Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.6

    MEDIUM
    CVE-2000-1087

    The xp_proxiedmetadata function in Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which ... Read more

    Affected Products : sql_server sql_server data_engine
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2000-1105

    The ixsso.query ActiveX Object is marked as safe for scripting, which allows malicious web site operators to embed a script that remotely determines the existence of files on visiting Windows 2000 systems that have Indexing Services enabled.... Read more

    Affected Products : indexing_service
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-1116

    Buffer overflow in TransSoft Broker FTP Server before 4.3.0.1 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long command.... Read more

    Affected Products : broker_ftp_server
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-1138

    Lotus Notes R5 client R5.0.5 and earlier does not properly warn users when an S/MIME email message has been modified, which could allow an attacker to modify the email in transit without being detected.... Read more

    Affected Products : lotus_notes
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2000-1095

    modprobe in the modutils 2.3.x package on Linux systems allows a local user to execute arbitrary commands via shell metacharacters.... Read more

    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-1144

    Recourse ManTrap 1.6 sets up a chroot environment to hide the fact that it is running, but the inode number for the resulting "/" file system is higher than normal, which allows attackers to determine that they are in a chroot environment.... Read more

    Affected Products : mantrap
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2000-1137

    GNU ed before 0.2-18.1 allows local users to overwrite the files of other users via a symlink attack.... Read more

    Affected Products : ed linux
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2000-1109

    Midnight Commander (mc) 4.5.51 and earlier does not properly process malformed directory names when a user opens a directory, which allows other local users to gain privileges by creating directories that contain special characters followed by the command... Read more

    Affected Products : midnight_commander
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1188

    Directory traversal vulnerability in Quikstore shopping cart program allows remote attackers to read arbitrary files via a .. (dot dot) attack in the "page" parameter.... Read more

    Affected Products : quikstore
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1150

    Felix IRC client in BeOS r5 pro and earlier allows remote attackers to conduct a denial of service via a message that contains a long URL.... Read more

    Affected Products : felix
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-1126

    Vulnerability in auto_parms and set_parms in HP-UX 11.00 and earlier allows remote attackers to execute arbitrary commands or cause a denial of service.... Read more

    Affected Products : hp-ux
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1160

    NAI Sniffer Agent allows remote attackers to cause a denial of service (crash) by sending a large number of login requests.... Read more

    Affected Products : sniffer_agent
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2000-1085

    The xp_peekqueue function in Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows... Read more

    Affected Products : sql_server sql_server data_engine
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2001-1037

    Cisco SN 5420 Storage Router 1.1(3) and earlier allows local users to access a developer's shell without a password and execute certain restricted commands without being logged.... Read more

    Affected Products : sn_5420_storage_router_firmware
    • Published: Jan. 08, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2001-0163

    Cisco AP340 base station produces predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections.... Read more

    Affected Products : aironet_ap340
    • Published: Jan. 01, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0161

    Cisco 340-series Aironet access point using firmware 11.01 does not use 6 of the 24 available IV bits for WEP encryption, which makes it easier for remote attackers to mount brute force attacks.... Read more

    Affected Products : aironet
    • Published: Jan. 01, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0160

    Lucent/ORiNOCO WaveLAN cards generate predictable Initialization Vector (IV) values for the Wireless Encryption Protocol (WEP) which allows remote attackers to quickly compile information that will let them decrypt messages.... Read more

    Affected Products : wavelan orinoco_wavelan
    • Published: Jan. 01, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0162

    WinCE 3.0.9348 generates predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections.... Read more

    Affected Products : windows_embedded_compact
    • Published: Jan. 01, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1235

    The default configurations of (1) the port listener and (2) modplsql in Oracle Internet Application Server (IAS) 3.0.7 and earlier allow remote attackers to view privileged database information via HTTP requests for Database Access Descriptor (DAD) files.... Read more

    Affected Products : application_server
    • Published: Dec. 31, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1237

    The POP3 server in FTGate returns an -ERR code after receiving an invalid USER request, which makes it easier for remote attackers to determine valid usernames and conduct brute force password guessing.... Read more

    Affected Products : ftgate
    • Published: Dec. 31, 2000
    • Modified: Apr. 03, 2025
Showing 20 of 294850 Results