Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-1999-1359

    When the Ntconfig.pol file is used on a server whose name is longer than 13 characters, Windows NT does not properly enforce policies for global groups, which could allow users to bypass restrictions that were intended by those policies.... Read more

    Affected Products : windows_nt
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-1999-1317

    Windows NT 4.0 SP4 and earlier allows local users to gain privileges by modifying the symbolic link table in the \?? object folder using a different case letter (upper or lower) to point to a different device.... Read more

    Affected Products : windows_nt
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-1999-1320

    Vulnerability in Novell NetWare 3.x and earlier allows local users to gain privileges via packet spoofing.... Read more

    Affected Products : netware
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-1999-1589

    Unspecified vulnerability in crontab in IBM AIX 3.2 allows local users to gain root privileges via unknown attack vectors.... Read more

    Affected Products : aix
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-1999-1094

    Buffer overflow in Internet Explorer 4.01 and earlier allows remote attackers to execute arbitrary commands via a long URL with the "mk:" protocol, aka the "MK Overrun security issue."... Read more

    Affected Products : internet_explorer
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-1999-1335

    snmpd server in cmu-snmp SNMP package before 3.3-1 in Red Hat Linux 4.0 is configured to allow remote attackers to read and write sensitive information.... Read more

    Affected Products : linux
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-1999-1104

    Windows 95 uses weak encryption for the password list (.pwl) file used when password caching is enabled, which allows local users to gain privileges by decrypting the passwords.... Read more

    Affected Products : windows_95
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-1999-1093

    Buffer overflow in the Window.External function in the JScript Scripting Engine in Internet Explorer 4.01 SP1 and earlier allows remote attackers to execute arbitrary commands via a malicious web page.... Read more

    Affected Products : internet_explorer
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-1999-0815

    Memory leak in SNMP agent in Windows NT 4.0 before SP5 allows remote attackers to conduct a denial of service (memory exhaustion) via a large number of queries.... Read more

    Affected Products : windows_nt
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-1999-1124

    HTTP Client application in ColdFusion allows remote attackers to bypass access restrictions for web pages on other ports by providing the target page to the mainframeset.cfm application, which requests the page from the server, making it look like the req... Read more

    Affected Products : coldfusion
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-1999-1084

    The "AEDebug" registry key is installed with insecure permissions, which allows local users to modify the key to specify a Trojan Horse debugger which is automatically executed on a system crash.... Read more

    Affected Products : windows_nt
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-1999-1177

    Directory traversal vulnerability in nph-publish before 1.2 allows remote attackers to overwrite arbitrary files via a .. (dot dot) in the pathname for an upload operation.... Read more

    Affected Products : nph-publish
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-1999-1456

    thttpd HTTP server 2.03 and earlier allows remote attackers to read arbitrary files via a GET request with more than one leading / (slash) character in the filename.... Read more

    Affected Products : thttpd_http_server
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 5.5

    MEDIUM
    CVE-1999-1386

    Perl 5.004_04 and earlier follows symbolic links when running with the -e option, which allows local users to overwrite arbitrary files via a symlink attack on the /tmp/perl-eaXXXXX file.... Read more

    Affected Products : perl
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-1999-1473

    When a Web site redirects the browser to another site, Internet Explorer 3.02 and 4.0 automatically resends authentication information to the second site, aka the "Page Redirect Issue."... Read more

    Affected Products : internet_explorer
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-1999-1585

    The (1) rcS and (2) mountall programs in Sun Solaris 2.x, possibly before 2.4, start a privileged shell on the system console if fsck fails while the system is booting, which allows attackers with physical access to gain root privileges.... Read more

    Affected Products : sunos
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 1.2

    LOW
    CVE-1999-1042

    Cisco Resource Manager (CRM) 1.0 and 1.1 creates world-readable log files and temporary files, which may expose sensitive information, to local users such as user IDs, passwords and SNMP community strings.... Read more

    Affected Products : resource_manager
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-1999-1074

    Webmin before 0.5 does not restrict the number of invalid passwords that are entered for a valid username, which could allow remote attackers to gain privileges via brute force password cracking.... Read more

    Affected Products : webmin
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-1999-1175

    Web Cache Control Protocol (WCCP) in Cisco Cache Engine for Cisco IOS 11.2 and earlier does not use authentication, which allows remote attackers to redirect HTTP traffic to arbitrary hosts via WCCP packets to UDP port 2048.... Read more

    Affected Products : ios
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-1999-1451

    The Winmsdp.exe sample file in IIS 4.0 and Site Server 3.0 allows remote attackers to read arbitrary files.... Read more

    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025
Showing 20 of 294072 Results