Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.3

    MEDIUM
    CVE-1999-0999

    Microsoft SQL 7.0 server allows a remote attacker to cause a denial of service via a malformed TDS packet.... Read more

    Affected Products : sql_server
    • EPSS Score: %15.57
    • Published: Nov. 19, 1999
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-1999-1475

    ProFTPd 1.2 compiled with the mod_sqlpw module records user passwords in the wtmp log file, which allows local users to obtain the passwords and gain privileges by reading wtmp, e.g. via the last command.... Read more

    Affected Products : proftpd
    • EPSS Score: %0.10
    • Published: Nov. 19, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-0987

    Windows NT does not properly download a system policy if the domain user logs into the domain with a space at the end of the domain name.... Read more

    Affected Products : windows_nt
    • EPSS Score: %5.51
    • Published: Nov. 18, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0352

    Pine before version 4.21 does not properly filter shell metacharacters from URLs, which allows remote attackers to execute arbitrary commands via a malformed URL.... Read more

    Affected Products : pine
    • EPSS Score: %2.47
    • Published: Nov. 18, 1999
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-1999-1519

    Gene6 G6 FTP Server 2.0 allows a remote attacker to cause a denial of service (resource exhaustion) via a long (1) user name or (2) password.... Read more

    Affected Products : g6_ftp_server
    • EPSS Score: %4.72
    • Published: Nov. 17, 1999
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-1999-0793

    Internet Explorer allows remote attackers to read files by redirecting data to a Javascript applet.... Read more

    Affected Products : internet_explorer
    • EPSS Score: %21.09
    • Published: Nov. 17, 1999
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-1999-1092

    tin 1.40 creates the .tin directory with insecure permissions, which allows local users to read passwords from the .inputhistory file.... Read more

    Affected Products : tin
    • EPSS Score: %0.06
    • Published: Nov. 17, 1999
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0073

    Buffer overflow in Microsoft Rich Text Format (RTF) reader allows attackers to cause a denial of service via a malformed control word.... Read more

    Affected Products : windows_2000 windows_98 windows_nt
    • EPSS Score: %16.57
    • Published: Nov. 17, 1999
    • Modified: Apr. 03, 2025

  • 7.8

    HIGH
    CVE-1999-1549

    Lynx 2.x does not properly distinguish between internal and external HTML, which may allow a local attacker to read a "secure" hidden form value from a temporary file and craft a LYNXOPTIONS: URL that causes Lynx to modify the user's configuration file an... Read more

    Affected Products : lynx
    • EPSS Score: %0.21
    • Published: Nov. 16, 1999
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-1999-1457

    Buffer overflow in thttpd HTTP server before 2.04-31 allows remote attackers to execute arbitrary commands via a long date string, which is not properly handled by the tdate_parse function.... Read more

    Affected Products : thttpd_http_server
    • EPSS Score: %1.21
    • Published: Nov. 16, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-1508

    Web server in Tektronix PhaserLink Printer 840.0 and earlier allows a remote attacker to gain administrator access by directly calling undocumented URLs such as ncl_items.html and ncl_subjects.html.... Read more

    • EPSS Score: %2.86
    • Published: Nov. 16, 1999
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-1999-1051

    Default configuration in Matt Wright FormHandler.cgi script allows arbitrary directories to be used for attachments, and only restricts access to the /etc/ directory, which allows remote attackers to read arbitrary files via the reply_message_attach attac... Read more

    Affected Products : formhandler.cgi
    • EPSS Score: %0.96
    • Published: Nov. 16, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-1190

    Buffer overflow in POP3 server of Admiral Systems EmailClub 1.05 allows remote attackers to execute arbitrary commands via a long "From" header in an e-mail message.... Read more

    Affected Products : emailclub
    • EPSS Score: %4.85
    • Published: Nov. 15, 1999
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-1999-1528

    ProSoft Netware Client 5.12 on Macintosh MacOS 9 does not automatically log a user out of the NDS tree when the user logs off the system, which allows other users of the same system access to the unprotected NDS session.... Read more

    Affected Products : netware_client
    • EPSS Score: %0.07
    • Published: Nov. 14, 1999
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-1999-1110

    Windows Media Player ActiveX object as used in Internet Explorer 5.0 returns a specific error code when a file does not exist, which allows remote malicious web sites to determine the existence of files on the client.... Read more

    Affected Products : internet_explorer
    • EPSS Score: %21.50
    • Published: Nov. 14, 1999
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-0165

    The Delegate application proxy has several buffer overflows which allow a remote attacker to execute commands.... Read more

    Affected Products : delegate
    • EPSS Score: %8.47
    • Published: Nov. 13, 1999
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-1999-1050

    Directory traversal vulnerability in Matt Wright FormHandler.cgi script allows remote attackers to read arbitrary files via (1) a .. (dot dot) in the reply_message_attach attachment parameter, or (2) by specifying the filename as a template.... Read more

    Affected Products : formhandler.cgi
    • EPSS Score: %4.82
    • Published: Nov. 12, 1999
    • Modified: Apr. 03, 2025

  • 7.6

    HIGH
    CVE-2000-0330

    The networking software in Windows 95 and Windows 98 allows remote attackers to execute commands via a long file name string, aka the "File Access URL" vulnerability.... Read more

    Affected Products : windows_95 windows_98 windows-9x
    • EPSS Score: %22.85
    • Published: Nov. 12, 1999
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-2000-0329

    A Microsoft ActiveX control allows a remote attacker to execute a malicious cabinet file via an attachment and an embedded script in an HTML mail, aka the "Active Setup Control" vulnerability.... Read more

    • EPSS Score: %8.05
    • Published: Nov. 11, 1999
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-1999-1511

    Buffer overflows in Xtramail 1.11 allow attackers to cause a denial of service (crash) and possibly execute arbitrary commands via (1) a long PASS command in the POP3 service, (2) a long HELO command in the SMTP service, or (3) a long user name in the Con... Read more

    Affected Products : xtramail
    • EPSS Score: %1.75
    • Published: Nov. 10, 1999
    • Modified: Apr. 03, 2025
Showing 20 of 291712 Results