Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-1999-1051

    Default configuration in Matt Wright FormHandler.cgi script allows arbitrary directories to be used for attachments, and only restricts access to the /etc/ directory, which allows remote attackers to read arbitrary files via the reply_message_attach attac... Read more

    Affected Products : formhandler.cgi
    • Published: Nov. 16, 1999
    • Modified: Apr. 03, 2025

  • 7.8

    HIGH
    CVE-1999-1549

    Lynx 2.x does not properly distinguish between internal and external HTML, which may allow a local attacker to read a "secure" hidden form value from a temporary file and craft a LYNXOPTIONS: URL that causes Lynx to modify the user's configuration file an... Read more

    Affected Products : lynx
    • Published: Nov. 16, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-1508

    Web server in Tektronix PhaserLink Printer 840.0 and earlier allows a remote attacker to gain administrator access by directly calling undocumented URLs such as ncl_items.html and ncl_subjects.html.... Read more

    • Published: Nov. 16, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-1190

    Buffer overflow in POP3 server of Admiral Systems EmailClub 1.05 allows remote attackers to execute arbitrary commands via a long "From" header in an e-mail message.... Read more

    Affected Products : emailclub
    • Published: Nov. 15, 1999
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-1999-1528

    ProSoft Netware Client 5.12 on Macintosh MacOS 9 does not automatically log a user out of the NDS tree when the user logs off the system, which allows other users of the same system access to the unprotected NDS session.... Read more

    Affected Products : netware_client
    • Published: Nov. 14, 1999
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-1999-1110

    Windows Media Player ActiveX object as used in Internet Explorer 5.0 returns a specific error code when a file does not exist, which allows remote malicious web sites to determine the existence of files on the client.... Read more

    Affected Products : internet_explorer
    • Published: Nov. 14, 1999
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-0165

    The Delegate application proxy has several buffer overflows which allow a remote attacker to execute commands.... Read more

    Affected Products : delegate
    • Published: Nov. 13, 1999
    • Modified: Apr. 03, 2025

  • 7.6

    HIGH
    CVE-2000-0330

    The networking software in Windows 95 and Windows 98 allows remote attackers to execute commands via a long file name string, aka the "File Access URL" vulnerability.... Read more

    Affected Products : windows_95 windows_98 windows-9x
    • Published: Nov. 12, 1999
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-1999-1050

    Directory traversal vulnerability in Matt Wright FormHandler.cgi script allows remote attackers to read arbitrary files via (1) a .. (dot dot) in the reply_message_attach attachment parameter, or (2) by specifying the filename as a template.... Read more

    Affected Products : formhandler.cgi
    • Published: Nov. 12, 1999
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-2000-0329

    A Microsoft ActiveX control allows a remote attacker to execute a malicious cabinet file via an attachment and an embedded script in an HTML mail, aka the "Active Setup Control" vulnerability.... Read more

    • Published: Nov. 11, 1999
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-1999-1511

    Buffer overflows in Xtramail 1.11 allow attackers to cause a denial of service (crash) and possibly execute arbitrary commands via (1) a long PASS command in the POP3 service, (2) a long HELO command in the SMTP service, or (3) a long user name in the Con... Read more

    Affected Products : xtramail
    • Published: Nov. 10, 1999
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-1999-0848

    Denial of service in BIND named via consuming more than "fdmax" file descriptors.... Read more

    Affected Products : solaris sunos bind
    • Published: Nov. 10, 1999
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-1999-0833

    Buffer overflow in BIND 8.2 via NXT records.... Read more

    Affected Products : solaris sunos bind
    • Published: Nov. 10, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-0835

    Denial of service in BIND named via malformed SIG records.... Read more

    Affected Products : aix sunos unixware openserver
    • Published: Nov. 10, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-0837

    Denial of service in BIND by improperly closing TCP sessions via so_linger.... Read more

    Affected Products : solaris sunos bind
    • Published: Nov. 10, 1999
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-1999-0849

    Denial of service in BIND named via maxdname.... Read more

    Affected Products : bind
    • Published: Nov. 10, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-0851

    Denial of service in BIND named via naptr.... Read more

    Affected Products : aix sunos unixware openserver
    • Published: Nov. 10, 1999
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-1999-1539

    Buffer overflow in FTP server in QPC Software's QVT/Term Plus versions 4.2d and 4.3 and QVT/Net 4.3 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long (1) user name or (2) password.... Read more

    Affected Products : qvt_net qvt_term_plus
    • Published: Nov. 10, 1999
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-1999-1112

    Buffer overflow in IrfanView32 3.07 and earlier allows attackers to execute arbitrary commands via a long string after the "8BPS" image type in a Photo Shop image header.... Read more

    Affected Products : irfanview
    • Published: Nov. 09, 1999
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-1999-1111

    Vulnerability in StackGuard before 1.21 allows remote attackers to bypass the Random and Terminator Canary security mechanisms by using a non-linear attack which directly modifies a pointer to a return address instead of using a buffer overflow to reach t... Read more

    Affected Products : stackguard
    • Published: Nov. 09, 1999
    • Modified: Apr. 03, 2025
Showing 20 of 292803 Results