Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-1999-1206

    SystemSoft SystemWizard package in HP Pavilion PC with Windows 98, and possibly other platforms and operating systems, installs two ActiveX controls that are marked as safe for scripting, which allows remote attackers to execute arbitrary commands via a m... Read more

    Affected Products : systemwizard
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-1999-1094

    Buffer overflow in Internet Explorer 4.01 and earlier allows remote attackers to execute arbitrary commands via a long URL with the "mk:" protocol, aka the "MK Overrun security issue."... Read more

    Affected Products : internet_explorer
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-1999-1334

    Multiple buffer overflows in filter command in Elm 2.4 allows attackers to execute arbitrary commands via (1) long From: headers, (2) long Reply-To: headers, or (3) via a long -f (filterfile) command line argument.... Read more

    Affected Products : elm
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-1999-1132

    Windows NT 4.0 allows remote attackers to cause a denial of service (crash) via extra source routing data such as (1) a Routing Information Field (RIF) field with a hop count greater than 7, or (2) a list containing duplicate Token Ring IDs.... Read more

    Affected Products : windows_nt
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-1999-1472

    Internet Explorer 4.0 allows remote attackers to read arbitrary text and HTML files on the user's machine via a small IFRAME that uses Dynamic HTML (DHTML) to send the data to the attacker, aka the Freiburg text-viewing issue.... Read more

    Affected Products : internet_explorer
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-1999-1043

    Microsoft Exchange Server 5.5 and 5.0 does not properly handle (1) malformed NNTP data, or (2) malformed SMTP data, which allows remote attackers to cause a denial of service (application error).... Read more

    Affected Products : exchange_server
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-1999-1279

    An interaction between the AS/400 shared folders feature and Microsoft SNA Server 3.0 and earlier allows users to view each other's folders when the users share the same Local APPC LU.... Read more

    Affected Products : sna_server
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-1364

    Windows NT 4.0 allows local users to cause a denial of service (crash) via an illegal kernel mode address to the functions (1) GetThreadContext or (2) SetThreadContext.... Read more

    Affected Products : windows_nt
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-1999-1474

    PowerPoint 95 and 97 allows remote attackers to cause an application to be run automatically without prompting the user, possibly through the slide show, when the document is opened in browsers such as Internet Explorer.... Read more

    Affected Products : powerpoint
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-1999-1586

    loadmodule in SunOS 4.1.x, as used by xnews, does not properly sanitize its environment, which allows local users to gain privileges, a different vulnerability than CVE-1999-1584.... Read more

    Affected Products : sunos
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-1999-1035

    IIS 3.0 and 4.0 on x86 and Alpha allows remote attackers to cause a denial of service (hang) via a malformed GET request, aka the IIS "GET" vulnerability.... Read more

    Affected Products : internet_information_server
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-1999-1307

    Vulnerability in urestore in Novell UnixWare 1.1 allows local users to gain root privileges.... Read more

    Affected Products : unixware
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-1999-1444

    genkey utility in Alibaba 2.0 generates RSA key pairs with an exponent of 1, which results in transactions that are sent in cleartext.... Read more

    Affected Products : alibaba
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-1999-0808

    Multiple buffer overflows in ISC DHCP Distribution server (dhcpd) 1.0 and 2.0 allow a remote attacker to cause a denial of service (crash) and possibly execute arbitrary commands via long options.... Read more

    Affected Products : dhcp_client
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-1999-1167

    Cross-site scripting vulnerability in Third Voice Web annotation utility allows remote users to read sensitive data and generate fake web pages for other Third Voice users by injecting malicious Javascript into an annotation.... Read more

    Affected Products : third_voice_web
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-1999-1105

    Windows 95, when Remote Administration and File Sharing for NetWare Networks is enabled, creates a share (C$) when an administrator logs in remotely, which allows remote attackers to read arbitrary files by mapping the network drive.... Read more

    Affected Products : windows_95
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-1999-1100

    Cisco PIX Private Link 4.1.6 and earlier does not properly process certain commands in the configuration file, which reduces the effective key length of the DES key to 48 bits instead of 56 bits, which makes it easier for an attacker to find the proper ke... Read more

    Affected Products : pix_private_link
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-1999-1246

    Direct Mailer feature in Microsoft Site Server 3.0 saves user domain names and passwords in plaintext in the TMLBQueue network share, which has insecure default permissions, allowing remote attackers to read the passwords and gain privileges.... Read more

    Affected Products : site_server
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-1999-1290

    Buffer overflow in nftp FTP client version 1.40 allows remote malicious FTP servers to cause a denial of service, and possibly execute arbitrary commands, via a long response string.... Read more

    Affected Products : nftp
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 3.5

    LOW
    CVE-1999-1590

    Directory traversal vulnerability in Muhammad A. Muquit wwwcount (Count.cgi) 2.3 allows remote attackers to read arbitrary GIF files via ".." sequences in the image parameter, a different vulnerability than CVE-1999-0021.... Read more

    Affected Products : wwwcount
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025
Showing 20 of 293408 Results