Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2000-1046

    Multiple buffer overflows in the ESMTP service of Lotus Domino 5.0.2c and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via long (1) "RCPT TO," (2) "SAML FROM," or (3) "SOML FROM" commands.... Read more

    Affected Products : domino
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2000-1031

    Buffer overflow in dtterm in HP-UX 11.0 and HP Tru64 UNIX 4.0f through 5.1a allows local users to execute arbitrary code via a long -tn option.... Read more

    Affected Products : hp-ux tru64
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-2000-1061

    Microsoft Virtual Machine (VM) in Internet Explorer 4.x and 5.x allows an unsigned applet to create and use ActiveX controls, which allows a remote attacker to bypass Internet Explorer's security settings and execute arbitrary commands via a malicious web... Read more

    Affected Products : ie
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2000-1045

    nss_ldap earlier than 121, when run with nscd (name service caching daemon), allows remote attackers to cause a denial of service via a flood of LDAP requests.... Read more

    Affected Products : nss_ldap
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2000-1069

    pollit.cgi in Poll It 2.01 and earlier allows remote attackers to access administrative functions without knowing the real password by specifying the same value to the entered_password and admin_password parameters.... Read more

    Affected Products : poll_it poll_it_pro
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1049

    Allaire JRun 3.0 http servlet server allows remote attackers to cause a denial of service via a URL that contains a long string of "." characters.... Read more

    Affected Products : jrun
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-1035

    Buffer overflows in TYPSoft FTP Server 0.78 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long USER, PASS, or CWD command.... Read more

    Affected Products : typsoft
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1006

    Microsoft Exchange Server 5.5 does not properly handle a MIME header with a blank charset specified, which allows remote attackers to cause a denial of service via a charset="" command, aka the "Malformed MIME Header" vulnerability.... Read more

    Affected Products : exchange_server
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1019

    Search engine in Ultraseek 3.1 and 3.1.10 (aka Inktomi Search) allows remote attackers to cause a denial of service via a malformed URL.... Read more

    Affected Products : search_software
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1032

    The client authentication interface for Check Point Firewall-1 4.0 and earlier generates different error messages for invalid usernames versus invalid passwords, which allows remote attackers to identify valid usernames on the firewall.... Read more

    Affected Products : firewall-1
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2000-0998

    Format string vulnerability in top program allows local attackers to gain root privileges via the "kill" or "renice" function.... Read more

    Affected Products : freebsd
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1078

    ICQ Web Front HTTPd allows remote attackers to cause a denial of service by requesting a URL that contains a "?" character.... Read more

    Affected Products : icq_web_front
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-1047

    Buffer overflow in SMTP service of Lotus Domino 5.0.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long ENVID keyword in the "MAIL FROM" command.... Read more

    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1005

    Directory traversal vulnerability in html_web_store.cgi and web_store.cgi CGI programs in eXtropia WebStore allows remote attackers to read arbitrary files via a .. (dot dot) attack on the page parameter.... Read more

    Affected Products : extropia_webstore
    • Published: Dec. 11, 2000
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2000-1222

    AIX sysback before 4.2.1.13 uses a relative path to find and execute the hostname program, which allows local users to gain privileges by modifying the path to point to a malicious hostname program.... Read more

    Affected Products : aix
    • Published: Dec. 10, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1224

    Caucho Technology Resin 1.2 and possibly earlier allows remote attackers to view JSP source via an HTTP request to a .jsp file with certain characters appended to the file name, such as (1) "..", (2) "%2e..", (3) "%81", (4) "%82", and others.... Read more

    Affected Products : resin
    • Published: Nov. 23, 2000
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2000-1217

    Microsoft Windows 2000 before Service Pack 2 (SP2), when running in a non-Windows 2000 domain and using NTLM authentication, and when credentials of an account are locally cached, allows local users to bypass account lockout policies and make an unlimited... Read more

    Affected Products : windows_2000
    • Published: Nov. 21, 2000
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-1223

    quikstore.cgi in Quikstore Shopping Cart allows remote attackers to execute arbitrary commands via shell metacharacters in the URL portion of an HTTP GET request.... Read more

    Affected Products : quikstore
    • Published: Nov. 20, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0860

    The file upload capability in PHP versions 3 and 4 allows remote attackers to read arbitrary files by setting hidden form fields whose names match the names of internal PHP script variables.... Read more

    Affected Products : php
    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0806

    The inter-module authentication mechanism (fwa1) in Check Point VPN-1/FireWall-1 4.1 and earlier may allow remote attackers to conduct a denial of service, aka "Inter-module Communications Bypass."... Read more

    Affected Products : firewall-1
    • Published: Nov. 14, 2000
    • Modified: Apr. 03, 2025
Showing 20 of 294835 Results