Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2000-0699

    Format string vulnerability in ftpd in HP-UX 10.20 allows remote attackers to cause a denial of service or execute arbitrary commands via format strings in the PASS command.... Read more

    Affected Products : hp-ux
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2000-0791

    Trustix installs the httpsd program for Apache-SSL with world-writeable permissions, which allows local users to replace it with a Trojan horse.... Read more

    Affected Products : secure_linux
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0785

    WircSrv IRC Server 5.07s allows IRC operators to read arbitrary files via the importmotd command, which sets the Message of the Day (MOTD) to the specified file.... Read more

    Affected Products : irc_server
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0778

    IIS 5.0 allows remote attackers to obtain source code for .ASP files and other scripts via an HTTP GET request with a "Translate: f" header, aka the "Specialized Header" vulnerability.... Read more

    Affected Products : internet_information_services iis
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0762

    The default installation of eTrust Access Control (formerly SeOS) uses a default encryption key, which allows remote attackers to spoof the eTrust administrator and gain privileges.... Read more

    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0729

    FreeBSD 5.x, 4.x, and 3.x allows local users to cause a denial of service by executing a program with a malformed ELF image header.... Read more

    Affected Products : freebsd
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2000-0680

    The CVS 1.10.8 server does not properly restrict users from creating arbitrary Checkin.prog or Update.prog programs, which allows remote CVS committers to modify or create Trojan horse programs with the Checkin.prog or Update.prog names, then performing a... Read more

    Affected Products : cvs
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0686

    Auction Weaver CGI script 1.03 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack in the fromfile parameter.... Read more

    Affected Products : auction_weaver
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-0787

    IRC Xchat client versions 1.4.2 and earlier allows remote attackers to execute arbitrary commands by encoding shell metacharacters into a URL which XChat uses to launch a web browser.... Read more

    Affected Products : xchat
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0783

    Watchguard Firebox II allows remote attackers to cause a denial of service by sending a malformed URL to the authentication service on port 4100.... Read more

    Affected Products : firebox
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0708

    Buffer overflow in Pragma Systems TelnetServer 2000 version 4.0 allows remote attackers to cause a denial of service via a long series of null characters to the rexec port.... Read more

    Affected Products : telnetserver
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2000-0758

    The web interface for Lyris List Manager 3 and 4 allows list subscribers to obtain administrative access by modifying the value of the list_admin hidden form field.... Read more

    Affected Products : list_manager
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0739

    Directory traversal vulnerability in strong.exe program in NAI Net Tools PKI server 1.0 before HotFix 3 allows remote attackers to read arbitrary files via a .. (dot dot) attack in an HTTPS request to the enrollment server.... Read more

    Affected Products : net_tools_pki_server
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2000-0768

    A function in Internet Explorer 4.x and 5.x does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files, aka a variant of the "Frame Domain Verification" vulnerability.... Read more

    Affected Products : internet_explorer ie
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2000-0780

    The web server in IPSWITCH IMail 6.04 and earlier allows remote attackers to read and delete arbitrary files via a .. (dot dot) attack.... Read more

    Affected Products : imail
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-0696

    The administration interface for the dwhttpd web server in Solaris AnswerBook2 does not properly authenticate requests to its supporting CGI scripts, which allows remote attackers to add user accounts to the interface by directly calling the admin CGI scr... Read more

    Affected Products : solaris solaris_answerbook2
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2000-0777

    The password protection feature of Microsoft Money can store the password in plaintext, which allows attackers with physical access to the system to obtain the password, aka the "Money Password" vulnerability.... Read more

    Affected Products : money
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0756

    Microsoft Outlook 2000 does not properly process long or malformed fields in vCard (.vcf) files, which allows attackers to cause a denial of service.... Read more

    Affected Products : outlook
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2000-0770

    IIS 4.0 and 5.0 does not properly restrict access to certain types of files when their parent folders have less restrictive permissions, which could allow remote attackers to bypass access restrictions to some files, aka the "File Permission Canonicalizat... Read more

    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2000-0726

    CGIMail.exe CGI program in Stalkerlab Mailers 1.1.2 allows remote attackers to read arbitrary files by specifying the file in the $Attach$ hidden form variable.... Read more

    Affected Products : mailers
    • Published: Oct. 20, 2000
    • Modified: Apr. 03, 2025
Showing 20 of 294860 Results