
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0563

    The URLConnection function in MacOS Runtime Java (MRJ) 2.1 and earlier and the Microsoft virtual machine (VM) for MacOS allows a malicious web site operator to connect to arbitrary hosts using a HTTP redirection, in violation of the Java security model.... Read more

    Affected Products : mac_os_runtime_for_java
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0687

    Auction Weaver CGI script 1.03 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack in the catdir parameter.... Read more

    Affected Products : auction_weaver
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2000-0716

    WorldClient email client in MDaemon 2.8 includes the session ID in the referer field of an HTTP request when the user clicks on a URL, which allows the visited web site to hijack the session ID and read the user's email.... Read more

    Affected Products : mdaemon
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0697

    The administration interface for the dwhttpd web server in Solaris AnswerBook2 allows interface users to remotely execute commands via shell metacharacters.... Read more

    Affected Products : solaris solaris_answerbook2
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0735

    Buffer overflow in Becky! Internet Mail client 1.26.03 and earlier allows remote attackers to cause a denial of service via a long Content-type: MIME header when the user replies to a message.... Read more

    Affected Products : becky_internet_mail
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0676

    Netscape Communicator and Navigator 4.04 through 4.74 allows remote attackers to read arbitrary files by using a Java applet to open a connection to a URL using the "file", "http", "https", and "ftp" protocols, as demonstrated by Brown Orifice.... Read more

    Affected Products : communicator
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0762

    The default installation of eTrust Access Control (formerly SeOS) uses a default encryption key, which allows remote attackers to spoof the eTrust administrator and gain privileges.... Read more

    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0729

    FreeBSD 5.x, 4.x, and 3.x allows local users to cause a denial of service by executing a program with a malformed ELF image header.... Read more

    Affected Products : freebsd
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2000-0789

    WinU 5.x and earlier uses weak encryption to store its configuration password, which allows local users to decrypt the password and gain privileges.... Read more

    Affected Products : winu
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0731

    Directory traversal vulnerability in Worm HTTP server allows remote attackers to read arbitrary files via a .. (dot dot) attack.... Read more

    Affected Products : worm_webserver
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0740

    Buffer overflow in strong.exe program in NAI Net Tools PKI server 1.0 before HotFix 3 allows remote attackers to execute arbitrary commands via a long URL in the HTTPS port.... Read more

    Affected Products : net_tools_pki_server
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-0779

    Checkpoint Firewall-1 with the RSH/REXEC setting enabled allows remote attackers to bypass access restrictions and connect to a RSH/REXEC client via malformed connection requests.... Read more

    Affected Products : firewall-1
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025
Showing 20 of 293588 Results