Search
153,552 CVEs · Medium severity
CVEs (153,552, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 326–350 of 153,552 (capped at 500)
| CVE ID ↑ | Severity | Patch | CVSS | Published | Description |
|---|---|---|---|---|---|
| CVE-1999-1015 | MEDIUM | 5.0 | 1998-04-08 | Buffer overflow in Apple AppleShare Mail Server 5.0.3 on MacOS 8.1 and earlier allows a remote attacker to cause a denial of service (crash) via a long HELO command. | |
| CVE-1999-1016 | MEDIUM | 5.0 | 1999-08-27 | Microsoft HTML control as used in (1) Internet Explorer 5.0, (2) FrontPage Express, (3) Outlook Express 5, and (4) Eudora, and possibly others, allows remote malicious web … | |
| CVE-1999-1022 | MEDIUM | 6.2 | 1994-10-02 | serial_ports administrative program in IRIX 4.x and 5.x trusts the user's PATH environmental variable to find and execute the ls program, which allows local users to gain r… | |
| CVE-1999-1023 | MEDIUM | 4.6 | 1999-06-10 | useradd in Solaris 7.0 does not properly interpret certain date formats as specified in the "-e" (expiration date) argument, which could allow users to login after their ac… | |
| CVE-1999-1025 | MEDIUM | 4.6 | 1998-11-12 | CDE screen lock program (screenlock) on Solaris 2.6 does not properly lock an unprivileged user's console session when the host is an NIS+ client, which allows others with … | |
| CVE-1999-1028 | MEDIUM | 5.0 | 1999-05-28 | Symantec pcAnywhere 8.0 allows remote attackers to cause a denial of service (CPU utilization) via a large amount of data to port 5631. | |
| CVE-1999-1030 | MEDIUM | 5.0 | 1999-05-19 | counter.exe 2.70 allows a remote attacker to cause a denial of service (hang) via an HTTP request that ends in %0A (newline), which causes a malformed entry in the counter … | |
| CVE-1999-1031 | MEDIUM | 5.0 | 1999-05-19 | counter.exe 2.70 allows a remote attacker to cause a denial of service (hang) via a long argument. | |
| CVE-1999-1033 | MEDIUM | Patched | 5.0 | 1999-05-11 | Microsoft Outlook Express before 4.72.3612.1700 allows a malicious user to send a message that contains a .., which can inadvertently cause Outlook to re-enter POP3 command… |
| CVE-1999-1035 | MEDIUM | 5.0 | 1999-12-31 | IIS 3.0 and 4.0 on x86 and Alpha allows remote attackers to cause a denial of service (hang) via a malformed GET request, aka the IIS "GET" vulnerability. | |
| CVE-1999-1043 | MEDIUM | 5.0 | 1999-12-31 | Microsoft Exchange Server 5.5 and 5.0 does not properly handle (1) malformed NNTP data, or (2) malformed SMTP data, which allows remote attackers to cause a denial of servi… | |
| CVE-1999-1044 | MEDIUM | Patched | 4.6 | 1998-05-07 | Vulnerability in Advanced File System Utility (advfs) in Digital UNIX 4.0 through 4.0d allows local users to gain privileges. |
| CVE-1999-1048 | MEDIUM | 4.6 | 1998-09-05 | Buffer overflow in bash 2.0.0, 1.4.17, and other versions allows local attackers to gain privileges by creating an extremely large directory name, which is inserted into th… | |
| CVE-1999-1050 | MEDIUM | 5.0 | 1999-11-12 | Directory traversal vulnerability in Matt Wright FormHandler.cgi script allows remote attackers to read arbitrary files via (1) a .. (dot dot) in the reply_message_attach a… | |
| CVE-1999-1051 | MEDIUM | 5.0 | 1999-11-16 | Default configuration in Matt Wright FormHandler.cgi script allows arbitrary directories to be used for attachments, and only restricts access to the /etc/ directory, which… | |
| CVE-1999-1052 | MEDIUM | 5.0 | 1999-08-24 | Microsoft FrontPage stores form results in a default location in /_private/form_results.txt, which is world-readable and accessible in the document root, which allows remot… | |
| CVE-1999-1054 | MEDIUM | 5.0 | 1998-09-25 | The default configuration of FLEXlm license manager 6.0d, and possibly other versions, allows remote attackers to shut down the server via the lmdown command. | |
| CVE-1999-1057 | MEDIUM | Patched | 4.6 | 1990-10-25 | VMS 4.0 through 5.3 allows local users to gain privileges via the ANALYZE/PROCESS_DUMP dcl command. |
| CVE-1999-1060 | MEDIUM | 5.0 | 1999-02-17 | Buffer overflow in Tetrix TetriNet daemon 1.13.16 allows remote attackers to cause a denial of service and possibly execute arbitrary commands by connecting to port 31457 f… | |
| CVE-1999-1066 | MEDIUM | 5.0 | 1999-12-22 | Quake 1 server responds to an initial UDP game connection request with a large amount of traffic, which allows remote attackers to use the server as an amplifier in a "Smur… | |
| CVE-1999-1067 | MEDIUM | 5.0 | 1997-05-07 | SGI MachineInfo CGI program, installed by default on some web servers, prints potentially sensitive system status information, which could be used by remote attackers for i… | |
| CVE-1999-1068 | MEDIUM | 5.0 | 1997-07-23 | Oracle Webserver 2.1, when serving PL/SQL stored procedures, allows remote attackers to cause a denial of service via a long HTTP GET request. | |
| CVE-1999-1069 | MEDIUM | 5.0 | 1997-11-08 | Directory traversal vulnerability in carbo.dll in iCat Carbo Server 3.0.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the icatcommand parameter. | |
| CVE-1999-1070 | MEDIUM | 5.0 | 1998-07-25 | Buffer overflow in ping CGI program in Xylogics Annex terminal service allows remote attackers to cause a denial of service via a long query parameter. | |
| CVE-1999-1075 | MEDIUM | 5.0 | 1998-03-18 | inetd in AIX 4.1.5 dynamically assigns a port N when starting ttdbserver (ToolTalk server), but also inadvertently listens on port N-1 without passing control to ttdbserver… |