Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-1531 | 1 Ibm | 1 Homepageprint | 2016-10-17 | 7.5 HIGH | N/A |
| Buffer overflow in IBM HomePagePrint 1.0.7 for Windows98J allows a malicious Web site to execute arbitrary code on a viewer's system via a long IMG_SRC HTML tag. | |||||
| CVE-1999-1524 | 1 Flowpoint | 1 Flowpoint Dsl Router | 2016-10-17 | 5.0 MEDIUM | N/A |
| FlowPoint DSL router firmware versions prior to 3.0.8 allows a remote attacker to exploit a password recovery feature from the network and conduct brute force password guessing, instead of limiting the feature to the serial console port. | |||||
| CVE-1999-1436 | 1 Ray Chan | 1 Www Authorization Gateway | 2016-10-17 | 7.5 HIGH | N/A |
| Ray Chan WWW Authorization Gateway 0.1 CGI program allows remote attackers to execute arbitrary commands via shell metacharacters in the "user" parameter. | |||||
| CVE-1999-1437 | 1 Ralf S. Engelschall | 1 Eperl | 2016-10-17 | 7.5 HIGH | N/A |
| ePerl 2.2.12 allows remote attackers to read arbitrary files and possibly execute certain commands by specifying a full pathname of the target file as an argument to bar.phtml. | |||||
| CVE-1999-1397 | 1 Microsoft | 1 Index Server | 2016-10-17 | 7.5 HIGH | N/A |
| Index Server 2.0 on IIS 4.0 stores physical path information in the ContentIndex\Catalogs subkey of the AllowedPaths registry key, whose permissions allows local and remote users to obtain the physical paths of directories that are being indexed. | |||||
| CVE-1999-1398 | 1 Sgi | 1 Irix | 2016-10-17 | 6.2 MEDIUM | N/A |
| Vulnerability in xfsdump in SGI IRIX may allow local users to obtain root privileges via the bck.log log file, possibly via a symlink attack. | |||||
| CVE-1999-1399 | 1 Sgi | 1 Irix | 2016-10-17 | 7.2 HIGH | N/A |
| spaceball program in SpaceWare 7.3 v1.0 in IRIX 6.2 allows local users to gain root privileges by setting the HOSTNAME environmental variable to contain the commands to be executed. | |||||
| CVE-1999-1400 | 1 The Economist | 1 The Economist 1999 Screen Saver | 2016-10-17 | 2.1 LOW | N/A |
| The Economist screen saver 1999 with the "Password Protected" option enabled allows users with physical access to the machine to bypass the screen saver and read files by running Internet Explorer while the screen is still locked. | |||||
| CVE-1999-1410 | 1 Sgi | 1 Irix | 2016-10-17 | 6.2 MEDIUM | N/A |
| addnetpr in IRIX 5.3 and 6.2 allows local users to overwrite arbitrary files and possibly gain root privileges via a symlink attack on the printers temporary file. | |||||
| CVE-1999-1405 | 1 Ibm | 1 Aix | 2016-10-17 | 10.0 HIGH | N/A |
| snap command in AIX before 4.3.2 creates the /tmp/ibmsupt directory with world-readable permissions and does not remove or clear the directory when snap -a is executed, which could allow local users to access the shadowed password file by creating /tmp/ibmsupt/general/passwd before root runs snap -a. | |||||
| CVE-1999-1406 | 1 Redhat | 1 Linux | 2016-10-17 | 2.1 LOW | N/A |
| dumpreg in Red Hat Linux 5.1 opens /dev/mem with O_RDWR access, which allows local users to cause a denial of service (crash) by redirecting fd 1 (stdout) to the kernel. | |||||
| CVE-1999-1407 | 1 Redhat | 1 Linux | 2016-10-17 | 2.1 LOW | N/A |
| ifdhcpc-done script for configuring DHCP on Red Hat Linux 5 allows local users to append text to arbitrary files via a symlink attack on the dhcplog file. | |||||
| CVE-1999-1408 | 2 Hp, Ibm | 2 Hp-ux, Aix | 2016-10-17 | 2.1 LOW | N/A |
| Vulnerability in AIX 4.1.4 and HP-UX 10.01 and 9.05 allows local users to cause a denial of service (crash) by using a socket to connect to a port on the localhost, calling shutdown to clear the socket, then using the same socket to connect to a different port on localhost. | |||||
| CVE-1999-1409 | 2 Netbsd, Sgi | 2 Netbsd, Irix | 2016-10-17 | 2.1 LOW | N/A |
| The at program in IRIX 6.2 and NetBSD 1.3.2 and earlier allows local users to read portions of arbitrary files by submitting the file to at with the -f argument, which generates error messages that at sends to the user via e-mail. | |||||
| CVE-1999-1414 | 1 Ibm | 1 Netfinity Remote Control | 2016-10-17 | 7.2 HIGH | N/A |
| IBM Netfinity Remote Control allows local users to gain administrator privileges by starting programs from the process manager, which runs with system level privileges. | |||||
| CVE-1999-1420 | 1 N-base | 5 Nh2012, Nh2012r, Nh2015 and 2 more | 2016-10-17 | 10.0 HIGH | N/A |
| NBase switches NH2012, NH2012R, NH2015, and NH2048 have a back door password that cannot be disabled, which allows remote attackers to modify the switch's configuration. | |||||
| CVE-1999-1421 | 1 N-base | 2 Nh208, Nh215 | 2016-10-17 | 6.4 MEDIUM | N/A |
| NBase switches NH208 and NH215 run a TFTP server which allows remote attackers to send software updates to modify the switch or cause a denial of service (crash) by guessing the target filenames, which have default names. | |||||
| CVE-1999-1422 | 1 Slackware | 1 Slackware Linux | 2016-10-17 | 7.2 HIGH | N/A |
| The default configuration of Slackware 3.4, and possibly other versions, includes . (dot, the current directory) in the PATH environmental variable, which could allow local users to create Trojan horse programs that are inadvertently executed by other users. | |||||
| CVE-1999-1430 | 1 Royal | 1 Davinci | 2016-10-17 | 2.1 LOW | N/A |
| PIM software for Royal daVinci does not properly password-protext access to data stored in the .mdb (Microsoft Access) file, which allows local users to read the data without a password by directly accessing the files with a different application, such as Access. | |||||
| CVE-1999-1429 | 1 Dit | 1 Transferpro | 2016-10-17 | 2.1 LOW | N/A |
| DIT TransferPro installs devices with world-readable and world-writable permissions, which could allow local users to damage disks through the ff device driver. | |||||