Search
Total
25555 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-1492 | 1 Sgi | 1 Irix | 2017-12-19 | 7.2 HIGH | N/A |
| Vulnerability in (1) diskperf and (2) diskalign in IRIX 6.4 allows local attacker to create arbitrary root owned files, leading to root privileges. | |||||
| CVE-1999-1477 | 2 Gnome, Mandrakesoft | 2 Gnome Libs, Mandrake Linux | 2017-12-19 | 7.2 HIGH | N/A |
| Buffer overflow in GNOME libraries 1.0.8 allows local user to gain root access via a long --espeaker argument in programs such as nethack. | |||||
| CVE-1999-1474 | 1 Microsoft | 1 Powerpoint | 2017-12-19 | 7.5 HIGH | N/A |
| PowerPoint 95 and 97 allows remote attackers to cause an application to be run automatically without prompting the user, possibly through the slide show, when the document is opened in browsers such as Internet Explorer. | |||||
| CVE-1999-1470 | 1 Eastman Software | 1 Work Management | 2017-12-19 | 4.6 MEDIUM | N/A |
| Eastman Work Management 3.21 stores passwords in cleartext in the COMMON and LOCATOR registry keys, which could allow local users to gain privileges. | |||||
| CVE-1999-1467 | 1 Sun | 1 Sunos | 2017-12-19 | 10.0 HIGH | N/A |
| Vulnerability in rcp on SunOS 4.0.x allows remote attackers from trusted hosts to execute arbitrary commands as root, possibly related to the configuration of the nobody user. | |||||
| CVE-1999-1465 | 1 Cisco | 1 Ios | 2017-12-19 | 7.5 HIGH | N/A |
| Vulnerability in Cisco IOS 11.1 through 11.3 with distributed fast switching (DFS) enabled allows remote attackers to bypass certain access control lists when the router switches traffic from a DFS-enabled input interface to an output interface with a logical subinterface, as described by Cisco bug CSCdk43862. | |||||
| CVE-1999-1464 | 1 Cisco | 1 Ios | 2017-12-19 | 7.5 HIGH | N/A |
| Vulnerability in Cisco IOS 11.1CC and 11.1CT with distributed fast switching (DFS) enabled allows remote attackers to bypass certain access control lists when the router switches traffic from a DFS-enabled interface to an interface that does not have DFS enabled, as described by Cisco bug CSCdk35564. | |||||
| CVE-1999-1463 | 1 Microsoft | 1 Windows Nt | 2017-12-19 | 5.0 MEDIUM | N/A |
| Windows NT 4.0 before SP3 allows remote attackers to bypass firewall restrictions or cause a denial of service (crash) by sending improperly fragmented IP packets without the first fragment, which the TCP/IP stack incorrectly reassembles into a valid session. | |||||
| CVE-1999-1459 | 1 Bmc | 1 Patrol Agent | 2017-12-19 | 7.2 HIGH | N/A |
| BMC PATROL Agent before 3.2.07 allows local users to gain root privileges via a symlink attack on a temporary file. | |||||
| CVE-1999-1458 | 1 Digital | 1 Unix | 2017-12-19 | 7.2 HIGH | N/A |
| Buffer overflow in at program in Digital UNIX 4.0 allows local users to gain root privileges via a long command line argument. | |||||
| CVE-1999-1557 | 1 Ipswitch | 1 Imail | 2017-12-19 | 5.0 MEDIUM | N/A |
| Buffer overflow in the login functions in IMAP server (imapd) in Ipswitch IMail 5.0 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a long user name or (2) a long password. | |||||
| CVE-2001-0624 | 1 Qnx | 1 Qnx | 2017-12-19 | 2.1 LOW | N/A |
| QNX 2.4 allows a local user to read arbitrary files by directly accessing the mount point for the FAT disk partition, e.g. /fs-dos. | |||||
