Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-1999-1591

    Microsoft Internet Information Services (IIS) server 4.0 SP4, without certain hotfixes released for SP4, does not require authentication credentials under certain conditions, which allows remote attackers to bypass authentication requirements, as demonstr... Read more

    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-1999-1355

    BMC Patrol component, when installed with Compaq Insight Management Agent 4.23 and earlier, or Management Agents for Servers 4.40 and earlier, creates a PFCUser account with a default password and potentially dangerous privileges.... Read more

    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-1999-1488

    sdrd daemon in IBM SP2 System Data Repository (SDR) allows remote attackers to read files without authentication.... Read more

    Affected Products : system_data_repository
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-1999-1043

    Microsoft Exchange Server 5.5 and 5.0 does not properly handle (1) malformed NNTP data, or (2) malformed SMTP data, which allows remote attackers to cause a denial of service (application error).... Read more

    Affected Products : exchange_server
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-1999-1279

    An interaction between the AS/400 shared folders feature and Microsoft SNA Server 3.0 and earlier allows users to view each other's folders when the users share the same Local APPC LU.... Read more

    Affected Products : sna_server
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-1364

    Windows NT 4.0 allows local users to cause a denial of service (crash) via an illegal kernel mode address to the functions (1) GetThreadContext or (2) SetThreadContext.... Read more

    Affected Products : windows_nt
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-1999-1474

    PowerPoint 95 and 97 allows remote attackers to cause an application to be run automatically without prompting the user, possibly through the slide show, when the document is opened in browsers such as Internet Explorer.... Read more

    Affected Products : powerpoint
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-1584

    Unknown vulnerability in (1) loadmodule, and (2) modload if modload is installed with setuid/setgid privileges, in SunOS 4.1.1 through 4.1.3c, and Open Windows 3.0, allows local users to gain root privileges via environment variables, a different vulnerab... Read more

    Affected Products : sunos openwindows
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-1360

    Windows NT 4.0 allows local users to cause a denial of service via a user mode application that closes a handle that was opened in kernel mode, which causes a crash when the kernel attempts to close the handle.... Read more

    Affected Products : windows_nt
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-1999-1339

    Vulnerability when Network Address Translation (NAT) is enabled in Linux 2.2.10 and earlier with ipchains, or FreeBSD 3.2 with ipfw, allows remote attackers to cause a denial of service (kernel panic) via a ping -R (record route) command.... Read more

    Affected Products : linux_kernel freebsd
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-1999-1455

    RSH service utility RSHSVC in Windows NT 3.5 through 4.0 does not properly restrict access as specified in the .Rhosts file when a user comes from an authorized host, which could allow unauthorized users to access the service by logging in from an authori... Read more

    Affected Products : windows_nt
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-1999-1105

    Windows 95, when Remote Administration and File Sharing for NetWare Networks is enabled, creates a share (C$) when an administrator logs in remotely, which allows remote attackers to read arbitrary files by mapping the network drive.... Read more

    Affected Products : windows_95
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 3.5

    LOW
    CVE-1999-1590

    Directory traversal vulnerability in Muhammad A. Muquit wwwcount (Count.cgi) 2.3 allows remote attackers to read arbitrary GIF files via ".." sequences in the image parameter, a different vulnerability than CVE-1999-0021.... Read more

    Affected Products : wwwcount
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-1999-1358

    When an administrator in Windows NT or Windows 2000 changes a user policy, the policy is not properly updated if the local ntconfig.pol is not writable by the user, which could allow local users to bypass restrictions that would otherwise be enforced by t... Read more

    Affected Products : windows_2000 windows_nt
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-1999-1451

    The Winmsdp.exe sample file in IIS 4.0 and Site Server 3.0 allows remote attackers to read arbitrary files.... Read more

    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-1999-1316

    Passfilt.dll in Windows NT SP2 allows users to create a password that contains the user's name, which could make it easier for an attacker to guess.... Read more

    Affected Products : windows_nt
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-1999-1587

    /usr/ucb/ps in Sun Microsystems Solaris 8 and 9, and certain earlier releases, allows local users to view the environment variables and values of arbitrary processes via the -e option.... Read more

    Affected Products : solaris sunos
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-1999-1148

    FTP service in IIS 4.0 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via many passive (PASV) connections at the same time.... Read more

    Affected Products : internet_information_server
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-1999-1325

    SAS System 5.18 on VAX/VMS is installed with insecure permissions for its directories and startup file, which allows local users to gain privileges.... Read more

    Affected Products : sas_system
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-1999-1333

    automatic download option in ncftp 2.4.2 FTP client in Red Hat Linux 5.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the names of files that are to be downloaded.... Read more

    Affected Products : linux
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025
Showing 20 of 293608 Results