Search
127,949 CVEs · High severity
CVEs (127,949, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 276–300 of 127,949 (capped at 500)
| CVE ID ↑ | Severity | Patch | CVSS | Published | Description |
|---|---|---|---|---|---|
| CVE-1999-0477 | HIGH | 7.5 | 1999-12-25 | The Expression Evaluator in the ColdFusion Application Server allows a remote attacker to upload files to the server via openfile.cfm, which does not restrict access to the… | |
| CVE-1999-0488 | HIGH | 7.5 | 1999-04-21 | Internet Explorer 4.0 and 5.0 allows a remote attacker to execute security scripts in a different security context using malicious URLs, a variant of the "cross frame" vuln… | |
| CVE-1999-0489 | HIGH | 10.0 | 1999-05-17 | MSHTML.DLL in Internet Explorer 5.0 allows a remote attacker to paste a file name into the file upload intrinsic control, a variant of "untrusted scripted paste" as describ… | |
| CVE-1999-0490 | HIGH | 7.5 | 1999-04-21 | MSHTML.DLL in Internet Explorer 5.0 allows a remote attacker to learn information about a local user's files via an IMG SRC tag. | |
| CVE-1999-0492 | HIGH | 10.0 | 1999-04-23 | The ffingerd 1.19 allows remote attackers to identify users on the target system based on its responses. | |
| CVE-1999-0493 | HIGH | 7.5 | 1999-06-07 | rpc.statd allows remote attackers to forward RPC calls to the local operating system via the SM_MON and SM_NOTIFY commands, which in turn could be used to remotely exploit … | |
| CVE-1999-0495 | HIGH | 10.0 | 1999-01-01 | A remote attacker can gain access to a file system using .. (dot dot) when accessing SMB shares. | |
| CVE-1999-0496 | HIGH | 7.2 | 1997-01-01 | A Windows NT 4.0 user can gain administrative rights by forcing NtOpenProcessToken to succeed regardless of the user's permissions, aka GetAdmin. | |
| CVE-1999-0498 | HIGH | 10.0 | 1991-09-27 | TFTP is not running in a restricted directory, allowing a remote attacker to access sensitive information such as password files. | |
| CVE-1999-0499 | HIGH | 7.5 | 1997-01-01 | NETBIOS share information may be published through SNMP registry keys in NT. | |
| CVE-1999-0502 | HIGH | 7.5 | 1998-03-01 | A Unix account has a default, null, blank, or missing password. | |
| CVE-1999-0503 | HIGH | 7.2 | 1997-01-01 | A Windows NT local user or administrator account has a guessable password. | |
| CVE-1999-0504 | HIGH | 7.5 | 1997-01-01 | A Windows NT local user or administrator account has a default, null, blank, or missing password. | |
| CVE-1999-0505 | HIGH | 7.2 | 1998-10-01 | A Windows NT domain user or administrator account has a guessable password. | |
| CVE-1999-0506 | HIGH | 7.2 | 1998-10-01 | A Windows NT domain user or administrator account has a default, null, blank, or missing password. | |
| CVE-1999-0507 | HIGH | 7.5 | 1998-04-01 | An account on a router, firewall, or other network device has a guessable password. | |
| CVE-1999-0509 | HIGH | 10.0 | 1996-05-29 | Perl, sh, csh, or other shell interpreters are installed in the cgi-bin directory on a WWW site, which allows remote attackers to execute arbitrary commands. | |
| CVE-1999-0510 | HIGH | 7.5 | 1997-01-01 | A router or firewall allows source routed packets from arbitrary hosts. | |
| CVE-1999-0512 | HIGH | 10.0 | 1999-01-01 | A mail server is explicitly configured to allow SMTP mail relay, which allows abuse by spammers. | |
| CVE-1999-0515 | HIGH | 10.0 | 1999-01-01 | An unrestricted remote trust relationship for Unix systems has been set up, e.g. by using a + sign in /etc/hosts.equiv. | |
| CVE-1999-0516 | HIGH | 7.5 | 1998-08-01 | An SNMP community name is guessable. | |
| CVE-1999-0518 | HIGH | 7.5 | 1997-01-01 | A NETBIOS/SMB share password is guessable. | |
| CVE-1999-0519 | HIGH | 7.5 | 1997-01-01 | A NETBIOS/SMB share password is the default, null, or missing. | |
| CVE-1999-0521 | HIGH | 7.2 | 1997-01-01 | An NIS domain name is easily guessable. | |
| CVE-1999-0522 | HIGH | 7.2 | 1996-05-28 | The permissions for a system-critical NIS+ table (e.g. passwd) are inappropriate. |