Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2000-1150

    Felix IRC client in BeOS r5 pro and earlier allows remote attackers to conduct a denial of service via a message that contains a long URL.... Read more

    Affected Products : felix
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-1146

    Recourse ManTrap 1.6 allows attackers to cause a denial of service via a sequence of commands that navigate into and out of the /proc/self directory and executing various commands such as ls or pwd.... Read more

    Affected Products : mantrap
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-1126

    Vulnerability in auto_parms and set_parms in HP-UX 11.00 and earlier allows remote attackers to execute arbitrary commands or cause a denial of service.... Read more

    Affected Products : hp-ux
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1160

    NAI Sniffer Agent allows remote attackers to cause a denial of service (crash) by sending a large number of login requests.... Read more

    Affected Products : sniffer_agent
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2000-1135

    fshd (fsh daemon) in Debian GNU/Linux allows local users to overwrite files of other users via a symlink attack.... Read more

    Affected Products : debian_linux
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-1094

    Buffer overflow in AOL Instant Messenger (AIM) before 4.3.2229 allows remote attackers to execute arbitrary commands via a "buddyicon" command with a long "src" argument.... Read more

    Affected Products : aim
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2001-1037

    Cisco SN 5420 Storage Router 1.1(3) and earlier allows local users to access a developer's shell without a password and execute certain restricted commands without being logged.... Read more

    Affected Products : sn_5420_storage_router_firmware
    • Published: Jan. 08, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0161

    Cisco 340-series Aironet access point using firmware 11.01 does not use 6 of the 24 available IV bits for WEP encryption, which makes it easier for remote attackers to mount brute force attacks.... Read more

    Affected Products : aironet
    • Published: Jan. 01, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2001-0163

    Cisco AP340 base station produces predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections.... Read more

    Affected Products : aironet_ap340
    • Published: Jan. 01, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2001-0160

    Lucent/ORiNOCO WaveLAN cards generate predictable Initialization Vector (IV) values for the Wireless Encryption Protocol (WEP) which allows remote attackers to quickly compile information that will let them decrypt messages.... Read more

    Affected Products : wavelan orinoco_wavelan
    • Published: Jan. 01, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2001-0162

    WinCE 3.0.9348 generates predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections.... Read more

    Affected Products : windows_embedded_compact
    • Published: Jan. 01, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1243

    Privacy leak in Dansie Shopping Cart 3.04, and probably earlier versions, sends sensitive information such as user credentials to an e-mail address controlled by the product developers.... Read more

    Affected Products : shopping_cart
    • Published: Dec. 31, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1240

    Unspecified vulnerability in siteman.php3 in AnyPortal(php) before 22 APR 00 allows remote attackers to obtain sensitive information via unknown attack vectors, which reveal the absolute path. NOTE: the provenance of this information is unknown; the deta... Read more

    Affected Products : anyportal_php
    • Published: Dec. 31, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1227

    Windows NT 4.0 and Windows 2000 hosts allow remote attackers to cause a denial of service (unavailable connections) by sending multiple SMB SMBnegprots requests but not reading the response that is sent back.... Read more

    Affected Products : windows_2000 windows_nt
    • Published: Dec. 31, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1231

    code.php3 in Phorum 3.0.7 allows remote attackers to read arbitrary files in the phorum directory via the query string.... Read more

    Affected Products : phorum
    • Published: Dec. 31, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1237

    The POP3 server in FTGate returns an -ERR code after receiving an invalid USER request, which makes it easier for remote attackers to determine valid usernames and conduct brute force password guessing.... Read more

    Affected Products : ftgate
    • Published: Dec. 31, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1226

    Snort 1.6, when running in straight ASCII packet logging mode or IDS mode with straight decoded ASCII packet logging selected, allows remote attackers to cause a denial of service (crash) by sending non-IP protocols that Snort does not know about, as demo... Read more

    Affected Products : snort
    • Published: Dec. 31, 2000
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-1238

    BEA Systems WebLogic Express and WebLogic Server 5.1 SP1-SP6 allows remote attackers to bypass access controls for restricted JSP or servlet pages via a URL with multiple / (forward slash) characters before the restricted pages.... Read more

    Affected Products : weblogic_server
    • Published: Dec. 31, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1228

    Phorum 3.0.7 allows remote attackers to change the administrator password without authentication via an HTTP request for admin.php3 that sets step, option, confirm and newPssword variables.... Read more

    Affected Products : phorum
    • Published: Dec. 31, 2000
    • Modified: Apr. 03, 2025

  • 9.0

    HIGH
    CVE-2000-1239

    The HTTP interface of Tivoli Lightweight Client Framework (LCF) in IBM Tivoli Management Framework 3.7.1 sets http_disable to zero at install time, which allows remote authenticated users to bypass file permissions on Tivoli Endpoint Configuration data fi... Read more

    Affected Products : tivoli_management_framework
    • Published: Dec. 31, 2000
    • Modified: Apr. 03, 2025
Showing 20 of 294863 Results