| CVE-2000-0857 | 1 Sebastian Kienzl | 1 Muh | 2017-12-19 | 7.5 HIGH | N/A |
| The logging capability in muh 2.05d IRC server does not properly cleanse user-injected format strings, which allows remote attackers to cause a denial of service or execute arbitrary commands via a malformed nickname. | |||||
| CVE-1999-0757 | 1 Allaire | 1 Coldfusion Server | 2017-12-19 | 2.1 LOW | N/A |
| The ColdFusion CFCRYPT program for encrypting CFML templates has weak encryption, allowing attackers to decrypt the templates. | |||||
| CVE-1999-1153 | 1 Hamcards Postcard Cgi | 1 Hamcards Postcard Cgi | 2017-12-19 | 7.5 HIGH | N/A |
| HAMcards Postcard CGI script 1.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the recipient email address. | |||||
| CVE-2001-0614 | 1 Carello | 1 E-commerce | 2017-12-19 | 7.5 HIGH | N/A |
| Carello E-Commerce 1.2.1 and earlier allows a remote attacker to gain additional privileges and execute arbitrary commands via a specially constructed URL. | |||||
| CVE-2001-0608 | 1 Hp | 1 Mpe | 2017-12-19 | 7.5 HIGH | N/A |
| HP architected interface facility (AIF) as includes with MPE/iX 5.5 through 6.5 running on a HP3000 allows an attacker to gain additional privileges and gain access to databases via the AIF - AIFCHANGELOGON program. | |||||
| CVE-1999-1355 | 1 Compaq | 2 Insight Management Agent, Management Agents For Servers | 2017-12-19 | 7.5 HIGH | N/A |
| BMC Patrol component, when installed with Compaq Insight Management Agent 4.23 and earlier, or Management Agents for Servers 4.40 and earlier, creates a PFCUser account with a default password and potentially dangerous privileges. | |||||
| CVE-1999-1313 | 1 Freebsd | 1 Freebsd | 2017-12-19 | 4.6 MEDIUM | N/A |
| Manual page reader (man) in FreeBSD 2.2 and earlier allows local users to gain privileges via a sequence of commands. | |||||
| CVE-1999-1312 | 1 Dec | 2 Dec Openvms Axp, Dec Openvms Vax | 2017-12-19 | 7.2 HIGH | N/A |
| Vulnerability in DEC OpenVMS VAX 5.5-2 through 5.0, and OpenVMS AXP 1.0, allows local users to gain system privileges. | |||||
| CVE-1999-1291 | 1 Microsoft | 2 Windows 95, Windows Nt | 2017-12-19 | 5.0 MEDIUM | N/A |
| TCP/IP implementation in Microsoft Windows 95, Windows NT 4.0, and possibly others, allows remote attackers to reset connections by forcing a reset (RST) via a PSH ACK or other means, obtaining the target's last sequence number from the resulting packet, then spoofing a reset to the target. | |||||
| CVE-1999-1289 | 1 Mirabilis | 1 Icq | 2017-12-19 | 7.5 HIGH | N/A |
| ICQ 98 beta on Windows NT leaks the internal IP address of a client in the TCP data segment of an ICQ packet instead of the public address (e.g. through NAT), which provides remote attackers with potentially sensitive information about the client or the internal network configuration. | |||||
| CVE-1999-1287 | 1 Stephen Turner | 1 Analog | 2017-12-19 | 5.0 MEDIUM | N/A |
| Vulnerability in Analog 3.0 and earlier allows remote attackers to read arbitrary files via the forms interface. | |||||
| CVE-1999-1286 | 1 Sgi | 1 Irix | 2017-12-19 | 7.2 HIGH | N/A |
| addnetpr in SGI IRIX 6.2 and earlier allows local users to modify arbitrary files and possibly gain root access via a symlink attack on a temporary file. | |||||
| CVE-1999-1285 | 1 Linux | 1 Linux Kernel | 2017-12-19 | 2.1 LOW | N/A |
