Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.4

    MEDIUM
    CVE-1999-1167

    Cross-site scripting vulnerability in Third Voice Web annotation utility allows remote users to read sensitive data and generate fake web pages for other Third Voice users by injecting malicious Javascript into an annotation.... Read more

    Affected Products : third_voice_web
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-1999-1586

    loadmodule in SunOS 4.1.x, as used by xnews, does not properly sanitize its environment, which allows local users to gain privileges, a different vulnerability than CVE-1999-1584.... Read more

    Affected Products : sunos
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-1999-1444

    genkey utility in Alibaba 2.0 generates RSA key pairs with an exponent of 1, which results in transactions that are sent in cleartext.... Read more

    Affected Products : alibaba
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-1999-0808

    Multiple buffer overflows in ISC DHCP Distribution server (dhcpd) 1.0 and 2.0 allow a remote attacker to cause a denial of service (crash) and possibly execute arbitrary commands via long options.... Read more

    Affected Products : dhcp_client
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-1999-1307

    Vulnerability in urestore in Novell UnixWare 1.1 allows local users to gain root privileges.... Read more

    Affected Products : unixware
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-1999-1035

    IIS 3.0 and 4.0 on x86 and Alpha allows remote attackers to cause a denial of service (hang) via a malformed GET request, aka the IIS "GET" vulnerability.... Read more

    Affected Products : internet_information_server
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-1999-1246

    Direct Mailer feature in Microsoft Site Server 3.0 saves user domain names and passwords in plaintext in the TMLBQueue network share, which has insecure default permissions, allowing remote attackers to read the passwords and gain privileges.... Read more

    Affected Products : site_server
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-1999-1358

    When an administrator in Windows NT or Windows 2000 changes a user policy, the policy is not properly updated if the local ntconfig.pol is not writable by the user, which could allow local users to bypass restrictions that would otherwise be enforced by t... Read more

    Affected Products : windows_2000 windows_nt
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-1999-1290

    Buffer overflow in nftp FTP client version 1.40 allows remote malicious FTP servers to cause a denial of service, and possibly execute arbitrary commands, via a long response string.... Read more

    Affected Products : nftp
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-1999-1588

    Buffer overflow in nlps_server in Sun Solaris x86 2.4, 2.5, and 2.5.1 allows remote attackers to execute arbitrary code as root via a long string beginning with "NLPS:002:002:" to the listen (aka System V listener) port, TCP port 2766.... Read more

    Affected Products : solaris
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-1999-1100

    Cisco PIX Private Link 4.1.6 and earlier does not properly process certain commands in the configuration file, which reduces the effective key length of the DES key to 48 bits instead of 56 bits, which makes it easier for an attacker to find the proper ke... Read more

    Affected Products : pix_private_link
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-1999-1472

    Internet Explorer 4.0 allows remote attackers to read arbitrary text and HTML files on the user's machine via a small IFRAME that uses Dynamic HTML (DHTML) to send the data to the attacker, aka the Freiburg text-viewing issue.... Read more

    Affected Products : internet_explorer
    • Published: Dec. 31, 1999
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2000-0076

    nviboot boot script in the Debian nvi package allows local users to delete files via malformed entries in vi.recover.... Read more

    Affected Products : debian_linux nvi
    • Published: Dec. 30, 1999
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-0043

    Buffer overflow in CamShot WebCam HTTP server allows remote attackers to execute commands via a long GET request.... Read more

    Affected Products : webcam_http_server
    • Published: Dec. 30, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0003

    Buffer overflow in UnixWare rtpm program allows local users to gain privileges via a long environmental variable.... Read more

    Affected Products : unixware
    • Published: Dec. 30, 1999
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-1999-0001

    ip_input.c in BSD-derived TCP/IP implementations allows remote attackers to cause a denial of service (crash or hang) via crafted packets.... Read more

    Affected Products : freebsd openbsd bsd_os
    • Published: Dec. 30, 1999
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-0039

    AltaVista search engine allows remote attackers to read files above the document root via a .. (dot dot) in the query.cgi CGI program.... Read more

    Affected Products : search_intranet
    • Published: Dec. 29, 1999
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2000-0042

    Buffer overflow in CSM mail server allows remote attackers to cause a denial of service or execute commands via a long HELO command.... Read more

    Affected Products : mail_server
    • Published: Dec. 29, 1999
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2000-0100

    The SMS Remote Control program is installed with insecure permissions, which allows local users to gain privileges by modifying or replacing the program.... Read more

    Affected Products : systems_management_server
    • Published: Dec. 29, 1999
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2000-0009

    The bna_pass program in Optivity NETarchitect uses the PATH environmental variable for finding the "rm" program, which allows local users to execute arbitrary commands.... Read more

    Affected Products : optivity_net_architect
    • Published: Dec. 29, 1999
    • Modified: Apr. 03, 2025
Showing 20 of 294853 Results