Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.1

    LOW
    CVE-2001-0079

    Support Tools Manager (STM) A.22.00 for HP-UX allows local users to overwrite arbitrary files via a symlink attack on the tool_stat.txt log file.... Read more

    Affected Products : support_tools_manager
    • Published: Feb. 12, 2001
    • Modified: Apr. 03, 2025

  • 6.2

    MEDIUM
    CVE-2001-0059

    patchadd in Solaris allows local users to overwrite arbitrary files via a symlink attack.... Read more

    Affected Products : solaris sunos
    • Published: Feb. 12, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0069

    dialog before 0.9a-20000118-3bis in Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack.... Read more

    Affected Products : debian_linux
    • Published: Feb. 12, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0020

    Directory traversal vulnerability in Arrowpoint (aka Cisco Content Services, or CSS) allows local unprivileged users to read arbitrary files via a .. (dot dot) attack.... Read more

    Affected Products : arrowpoint content_services_switch
    • Published: Feb. 12, 2001
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2001-0084

    GTK+ library allows local users to specify arbitrary modules via the GTK_MODULES environmental variable, which could allow local users to gain privileges if GTK+ is used by a setuid/setgid program.... Read more

    Affected Products : gtk
    • Published: Feb. 12, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0013

    Format string vulnerability in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges.... Read more

    Affected Products : bind
    • Published: Feb. 12, 2001
    • Modified: Apr. 03, 2025

  • 7.1

    HIGH
    CVE-2001-0006

    The Winsock2ProtocolCatalogMutex mutex in Windows NT 4.0 has inappropriate Everyone/Full Control permissions, which allows local users to modify the permissions to "No Access" and disable Winsock network connectivity to cause a denial of service, aka the ... Read more

    Affected Products : windows_nt
    • Published: Feb. 12, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0096

    FrontPage Server Extensions (FPSE) in IIS 4.0 and 5.0 allows remote attackers to cause a denial of service via a malformed form, aka the "Malformed Web Form Submission" vulnerability.... Read more

    • Published: Feb. 12, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0098

    Buffer overflow in Bea WebLogic Server before 5.1.0 allows remote attackers to execute arbitrary commands via a long URL that begins with a ".." string.... Read more

    Affected Products : weblogic_server
    • Published: Feb. 12, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0004

    IIS 5.0 and 4.0 allows remote attackers to read the source code for executable web server programs by appending "%3F+.htr" to the requested URL, which causes the files to be parsed by the .HTR ISAPI extension, aka a variant of the "File Fragment Reading v... Read more

    • Published: Feb. 12, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0077

    The clustmon service in Sun Cluster 2.x does not require authentication, which allows remote attackers to obtain sensitive information such as system logs and cluster configurations.... Read more

    Affected Products : cluster
    • Published: Feb. 12, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0023

    everythingform.cgi CGI program by Leif Wright allows remote attackers to execute arbitrary commands via shell metacharacters in the config parameter.... Read more

    Affected Products : everythingform.cgi
    • Published: Feb. 12, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0008

    Backdoor account in Interbase database server allows remote attackers to overwrite arbitrary files using stored procedures.... Read more

    Affected Products : firebird interbase
    • Published: Feb. 12, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0078

    in.mond in Sun Cluster 2.x allows local users to read arbitrary files via a symlink attack on the status file of a host running HA-NFS.... Read more

    Affected Products : cluster
    • Published: Feb. 12, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2001-0060

    Format string vulnerability in stunnel 3.8 and earlier allows attackers to execute arbitrary commands via a malformed ident username.... Read more

    Affected Products : stunnel
    • Published: Feb. 12, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1090

    Microsoft IIS for Far East editions 4.0 and 5.0 allows remote attackers to read source code for parsed pages via a malformed URL that uses the lead-byte of a double-byte character.... Read more

    Affected Products : internet_information_server iis
    • Published: Feb. 12, 2001
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2001-0048

    The "Configure Your Server" tool in Microsoft 2000 domain controllers installs a blank password for the Directory Service Restore Mode, which allows attackers with physical access to the controller to install malicious programs, aka the "Directory Service... Read more

    Affected Products : windows_2000
    • Published: Feb. 12, 2001
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2001-0061

    procfs in FreeBSD and possibly other operating systems does not properly restrict access to per-process mem and ctl files, which allows local users to gain root privileges by forking a child process and executing a privileged process from the child, while... Read more

    Affected Products : freebsd
    • Published: Feb. 12, 2001
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2001-0102

    "Multiple Users" Control Panel in Mac OS 9 allows Normal users to gain Owner privileges by removing the Users & Groups Data File, which effectively removes the Owner password and allows the Normal user to log in as the Owner account without a password.... Read more

    Affected Products : macos
    • Published: Feb. 12, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2001-0105

    Vulnerability in top in HP-UX 11.04 and earlier allows local users to overwrite files owned by the "sys" group.... Read more

    Affected Products : hp-ux
    • Published: Feb. 12, 2001
    • Modified: Apr. 03, 2025
Showing 20 of 294836 Results