| Linux 2.1.132 and earlier allows local users to cause a denial of service (resource exhaustion) by reading a large buffer from a random device (e.g. /dev/urandom), which cannot be interrupted until the read has completed. | |||||
| CVE-1999-1283 | 1 Opera Software | 1 Opera Web Browser | 2017-12-19 | 5.0 MEDIUM | N/A |
| Opera 3.2.1 allows remote attackers to cause a denial of service (application crash) via a URL that contains an extra / in the http:// tag. | |||||
| CVE-1999-1282 | 1 Realnetworks | 1 Realsystem G2 Server | 2017-12-19 | 4.6 MEDIUM | N/A |
| RealSystem G2 server stores the administrator password in cleartext in a world-readable configuration file, which allows local users to gain privileges. | |||||
| CVE-1999-1281 | 1 Winddance Networks Corporation | 1 Breeze Network Server | 2017-12-19 | 5.0 MEDIUM | N/A |
| Development version of Breeze Network Server allows remote attackers to cause the system to reboot by accessing the configbreeze CGI program. | |||||
| CVE-1999-1280 | 1 Hummingbird | 1 Exceed | 2017-12-19 | 7.5 HIGH | N/A |
| Hummingbird Exceed 6.0.1.0 inadvertently includes a DLL that was meant for development and testing, which logs user names and passwords in cleartext in the test.log file. | |||||
| CVE-1999-1295 | 1 Transarc | 1 Dce Distributed File System | 2017-12-19 | 4.6 MEDIUM | N/A |
| Transarc DCE Distributed File System (DFS) 1.1 for Solaris 2.4 and 2.5 does not properly initialize the grouplist for users who belong to a large number of groups, which could allow those users to gain access to resources that are protected by DFS. | |||||
| CVE-1999-1278 | 1 Nlog | 1 Nlog | 2017-12-19 | 7.5 HIGH | N/A |
| nlog CGI scripts do not properly filter shell metacharacters from the IP address argument, which could allow remote attackers to execute certain commands via (1) nlog-smb.pl or (2) rpc-nlog.pl. | |||||
| CVE-1999-1277 | 1 Backweb Technologies | 1 Backweb Client | 2017-12-19 | 4.6 MEDIUM | N/A |
| BackWeb client stores the username and password in cleartext for proxy authentication in the Communication registry key, which could allow other local users to gain privileges by reading the password. | |||||
| CVE-1999-1275 | 1 Ibm | 1 Lotus Cc Mail | 2017-12-19 | 4.6 MEDIUM | N/A |
| Lotus cc:Mail release 8 stores the postoffice password in plaintext in a hidden file which has insecure permissions, which allows local users to gain privileges. | |||||
| CVE-1999-1274 | 1 Ipass | 1 Roamserver | 2017-12-19 | 6.4 MEDIUM | N/A |
| iPass RoamServer 3.1 creates temporary files with world-writable permissions. | |||||
| CVE-1999-1292 | 1 Kolban | 1 Webcam32 | 2017-12-19 | 7.5 HIGH | N/A |
| Buffer overflow in web administration feature of Kolban Webcam32 4.8.3 and earlier allows remote attackers to execute arbitrary commands via a long URL. | |||||
| CVE-1999-1273 | 1 National Science Foundation | 1 Squid Web Proxy | 2017-12-19 | 7.5 HIGH | N/A |
| Squid Internet Object Cache 1.1.20 allows users to bypass access control lists (ACLs) by encoding the URL with hexadecimal escape sequences. | |||||
| CVE-1999-1272 | 1 Sgi | 1 Irix | 2017-12-19 | 7.2 HIGH | N/A |
| Buffer overflows in CDROM Confidence Test program (cdrom) allow local users to gain root privileges. | |||||
| CVE-1999-1271 | 1 Macromedia | 1 Dreamweaver | 2017-12-19 | 2.1 LOW | N/A |
