Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2000-0766

    Buffer overflow in vqSoft vqServer 1.4.49 allows remote attackers to cause a denial of service or possibly gain privileges via a long HTTP GET request.... Read more

    Affected Products : vqserver
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2000-0714

    umb-scheme 3.2-11 for Red Hat Linux is installed with world-writeable files.... Read more

    Affected Products : scheme
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0733

    Telnetd telnet server in IRIX 5.2 through 6.1 does not properly cleans user-injected format strings, which allows remote attackers to execute arbitrary commands via a long RLD variable in the IAC-SB-TELOPT_ENVIRON request.... Read more

    Affected Products : irix
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-0750

    Buffer overflow in mopd (Maintenance Operations Protocol loader daemon) allows remote attackers to execute arbitrary commands via a long file name.... Read more

    Affected Products : netbsd openbsd linux
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2000-0718

    A race condition in MandrakeUpdate allows local users to modify RPM files while they are in the /tmp directory before they are installed.... Read more

    Affected Products : mandrake_linux
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0798

    The truncate function in IRIX 6.x does not properly check for privileges when the file is in the xfs file system, which allows local users to delete the contents of arbitrary files.... Read more

    Affected Products : irix
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-0772

    The installation of Tumbleweed Messaging Management System (MMS) 4.6 and earlier (formerly Worldtalk Worldsecure) creates a default account "sa" with no password.... Read more

    Affected Products : messaging_management_system
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0773

    Bajie HTTP web server 0.30a allows remote attackers to read arbitrary files via a URL that contains a "....", a variant of the dot dot directory traversal attack.... Read more

    Affected Products : java_http_server
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0753

    The Microsoft Outlook mail client identifies the physical path of the sender's machine within a winmail.dat attachment to Rich Text Format (RTF) files.... Read more

    Affected Products : outlook
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-0769

    O'Reilly WebSite Pro 2.3.7 installs the uploader.exe program with execute permissions for all users, which allows remote attackers to create and execute arbitrary files by directly calling uploader.exe.... Read more

    Affected Products : website_pro
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 6.2

    MEDIUM
    CVE-2000-0724

    The go-gnome Helix GNOME pre-installer allows local users to overwrite arbitrary files via a symlink attack on various files in /tmp, including uudecode, snarf, and some installer files.... Read more

    Affected Products : go-gnome_pre-installer
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0720

    news.cgi in GWScripts News Publisher does not properly authenticate requests to add an author to the author index, which allows remote attackers to add new authors by directly posting an HTTP request to the new.cgi program with an addAuthor parameter, and... Read more

    Affected Products : gwscripts_news_publisher
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0782

    netauth.cgi program in Netwin Netauth 4.2e and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack.... Read more

    Affected Products : netauth
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0784

    sshd program in the Rapidstream 2.1 Beta VPN appliance has a hard-coded "rsadmin" account with a null password, which allows remote attackers to execute arbitrary commands via ssh.... Read more

    Affected Products : rapidstream
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2000-0786

    GNU userv 1.0.0 and earlier does not properly perform file descriptor swapping, which can corrupt the USERV_GROUPS and USERV_GIDS environmental variables and allow local users to bypass some access restrictions.... Read more

    Affected Products : userv
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0692

    ISS RealSecure 3.2.1 and 3.2.2 allows remote attackers to cause a denial of service via a flood of fragmented packets with the SYN flag set.... Read more

    Affected Products : realsecure
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-0776

    Mediahouse Statistics Server 5.02x allows remote attackers to execute arbitrary commands via a long HTTP GET request.... Read more

    Affected Products : statistics_server_livestats
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-0745

    admin.php3 in PHP-Nuke does not properly verify the PHP-Nuke administrator password, which allows remote attackers to gain privileges by requesting a URL that does not specify the aid or pwd parameter.... Read more

    Affected Products : php-nuke
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0699

    Format string vulnerability in ftpd in HP-UX 10.20 allows remote attackers to cause a denial of service or execute arbitrary commands via format strings in the PASS command.... Read more

    Affected Products : hp-ux
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-2000-0723

    Helix GNOME Updater helix-update 0.5 and earlier does not properly create /tmp directories, which allows local users to create empty system configuration files such as /etc/config.d/bashrc, /etc/config.d/csh.cshrc, and /etc/rc.config.... Read more

    Affected Products : gnome_installer
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025
Showing 20 of 294860 Results