Export limit exceeded: 358984 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (358984 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-1999-1210 | 1 Digital | 1 Unix | 2026-04-16 | N/A |
| xterm in Digital UNIX 4.0B *with* patch kit 5 allows local users to overwrite arbitrary files via a symlink attack on a core dump file, which is created when xterm is called with a DISPLAY environmental variable set to a display that xterm cannot access. | ||||
| CVE-1999-1211 | 1 Sun | 1 Sunos | 2026-04-16 | N/A |
| Vulnerability in in.telnetd in SunOS 4.1.1 and earlier allows local users to gain root privileges. | ||||
| CVE-1999-0489 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| MSHTML.DLL in Internet Explorer 5.0 allows a remote attacker to paste a file name into the file upload intrinsic control, a variant of "untrusted scripted paste" as described in MS:MS98-013. | ||||
| CVE-1999-1216 | 1 Cisco | 1 Router | 2026-04-16 | N/A |
| Cisco routers 9.17 and earlier allow remote attackers to bypass security restrictions via certain IP source routed packets that should normally be denied using the "no ip source-route" command. | ||||
| CVE-1999-1217 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| The PATH in Windows NT includes the current working directory (.), which could allow local users to gain privileges by placing Trojan horse programs with the same name as commonly used system programs into certain directories. | ||||
| CVE-1999-1218 | 1 Commodore | 1 Amiga Unix | 2026-04-16 | N/A |
| Vulnerability in finger in Commodore Amiga UNIX 2.1p2a and earlier allows local users to read arbitrary files. | ||||
| CVE-1999-1219 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| Vulnerability in sgihelp in the SGI help system and print manager in IRIX 5.2 and earlier allows local users to gain root privileges, possibly through the clogin command. | ||||
| CVE-1999-1220 | 1 Great Circle Associates | 1 Majordomo | 2026-04-16 | N/A |
| Majordomo 1.94.3 and earlier allows remote attackers to execute arbitrary commands when the advertise or noadvertise directive is used in a configuration file, via shell metacharacters in the Reply-To header. | ||||
| CVE-2002-0353 | 2 Ethereal Group, Redhat | 3 Ethereal, Linux, Powertools | 2026-04-16 | N/A |
| The ASN.1 parser in Ethereal 0.9.2 and earlier allows remote attackers to cause a denial of service (crash) via a certain malformed packet, which causes Ethereal to allocate memory incorrectly, possibly due to zero-length fields. | ||||
| CVE-2002-0848 | 1 Cisco | 2 Vpn 5000 Concentrator, Vpn 5000 Concentrator Series Software | 2026-04-16 | N/A |
| Cisco VPN 5000 series concentrator hardware 6.0.21.0002 and earlier, and 5.2.23.0003 and earlier, when using RADIUS with a challenge type of Password Authentication Protocol (PAP) or Challenge, sends the user password in cleartext in a validation retry request, which could allow remote attackers to steal passwords via sniffing. | ||||
| CVE-1999-1235 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Internet Explorer 5.0 records the username and password for FTP servers in the URL history, which could allow (1) local users to read the information from another user's index.dat, or (2) people who are physically observing ("shoulder surfing") another user to read the information from the status bar when the user moves the mouse over a link. | ||||
| CVE-1999-1238 | 1 Hp | 1 Hp-ux | 2026-04-16 | N/A |
| Vulnerability in CORE-DIAG fileset in HP message catalog in HP-UX 9.05 and earlier allows local users to gain privileges. | ||||
| CVE-1999-1074 | 1 Webmin | 1 Webmin | 2026-04-16 | N/A |
| Webmin before 0.5 does not restrict the number of invalid passwords that are entered for a valid username, which could allow remote attackers to gain privileges via brute force password cracking. | ||||
| CVE-1999-1073 | 1 Excite | 1 Ews | 2026-04-16 | N/A |
| Excite for Web Servers (EWS) 1.1 records the first two characters of a plaintext password in the beginning of the encrypted password, which makes it easier for an attacker to guess passwords via a brute force or dictionary attack. | ||||
| CVE-1999-1071 | 1 Excite | 1 Ews | 2026-04-16 | N/A |
| Excite for Web Servers (EWS) 1.1 installs the Architext.conf authentication file with world-writeable permissions, which allows local users to gain access to Excite accounts by modifying the file. | ||||
| CVE-1999-1070 | 1 Xylogics | 1 Annex | 2026-04-16 | N/A |
| Buffer overflow in ping CGI program in Xylogics Annex terminal service allows remote attackers to cause a denial of service via a long query parameter. | ||||
| CVE-1999-1067 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| SGI MachineInfo CGI program, installed by default on some web servers, prints potentially sensitive system status information, which could be used by remote attackers for information gathering activities. | ||||
| CVE-1999-1066 | 1 Sgi | 1 Quake 1 Server | 2026-04-16 | N/A |
| Quake 1 server responds to an initial UDP game connection request with a large amount of traffic, which allows remote attackers to use the server as an amplifier in a "Smurf" style attack on another host, by spoofing the connection request. | ||||
| CVE-1999-1065 | 1 Palm Pilot | 1 Hotsync Manager | 2026-04-16 | N/A |
| Palm Pilot HotSync Manager 3.0.4 in Windows 98 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long string to port 14238 while the manager is in network mode. | ||||
| CVE-1999-0439 | 2 Caldera, Procmail | 2 Openlinux, Procmail | 2026-04-16 | N/A |
| Buffer overflow in procmail before version 3.12 allows remote or local attackers to execute commands via expansions in the procmailrc configuration file. | ||||