Search
153,531 CVEs · Medium severity
CVEs (153,531, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 76–100 of 153,531 (capped at 500)
| CVE ID | Severity | Patch | CVSS | Published ↑ | Description |
|---|---|---|---|---|---|
| CVE-1999-0259 | MEDIUM | 5.0 | 1997-05-23 | cfingerd lists all users on a system via search.**@target. | |
| CVE-1999-0035 | MEDIUM | 5.4 | 1997-05-29 | Race condition in signal handling routine in ftpd, allowing read/write arbitrary files. | |
| CVE-1999-0227 | MEDIUM | 5.0 | 1997-06-01 | Access violation in LSASS.EXE (LSA/LSARPC) program in Windows NT allows a denial of service. | |
| CVE-1999-0281 | MEDIUM | 5.0 | 1997-06-01 | Denial of service in IIS using long URLs. | |
| CVE-1999-0275 | MEDIUM | 5.0 | 1997-06-10 | Denial of service in Windows NT DNS servers by flooding port 53 with too many characters. | |
| CVE-1999-0083 | MEDIUM | 5.0 | 1997-06-11 | getcwd() file descriptor leak in FTP. | |
| CVE-1999-1266 | MEDIUM | Patched | 5.0 | 1997-06-13 | rsh daemon (rshd) generates different error messages when a valid username is provided versus an invalid name, which allows remote attackers to determine valid users on the system. |
| CVE-1999-1483 | MEDIUM | Patched | 4.6 | 1997-06-19 | Buffer overflow in zgv in svgalib 1.2.10 and earlier allows local users to execute arbitrary code via a long HOME environment variable. |
| CVE-1999-0074 | MEDIUM | 6.4 | 1997-07-01 | Listening TCP ports are sequentially allocated, allowing spoofing attacks. | |
| CVE-1999-0076 | MEDIUM | 5.0 | 1997-07-01 | Buffer overflow in wu-ftp from PASV command causes a core dump. | |
| CVE-1999-0111 | MEDIUM | 5.0 | 1997-07-01 | RIP v1 is susceptible to spoofing. | |
| CVE-1999-0153 | MEDIUM | 5.0 | 1997-07-01 | Windows 95/NT out of band (OOB) data denial of service through NETBIOS port, aka WinNuke. | |
| CVE-1999-0156 | MEDIUM | 4.6 | 1997-07-01 | wu-ftpd FTP daemon allows any user and password combination. | |
| CVE-1999-0184 | MEDIUM | 6.4 | 1997-07-01 | When compiled with the -DALLOW_UPDATES option, bind allows dynamic updates to the DNS server, allowing for malicious modification of DNS records. | |
| CVE-1999-0195 | MEDIUM | 5.0 | 1997-07-01 | Denial of service in RPC portmapper allows attackers to register or unregister RPC services or spoof RPC services using a spoofed source IP address such as 127.0.0.1. | |
| CVE-1999-0628 | MEDIUM | 5.0 | 1997-07-01 | The rwho/rwhod service is running, which exposes machine status and user information. | |
| CVE-1999-1326 | MEDIUM | 5.0 | 1997-07-04 | wu-ftpd 2.4 FTP server does not properly drop privileges when an ABOR (abort file transfer) command is executed during a file transfer, which causes a signal to be handled … | |
| CVE-1999-0196 | MEDIUM | 5.0 | 1997-07-08 | websendmail in Webgais 1.0 allows a remote user to access arbitrary files and execute arbitrary code via the receiver parameter ($VAR_receiver variable). | |
| CVE-1999-1463 | MEDIUM | Patched | 5.0 | 1997-07-10 | Windows NT 4.0 before SP3 allows remote attackers to bypass firewall restrictions or cause a denial of service (crash) by sending improperly fragmented IP packets without t… |
| CVE-1999-0026 | MEDIUM | 4.6 | 1997-07-16 | root privileges via buffer overflow in pset command on SGI IRIX systems. | |
| CVE-1999-1068 | MEDIUM | 5.0 | 1997-07-23 | Oracle Webserver 2.1, when serving PL/SQL stored procedures, allows remote attackers to cause a denial of service via a long HTTP GET request. | |
| CVE-1999-1217 | MEDIUM | 4.6 | 1997-07-25 | The PATH in Windows NT includes the current working directory (.), which could allow local users to gain privileges by placing Trojan horse programs with the same name as c… | |
| CVE-1999-1308 | MEDIUM | 4.6 | 1997-07-31 | Certain programs in HP-UX 10.20 do not properly handle large user IDs (UID) or group IDs (GID) over 60000, which could allow local users to gain privileges. | |
| CVE-1999-0524 | MEDIUM | 4.0 | 1997-08-01 | ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts. | |
| CVE-1999-0566 | MEDIUM | 5.0 | 1997-08-01 | An attacker can write to syslog files from any location, causing a denial of service by filling up the logs, and hiding activities. |