Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.6

    MEDIUM
    CVE-1999-1104

    Windows 95 uses weak encryption for the password list (.pwl) file used when password caching is enabled, which allows local users to gain privileges by decrypting the passwords.... Read more

    Affected Products : windows_95
    • EPSS Score: %0.57
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-1999-1333

    automatic download option in ncftp 2.4.2 FTP client in Red Hat Linux 5.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the names of files that are to be downloaded.... Read more

    Affected Products : linux
    • EPSS Score: %1.23
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-1999-1035

    IIS 3.0 and 4.0 on x86 and Alpha allows remote attackers to cause a denial of service (hang) via a malformed GET request, aka the IIS "GET" vulnerability.... Read more

    Affected Products : internet_information_server
    • EPSS Score: %18.09
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-1999-1167

    Cross-site scripting vulnerability in Third Voice Web annotation utility allows remote users to read sensitive data and generate fake web pages for other Third Voice users by injecting malicious Javascript into an annotation.... Read more

    Affected Products : third_voice_web
    • EPSS Score: %0.65
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-1999-0808

    Multiple buffer overflows in ISC DHCP Distribution server (dhcpd) 1.0 and 2.0 allow a remote attacker to cause a denial of service (crash) and possibly execute arbitrary commands via long options.... Read more

    Affected Products : dhcp_client
    • EPSS Score: %1.58
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-1999-1094

    Buffer overflow in Internet Explorer 4.01 and earlier allows remote attackers to execute arbitrary commands via a long URL with the "mk:" protocol, aka the "MK Overrun security issue."... Read more

    Affected Products : internet_explorer
    • EPSS Score: %6.93
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-1999-1339

    Vulnerability when Network Address Translation (NAT) is enabled in Linux 2.2.10 and earlier with ipchains, or FreeBSD 3.2 with ipfw, allows remote attackers to cause a denial of service (kernel panic) via a ping -R (record route) command.... Read more

    Affected Products : linux_kernel freebsd
    • EPSS Score: %1.11
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-1999-1105

    Windows 95, when Remote Administration and File Sharing for NetWare Networks is enabled, creates a share (C$) when an administrator logs in remotely, which allows remote attackers to read arbitrary files by mapping the network drive.... Read more

    Affected Products : windows_95
    • EPSS Score: %48.73
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-1999-1233

    IIS 4.0 does not properly restrict access for the initial session request from a user's IP address if the address does not resolve to a DNS domain, aka the "Domain Resolution" vulnerability.... Read more

    Affected Products : internet_information_server
    • EPSS Score: %10.31
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 3.5

    LOW
    CVE-1999-1590

    Directory traversal vulnerability in Muhammad A. Muquit wwwcount (Count.cgi) 2.3 allows remote attackers to read arbitrary GIF files via ".." sequences in the image parameter, a different vulnerability than CVE-1999-0021.... Read more

    Affected Products : wwwcount
    • EPSS Score: %0.16
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-1999-1455

    RSH service utility RSHSVC in Windows NT 3.5 through 4.0 does not properly restrict access as specified in the .Rhosts file when a user comes from an authorized host, which could allow unauthorized users to access the service by logging in from an authori... Read more

    Affected Products : windows_nt
    • EPSS Score: %6.95
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-1102

    lpr on SunOS 4.1.1, BSD 4.3, A/UX 2.0.1, and other BSD-based operating systems allows local users to create or overwrite arbitrary files via a symlink attack that is triggered after invoking lpr 1000 times.... Read more

    Affected Products : sunos bsd irix a_ux
    • EPSS Score: %0.12
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-1999-1456

    thttpd HTTP server 2.03 and earlier allows remote attackers to read arbitrary files via a GET request with more than one leading / (slash) character in the filename.... Read more

    Affected Products : thttpd_http_server
    • EPSS Score: %1.08
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-1999-1462

    Vulnerability in bb-hist.sh CGI History module in Big Brother 1.09b and 1.09c allows remote attackers to read portions of arbitrary files.... Read more

    Affected Products : big_brother
    • EPSS Score: %1.42
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-1999-1464

    Vulnerability in Cisco IOS 11.1CC and 11.1CT with distributed fast switching (DFS) enabled allows remote attackers to bypass certain access control lists when the router switches traffic from a DFS-enabled interface to an interface that does not have DFS ... Read more

    Affected Products : ios
    • EPSS Score: %0.35
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-1999-1175

    Web Cache Control Protocol (WCCP) in Cisco Cache Engine for Cisco IOS 11.2 and earlier does not use authentication, which allows remote attackers to redirect HTTP traffic to arbitrary hosts via WCCP packets to UDP port 2048.... Read more

    Affected Products : ios
    • EPSS Score: %0.87
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-1999-1074

    Webmin before 0.5 does not restrict the number of invalid passwords that are entered for a valid username, which could allow remote attackers to gain privileges via brute force password cracking.... Read more

    Affected Products : webmin
    • EPSS Score: %0.85
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-1999-0001

    ip_input.c in BSD-derived TCP/IP implementations allows remote attackers to cause a denial of service (crash or hang) via crafted packets.... Read more

    Affected Products : freebsd openbsd bsd_os
    • EPSS Score: %1.42
    • Published: Dec. 30, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0076

    nviboot boot script in the Debian nvi package allows local users to delete files via malformed entries in vi.recover.... Read more

    Affected Products : debian_linux nvi
    • EPSS Score: %0.10
    • Published: Dec. 30, 1999
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-0043

    Buffer overflow in CamShot WebCam HTTP server allows remote attackers to execute commands via a long GET request.... Read more

    Affected Products : webcam_http_server
    • EPSS Score: %4.87
    • Published: Dec. 30, 1999
    • Modified: Apr. 03, 2025
Showing 20 of 291878 Results