Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2000-1166

    Twig webmail system does not properly set the "vhosts" variable if it is not configured on the site, which allows remote attackers to insert arbitrary PHP (PHP3) code by specifying an alternate vhosts as an argument to the index.php3 program.... Read more

    Affected Products : twig
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1165

    Balabit syslog-ng allows remote attackers to cause a denial of service (application crash) via a malformed log message that does not have a closing > in the priority specifier.... Read more

    Affected Products : syslog-ng
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1150

    Felix IRC client in BeOS r5 pro and earlier allows remote attackers to conduct a denial of service via a message that contains a long URL.... Read more

    Affected Products : felix
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2000-1163

    ghostscript before 5.10-16 uses an empty LD_RUN_PATH environmental variable to find libraries in the current directory, which could allow local users to execute commands as other users by placing a Trojan horse library into a directory from which another ... Read more

    Affected Products : ghostscript
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1151

    Baxter IRC client in BeOS r5 pro and earlier allows remote attackers to conduct a denial of service via a message that contains a long URL.... Read more

    Affected Products : baxter
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1097

    The web server for the SonicWALL SOHO firewall allows remote attackers to cause a denial of service via a long username in the authentication page.... Read more

    Affected Products : soho_firewall
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1039

    Various TCP/IP stacks and network applications allow remote attackers to cause a denial of service by flooding a target host with TCP connection attempts and completing the TCP/IP handshake without maintaining the connection state on the attacker host, ak... Read more

    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2000-1125

    restore 0.4b15 and earlier in Red Hat Linux 6.2 trusts the pathname specified by the RSH environmental variable, which allows local users to obtain root privileges by modifying the RSH variable to point to a Trojan horse program.... Read more

    Affected Products : linux
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2000-1086

    The xp_printstatements function in Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which ... Read more

    Affected Products : sql_server sql_server data_engine
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-1083

    The xp_showcolv function in SQL Server and Microsoft SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an at... Read more

    Affected Products : sql_server sql_server data_engine
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1102

    PTlink IRCD 3.5.3 and PTlink Services 1.8.1 allow remote attackers to cause a denial of service (server crash) via "mode +owgscfxeb" and "oper" commands.... Read more

    Affected Products : ptlink_irc_services ptlink_ircd
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1098

    The web server for the SonicWALL SOHO firewall allows remote attackers to cause a denial of service via an empty GET or POST request.... Read more

    Affected Products : soho_firewall
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0899

    Small HTTP Server 2.01 allows remote attackers to cause a denial of service by connecting to the server and sending out multiple GET, HEAD, or POST requests and closing the connection before the server responds to the requests.... Read more

    Affected Products : small_http_server
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2000-1137

    GNU ed before 0.2-18.1 allows local users to overwrite the files of other users via a symlink attack.... Read more

    Affected Products : ed linux
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 3.7

    LOW
    CVE-2000-1162

    ghostscript before 5.10-16 allows local users to overwrite files of other users via a symlink attack.... Read more

    Affected Products : ghostscript
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-1139

    The installation of Microsoft Exchange 2000 before Rev. A creates a user account with a known password, which could allow attackers to gain privileges, aka the "Exchange User Account" vulnerability.... Read more

    Affected Products : exchange_server
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2000-1085

    The xp_peekqueue function in Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows... Read more

    Affected Products : sql_server sql_server data_engine
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-1146

    Recourse ManTrap 1.6 allows attackers to cause a denial of service via a sequence of commands that navigate into and out of the /proc/self directory and executing various commands such as ls or pwd.... Read more

    Affected Products : mantrap
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 5.5

    MEDIUM
    CVE-2000-1178

    Joe text editor follows symbolic links when creating a rescue copy called DEADJOE during an abnormal exit, which allows local users to overwrite the files of other users whose joe session crashes.... Read more

    Affected Products : linux joe
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2000-1108

    cons.saver in Midnight Commander (mc) 4.5.42 and earlier does not properly verify if an output file descriptor is a TTY, which allows local users to corrupt files by creating a symbolic link to the target file, calling mc, and specifying that link as a TT... Read more

    Affected Products : midnight_commander
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025
Showing 20 of 294836 Results