Search
153,531 CVEs · Medium severity
CVEs (153,531, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 401–425 of 153,531 (capped at 500)
| CVE ID | Severity | Patch | CVSS | Published ↑ | Description |
|---|---|---|---|---|---|
| CVE-1999-0740 | MEDIUM | 6.4 | 1999-08-19 | Remote attackers can cause a denial of service on Linux in.telnetd telnet daemon through a malformed TERM environmental variable. | |
| CVE-1999-1565 | MEDIUM | Patched | 4.6 | 1999-08-20 | Man2html 2.1 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file. |
| CVE-2000-1206 | MEDIUM | Patched | 5.0 | 1999-08-20 | Vulnerability in Apache httpd before 1.3.11, when configured for mass virtual hosting using mod_rewrite, or mod_vhost_alias in Apache 1.3.9, allows remote attackers to retr… |
| CVE-1999-0668 | MEDIUM | 5.1 | 1999-08-21 | The scriptlet.typelib ActiveX control is marked as "safe for scripting" for Internet Explorer, which allows a remote attacker to execute arbitrary commands as demonstrated … | |
| CVE-1999-0720 | MEDIUM | 4.6 | 1999-08-23 | The pt_chown command in Linux allows local users to modify TTY terminal devices that belong to other users. | |
| CVE-1999-1052 | MEDIUM | 5.0 | 1999-08-24 | Microsoft FrontPage stores form results in a default location in /_private/form_results.txt, which is world-readable and accessible in the document root, which allows remot… | |
| CVE-2000-0328 | MEDIUM | 5.0 | 1999-08-24 | Windows NT 4.0 generates predictable random TCP initial sequence numbers (ISN), which allows remote attackers to perform spoofing and session hijacking. | |
| CVE-1999-1235 | MEDIUM | 4.6 | 1999-08-25 | Internet Explorer 5.0 records the username and password for FTP servers in the URL history, which could allow (1) local users to read the information from another user's in… | |
| CVE-1999-0939 | MEDIUM | 5.0 | 1999-08-26 | Denial of service in Debian IRC Epic/epic4 client via a long string. | |
| CVE-1999-1016 | MEDIUM | 5.0 | 1999-08-27 | Microsoft HTML control as used in (1) Internet Explorer 5.0, (2) FrontPage Express, (3) Outlook Express 5, and (4) Eudora, and possibly others, allows remote malicious web … | |
| CVE-1999-1354 | MEDIUM | Patched | 4.6 | 1999-08-30 | E-mail client in Softarc FirstClass Internet Server 5.506 and earlier stores usernames and passwords in cleartext in the files (1) home.fc for version 5.506, (2) network.fc… |
| CVE-1999-1515 | MEDIUM | 5.0 | 1999-08-31 | A non-default configuration in TenFour TFS Gateway 4.0 allows an attacker to cause a denial of service via messages with incorrect sender and recipient addresses, which cau… | |
| CVE-1999-0669 | MEDIUM | 4.0 | 1999-09-01 | The Eyedog ActiveX control is marked as "safe for scripting" for Internet Explorer, which allows a remote attacker to execute arbitrary commands as demonstrated by Bubbleboy. | |
| CVE-1999-0670 | MEDIUM | 4.0 | 1999-09-01 | Buffer overflow in the Eyedog ActiveX control allows a remote attacker to execute arbitrary commands. | |
| CVE-1999-0891 | MEDIUM | 5.0 | 1999-09-01 | The "download behavior" in Internet Explorer 5 allows remote attackers to read arbitrary files via a server-side redirect. | |
| CVE-1999-0685 | MEDIUM | 5.1 | 1999-09-02 | Buffer overflow in Netscape Communicator via EMBED tags in the pluginspage option. | |
| CVE-1999-1356 | MEDIUM | Patched | 4.6 | 1999-09-02 | Compaq Integration Maintenance Utility as used in Compaq Insight Manager agent before SmartStart 4.50 modifies the legal notice caption (LegalNoticeCaption) and text (Legal… |
| CVE-1999-0925 | MEDIUM | Patched | 5.0 | 1999-09-03 | UnityMail allows remote attackers to conduct a denial of service via a large number of MIME headers. |
| CVE-1999-1562 | MEDIUM | Patched | 4.6 | 1999-09-05 | gFTP FTP client 1.13, and other versions before 2.0.0, records a password in plaintext in (1) the log window, or (2) in a log file. |
| CVE-1999-1353 | MEDIUM | 4.6 | 1999-09-07 | Nosque MsgCore 2.14 stores passwords in cleartext: (1) the administrator password in the AdmPasswd registry key, and (2) user passwords in the Userbase.dbf data file, which… | |
| CVE-1999-1377 | MEDIUM | 5.0 | 1999-09-09 | Matt Wright's download.cgi 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the f parameter. | |
| CVE-1999-0910 | MEDIUM | 5.0 | 1999-09-10 | Microsoft Site Server and Commercial Internet System (MCIS) do not set an expiration for a cookie, which could then be cached by a proxy and inadvertently used by a different user. | |
| CVE-1999-1575 | MEDIUM | 5.1 | 1999-09-10 | The Kodak/Wang (1) Image Edit (imgedit.ocx), (2) Image Annotation (imgedit.ocx), (3) Image Scan (imgscan.ocx), (4) Thumbnail Image (imgthumb.ocx), (5) Image Admin (imgadmin… | |
| CVE-1999-0750 | MEDIUM | 5.1 | 1999-09-13 | Hotmail allows Javascript to be executed via the HTML STYLE tag, allowing remote attackers to execute commands on the user's Hotmail account. | |
| CVE-1999-0751 | MEDIUM | 5.0 | 1999-09-13 | Buffer overflow in Accept command in Netscape Enterprise Server 3.6 with the SSL Handshake Patch. |