Search
Total
27796 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-0240 | 2005-10-20 | 7.5 HIGH | N/A | ||
| Some filters or firewalls allow fragmented SYN packets with IP reserved bits in violation of their implemented policy. | |||||
| CVE-1999-0588 | 2005-10-20 | 7.5 HIGH | N/A | ||
| A filter in a router or firewall allows unusual fragmented packets. | |||||
| CVE-1999-0547 | 2005-10-20 | 10.0 HIGH | N/A | ||
| An SSH server allows authentication through the .rhosts file. | |||||
| CVE-1999-0592 | 2005-10-20 | 10.0 HIGH | N/A | ||
| The Logon box of a Windows NT system displays the name of the last user who logged in. | |||||
| CVE-1999-0591 | 2005-10-20 | 10.0 HIGH | N/A | ||
| An event log in Windows NT has inappropriate access permissions. | |||||
| CVE-1999-0530 | 2005-10-20 | 10.0 HIGH | N/A | ||
| A system is operating in "promiscuous" mode which allows it to perform packet sniffing. | |||||
| CVE-1999-0662 | 2005-10-20 | 10.0 HIGH | N/A | ||
| A system-critical program or library does not have the appropriate patch, hotfix, or service pack installed, or is outdated or obsolete. | |||||
| CVE-1999-0197 | 2005-10-20 | 10.0 HIGH | N/A | ||
| finger 0@host on some systems may print information on some user accounts. | |||||
| CVE-1999-0663 | 2005-10-20 | 10.0 HIGH | N/A | ||
| A system-critical program, library, or file has a checksum or other integrity measurement that indicates that it has been modified. | |||||
| CVE-1999-0944 | 2005-10-20 | 10.0 HIGH | N/A | ||
| IBM WebSphere ikeyman tool uses weak encryption to store a password for a key database that is used for SSL connections. | |||||
| CVE-1999-0554 | 2005-10-20 | 10.0 HIGH | N/A | ||
| NFS exports system-critical data to the world, e.g. / or a password file. | |||||
| CVE-1999-0559 | 2005-10-20 | 10.0 HIGH | N/A | ||
| A system-critical Unix file or directory has inappropriate permissions. | |||||
| CVE-1999-0561 | 2005-10-20 | 10.0 HIGH | N/A | ||
| IIS has the #exec function enabled for Server Side Include (SSI) files. | |||||
| CVE-1999-0698 | 2005-10-20 | 10.0 HIGH | N/A | ||
| Denial of service in IP protocol logger (ippl) on Red Hat and Debian Linux. | |||||
| CVE-1999-0564 | 2005-10-20 | 10.0 HIGH | N/A | ||
| An attacker can force a printer to print arbitrary documents (e.g. if the printer doesn't require a password) or to become disabled. | |||||
| CVE-1999-0580 | 2005-10-20 | 10.0 HIGH | N/A | ||
| The HKEY_LOCAL_MACHINE key in a Windows NT system has inappropriate, system-critical permissions. | |||||
| CVE-1999-0664 | 2005-10-20 | 10.0 HIGH | N/A | ||
| An application-critical Windows NT registry key has inappropriate permissions. | |||||
| CVE-1999-0394 | 2005-10-20 | 10.0 HIGH | N/A | ||
| DPEC Online Courseware allows an attacker to change another user's password without knowing the original password. | |||||
| CVE-1999-0640 | 2005-10-20 | 10.0 HIGH | N/A | ||
| The Gopher service is running. | |||||
| CVE-1999-0630 | 2005-10-20 | 10.0 HIGH | N/A | ||
| The NT Alerter and Messenger services are running. | |||||
| CVE-1999-0198 | 2005-10-20 | 10.0 HIGH | N/A | ||
| finger .@host on some systems may print information on some user accounts. | |||||
| CVE-1999-0527 | 2005-10-20 | 10.0 HIGH | N/A | ||
| The permissions for system-critical data in an anonymous FTP account are inappropriate. For example, the root directory is writeable by world, a real password file is obtainable, or executable commands such as "ls" can be overwritten. | |||||
| CVE-1999-0539 | 2005-10-20 | 10.0 HIGH | N/A | ||
| A trust relationship exists between two Unix hosts. | |||||
| CVE-1999-0361 | 2005-10-20 | 10.0 HIGH | N/A | ||
| NetWare version of LaserFiche stores usernames and passwords unencrypted, and allows administrative changes without logging. | |||||
