Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2001-0105

    Vulnerability in top in HP-UX 11.04 and earlier allows local users to overwrite files owned by the "sys" group.... Read more

    Affected Products : hp-ux
    • Published: Feb. 12, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0078

    in.mond in Sun Cluster 2.x allows local users to read arbitrary files via a symlink attack on the status file of a host running HA-NFS.... Read more

    Affected Products : cluster
    • Published: Feb. 12, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0060

    Format string vulnerability in stunnel 3.8 and earlier allows attackers to execute arbitrary commands via a malformed ident username.... Read more

    Affected Products : stunnel
    • Published: Feb. 12, 2001
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2001-0061

    procfs in FreeBSD and possibly other operating systems does not properly restrict access to per-process mem and ctl files, which allows local users to gain root privileges by forking a child process and executing a privileged process from the child, while... Read more

    Affected Products : freebsd
    • Published: Feb. 12, 2001
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2001-0102

    "Multiple Users" Control Panel in Mac OS 9 allows Normal users to gain Owner privileges by removing the Users & Groups Data File, which effectively removes the Owner password and allows the Normal user to log in as the Owner account without a password.... Read more

    Affected Products : macos
    • Published: Feb. 12, 2001
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2001-0094

    Buffer overflow in kdc_reply_cipher of libkrb (Kerberos 4 authentication library) in NetBSD 1.5 and FreeBSD 4.2 and earlier, as used in Kerberised applications such as telnetd and login, allows local users to gain root privileges.... Read more

    Affected Products : freebsd
    • Published: Feb. 12, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0072

    gpg (aka GnuPG) 1.0.4 and other versions imports both public and private keys from public key servers without notifying the user about the private keys, which could allow an attacker to break the web of trust.... Read more

    Affected Products : privacy_guard
    • Published: Feb. 12, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0026

    rp-pppoe PPPoE client allows remote attackers to cause a denial of service via the Clamp MSS option and a TCP packet with a zero-length TCP option.... Read more

    Affected Products : pppoe
    • Published: Feb. 12, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0025

    ad.cgi CGI program by Leif Wright allows remote attackers to execute arbitrary commands via shell metacharacters in the file parameter.... Read more

    Affected Products : ad.cgi
    • Published: Feb. 12, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0895

    Buffer overflow in HTTP server on the WatchGuard SOHO firewall allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long GET request.... Read more

    Affected Products : soho_firewall
    • Published: Feb. 12, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0003

    Web Extender Client (WEC) in Microsoft Office 2000, Windows 2000, and Windows Me does not properly process Internet Explorer security settings for NTLM authentication, which allows attackers to obtain NTLM credentials and possibly obtain the password, aka... Read more

    • Published: Feb. 12, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0096

    FrontPage Server Extensions (FPSE) in IIS 4.0 and 5.0 allows remote attackers to cause a denial of service via a malformed form, aka the "Malformed Web Form Submission" vulnerability.... Read more

    • Published: Feb. 12, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0098

    Buffer overflow in Bea WebLogic Server before 5.1.0 allows remote attackers to execute arbitrary commands via a long URL that begins with a ".." string.... Read more

    Affected Products : weblogic_server
    • Published: Feb. 12, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0013

    Format string vulnerability in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges.... Read more

    Affected Products : bind
    • Published: Feb. 12, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0007

    Buffer overflow in NetScreen Firewall WebUI allows remote attackers to cause a denial of service via a long URL request to the web administration interface.... Read more

    Affected Products : screen_os
    • Published: Feb. 12, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0083

    Windows Media Unicast Service in Windows Media Services 4.0 and 4.1 does not properly shut down some types of connections, producing a memory leak that allows remote attackers to cause a denial of service via a series of severed connections, aka the "Seve... Read more

    Affected Products : windows_media_services
    • Published: Feb. 12, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0086

    CGI Script Center Subscribe Me LITE 2.0 and earlier allows remote attackers to delete arbitrary mailing list users without authentication by directly calling subscribe.pl with the target address as a parameter.... Read more

    Affected Products : subscribe_me_lite
    • Published: Feb. 12, 2001
    • Modified: Apr. 03, 2025

  • 7.1

    HIGH
    CVE-2001-0006

    The Winsock2ProtocolCatalogMutex mutex in Windows NT 4.0 has inappropriate Everyone/Full Control permissions, which allows local users to modify the permissions to "No Access" and disable Winsock network connectivity to cause a denial of service, aka the ... Read more

    Affected Products : windows_nt
    • Published: Feb. 12, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0064

    Webconfig, IMAP, and other services in MDaemon 3.5.0 and earlier allows remote attackers to cause a denial of service via a long URL terminated by a "\r\n" string.... Read more

    Affected Products : mdaemon
    • Published: Feb. 12, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0075

    Directory traversal vulnerability in main.cgi in Technote allows remote attackers to read arbitrary files via a .. (dot dot) attack in the filename parameter.... Read more

    Affected Products : technote
    • Published: Feb. 12, 2001
    • Modified: Apr. 03, 2025
Showing 20 of 294836 Results