Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2000-1227

    Windows NT 4.0 and Windows 2000 hosts allow remote attackers to cause a denial of service (unavailable connections) by sending multiple SMB SMBnegprots requests but not reading the response that is sent back.... Read more

    Affected Products : windows_2000 windows_nt
    • Published: Dec. 31, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1231

    code.php3 in Phorum 3.0.7 allows remote attackers to read arbitrary files in the phorum directory via the query string.... Read more

    Affected Products : phorum
    • Published: Dec. 31, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1240

    Unspecified vulnerability in siteman.php3 in AnyPortal(php) before 22 APR 00 allows remote attackers to obtain sensitive information via unknown attack vectors, which reveal the absolute path. NOTE: the provenance of this information is unknown; the deta... Read more

    Affected Products : anyportal_php
    • Published: Dec. 31, 2000
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-1244

    Computer Associates InoculateIT Agent for Exchange Server does not recognize an e-mail virus attachment if the SMTP header is missing the "From" field, which allows remote attackers to bypass virus protection.... Read more

    Affected Products : inoculateit_agent_for_exchange
    • Published: Dec. 31, 2000
    • Modified: Apr. 03, 2025

  • 9.0

    HIGH
    CVE-2000-1242

    The HTTP service in American Power Conversion (APC) PowerChute uses a default username and password, which allows remote attackers to gain system access.... Read more

    Affected Products : powerchute
    • Published: Dec. 31, 2000
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-1999-0307

    Buffer overflow in HP-UX cstm program allows local users to gain root privileges.... Read more

    Affected Products : hp-ux
    • Published: Dec. 20, 2000
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2000-0949

    Heap overflow in savestr function in LBNL traceroute 1.4a5 and earlier allows a local user to execute arbitrary commands via the -g option.... Read more

    Affected Products : sunos linux lbl_traceroute
    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-0970

    IIS 4.0 and 5.0 .ASP pages send the same Session ID cookie for secure and insecure web sessions, which could allow remote attackers to hijack the secure web session of the user if that user moves to an insecure session, aka the "Session ID Cookie Marking"... Read more

    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0929

    Microsoft Windows Media Player 7 allows attackers to cause a denial of service in RTF-enabled email clients via an embedded OCX control that is not closed properly, aka the "OCX Attachment" vulnerability.... Read more

    Affected Products : windows_media_player
    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-0990

    cmd5checkpw 0.21 and earlier allows remote attackers to cause a denial of service via an "SMTP AUTH" command with an unknown username.... Read more

    Affected Products : cmd5checkpw
    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-0955

    Cisco Virtual Central Office 4000 (VCO/4K) uses weak encryption to store usernames and passwords in the SNMP MIB, which allows an attacker who knows the community name to crack the password and gain privileges.... Read more

    Affected Products : virtual_central_office_4000
    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-0991

    Buffer overflow in Hilgraeve, Inc. HyperTerminal client on Windows 98, ME, and 2000 allows remote attackers to execute arbitrary commands via a long telnet URL, aka the "HyperTerminal Buffer Overflow" vulnerability.... Read more

    Affected Products : hyperterminal
    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2000-0979

    File and Print Sharing service in Windows 95, Windows 98, and Windows Me does not properly check the password for a file share, which allows remote attackers to bypass share access controls by sending a 1-byte password that matches the first character of ... Read more

    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0984

    The HTTP server in Cisco IOS 12.0 through 12.1 allows local users to cause a denial of service (crash and reload) via a URL containing a "?/" string.... Read more

    Affected Products : ios
    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0971

    Avirt Mail 4.0 and 4.2 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long "RCPT TO" or "MAIL FROM" command.... Read more

    Affected Products : avirt_mail_server
    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0969

    Format string vulnerability in Half Life dedicated server build 3104 and earlier allows remote attackers to execute arbitrary commands by injecting format strings into the changelevel command, via the system console or rcon.... Read more

    Affected Products : half-life_dedicated_server
    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-0974

    GnuPG (gpg) 1.0.3 does not properly check all signatures of a file containing multiple documents, which allows an attacker to modify contents of all documents but the first without detection.... Read more

    Affected Products : privacy_guard
    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0958

    HotJava Browser 3.0 allows remote attackers to access the DOM of a web page by opening a javascript: URL in a named window.... Read more

    Affected Products : hotjava_browser
    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2000-0963

    Buffer overflow in ncurses library allows local users to execute arbitrary commands via long environmental information such as TERM or TERMINFO_DIRS.... Read more

    Affected Products : freebsd ncurses linux immunix
    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2000-0933

    The Input Method Editor (IME) in the Simplified Chinese version of Windows 2000 does not disable access to privileged functionality that should normally be restricted, which allows local users to gain privileges, aka the "Simplified Chinese IME State Reco... Read more

    Affected Products : windows_2000
    • Published: Dec. 19, 2000
    • Modified: Apr. 03, 2025
Showing 20 of 294837 Results