| CVE-1999-0596 | 2005-10-20 | 10.0 HIGH | N/A | ||
| A Windows NT log file has an inappropriate maximum size or retention period. | |||||
| CVE-1999-0220 | 2005-10-20 | 10.0 HIGH | N/A | ||
| Attackers can do a denial of service of IRC by crashing the server. | |||||
| CVE-1999-0529 | 2005-10-20 | 7.5 HIGH | N/A | ||
| A router or firewall forwards packets that claim to come from IANA reserved or private addresses, e.g. 10.x.x.x, 127.x.x.x, 217.x.x.x, etc. | |||||
| CVE-1999-0512 | 2005-10-20 | 10.0 HIGH | N/A | ||
| A mail server is explicitly configured to allow SMTP mail relay, which allows abuse by spammers. | |||||
| CVE-1999-0584 | 2005-10-20 | 10.0 HIGH | N/A | ||
| A Windows NT file system is not NTFS. | |||||
| CVE-1999-0583 | 2005-10-20 | 10.0 HIGH | N/A | ||
| There is a one-way or two-way trust relationship between Windows NT domains. | |||||
| CVE-1999-0121 | 2005-10-20 | 7.2 HIGH | N/A | ||
| Buffer overflow in dtaction command gives root access. | |||||
| CVE-1999-0665 | 2005-10-20 | 10.0 HIGH | N/A | ||
| An application-critical Windows NT registry key has an inappropriate value. | |||||
| CVE-1999-0555 | 2005-10-20 | 10.0 HIGH | N/A | ||
| A Unix account with a name other than "root" has UID 0, i.e. root privileges. | |||||
| CVE-1999-0587 | 2005-10-20 | 10.0 HIGH | N/A | ||
| A WWW server is not running in a restricted file system, e.g. through a chroot, thus allowing access to system-critical data. | |||||
| CVE-1999-0589 | 2005-10-20 | 10.0 HIGH | N/A | ||
| A system-critical Windows NT registry key has inappropriate permissions. | |||||
| CVE-1999-0255 | 2005-10-20 | 10.0 HIGH | N/A | ||
| Buffer overflow in ircd allows arbitrary command execution. | |||||
| CVE-1999-0515 | 2005-10-20 | 10.0 HIGH | N/A | ||
| An unrestricted remote trust relationship for Unix systems has been set up, e.g. by using a + sign in /etc/hosts.equiv. | |||||
| CVE-1999-0397 | 2005-10-20 | 10.0 HIGH | N/A | ||
| The demo version of the Quakenbush NT Password Appraiser sends passwords across the network in plaintext. | |||||
| CVE-1999-0569 | 2005-10-20 | 10.0 HIGH | N/A | ||
| A URL for a WWW directory allows auto-indexing, which provides a list of all files in that directory if it does not contain an index.html file. | |||||
| CVE-1999-0571 | 2005-10-20 | 10.0 HIGH | N/A | ||
| A router's configuration service or management interface (such as a web server or telnet) is configured to allow connections from arbitrary hosts. | |||||
| CVE-2001-0291 | 2005-10-20 | 10.0 HIGH | N/A | ||
| Buffer overflow in post-query sample CGI program allows remote attackers to execute arbitrary commands via an HTTP POST request that contains at least 10001 parameters. | |||||
| CVE-2000-0889 | 2005-10-20 | 5.1 MEDIUM | N/A | ||
| Two Sun security certificates have been compromised, which could allow attackers to insert malicious code such as applets and make it appear that it is signed by Sun. | |||||
| CVE-2003-0565 | 2005-10-20 | 5.0 MEDIUM | N/A | ||
| Multiple vulnerabilities in multiple vendor implementations of the X.400 protocol allow remote attackers to cause a denial of service and possibly execute arbitrary code via an X.400 message containing certain unexpected ASN.1 constructs, as demonstrated using the NISSC test suite. | |||||
| CVE-1999-0935 | 2005-05-02 | 10.0 HIGH | N/A | ||
| classifieds.cgi allows remote attackers to execute arbitrary commands by specifying them in a hidden variable in a CGI form. | |||||
| CVE-1999-0937 | 2005-05-02 | 10.0 HIGH | N/A | ||
| BNBForm allows remote attackers to read arbitrary files via the automessage hidden form variable. | |||||
| CVE-1999-0936 | 2005-05-02 | 10.0 HIGH | N/A | ||
| BNBSurvey survey.cgi program allows remote attackers to execute commands via shell metacharacters. | |||||