| Macromedia Dreamweaver uses weak encryption to store FTP passwords, which could allow local users to easily decrypt the passwords of other users. | |||||
| CVE-1999-1270 | 1 Kde | 1 Kde | 2017-12-19 | 4.6 MEDIUM | N/A |
| KMail in KDE 1.0 provides a PGP passphrase as a command line argument to other programs, which could allow local users to obtain the passphrase and compromise the PGP keys of other users by viewing the arguments via programs that list process information, such as ps. | |||||
| CVE-1999-1269 | 1 Kde | 1 Kde Beta 3 | 2017-12-19 | 2.1 LOW | N/A |
| Screen savers in KDE beta 3 allows local users to overwrite arbitrary files via a symlink attack on the .kss.pid file. | |||||
| CVE-1999-1268 | 1 Kde | 1 Kde | 2017-12-19 | 7.2 HIGH | N/A |
| Vulnerability in KDE konsole allows local users to hijack or observe sessions of other users by accessing certain devices. | |||||
| CVE-2001-0606 | 2 Hp, Sun | 2 Virtualvault, Iplanet Web Server | 2017-12-19 | 5.0 MEDIUM | N/A |
| Vulnerability in iPlanet Web Server 4.X in HP-UX 11.04 (VVOS) with VirtualVault A.04.00 allows a remote attacker to create a denial of service via the HTTPS service. | |||||
| CVE-1999-1261 | 1 Metamail Corporation | 1 Metamail | 2017-12-19 | 5.0 MEDIUM | N/A |
| Buffer overflow in Rainbow Six Multiplayer allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long nickname (nick) command. | |||||
| CVE-1999-1260 | 1 Hughes | 1 Msql | 2017-12-19 | 7.5 HIGH | N/A |
| mSQL (Mini SQL) 2.0.6 allows remote attackers to obtain sensitive server information such as logged users, database names, and server version via the ServerStats query. | |||||
| CVE-1999-1257 | 1 Xyplex | 1 Maxserver Xyplex Terminal Server | 2017-12-19 | 7.5 HIGH | N/A |
| Xyplex terminal server 6.0.1S1, and possibly other versions, allows remote attackers to bypass the password prompt by entering (1) a CTRL-Z character, or (2) a ? (question mark). | |||||
| CVE-1999-1267 | 1 Kde | 1 Kde | 2017-12-19 | 5.0 MEDIUM | N/A |
| KDE file manager (kfm) uses a TCP server for certain file operations, which allows remote attackers to modify arbitrary files by sending a copy command to the server. | |||||
| CVE-1999-1256 | 1 Oracle | 1 Database Assistant | 2017-12-19 | 4.6 MEDIUM | N/A |
| Oracle Database Assistant 1.0 in Oracle 8.0.3 Enterprise Edition stores the database master password in plaintext in the spoolmain.log file when a new database is created, which allows local users to obtain the password from that file. | |||||
| CVE-1999-1255 | 1 Ccs Network | 1 Hyperseek Search Engine | 2017-12-19 | 5.0 MEDIUM | N/A |
| Hyperseek allows remote attackers to modify the hyperseek configuration by directly calling the admin.cgi program with an edit_file action parameter. | |||||
| CVE-1999-1254 | 1 Microsoft | 3 Windows 95, Windows 98, Windows Nt | 2017-12-19 | 5.0 MEDIUM | N/A |
| Windows 95, 98, and NT 4.0 allow remote attackers to cause a denial of service by spoofing ICMP redirect messages from a router, which causes Windows to change its routing tables. | |||||
| CVE-1999-1253 | 1 Sco | 2 Internet Faststart, Openserver | 2017-12-19 | 7.2 HIGH | N/A |
| Vulnerability in a kernel error handling routine in SCO OpenServer 5.0.2 and earlier, and SCO Internet FastStart 1.0, allows local users to gain root privileges. | |||||