Search
153,552 CVEs · Medium severity
CVEs (153,552, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 176–200 of 153,552 (capped at 500)
| CVE ID ↑ | Severity | Patch | CVSS | Published | Description |
|---|---|---|---|---|---|
| CVE-1999-0546 | MEDIUM | 4.6 | 1998-10-01 | The Windows NT guest account is enabled. | |
| CVE-1999-0551 | MEDIUM | 4.6 | 1998-04-01 | HP OpenMail can be misconfigured to allow users to run arbitrary commands using malicious print requests. | |
| CVE-1999-0566 | MEDIUM | 5.0 | 1997-08-01 | An attacker can write to syslog files from any location, causing a denial of service by filling up the logs, and hiding activities. | |
| CVE-1999-0578 | MEDIUM | 4.6 | 1999-01-01 | A Windows NT system's registry audit policy does not log an event success or failure for security-critical registry keys. | |
| CVE-1999-0582 | MEDIUM | 5.0 | 1997-01-01 | A Windows NT account policy has inappropriate, security-critical settings for lockout, e.g. lockout duration, lockout after bad logon attempts, etc. | |
| CVE-1999-0593 | MEDIUM | 4.9 | 1999-01-01 | The default setting for the Winlogon key entry ShutdownWithoutLogon in Windows NT allows users with physical access to shut down a Windows NT system without logging in. | |
| CVE-1999-0604 | MEDIUM | 5.0 | 1999-04-20 | An incorrect configuration of the WebStore 1.0 shopping cart CGI program "web_store.cgi" could disclose private information. | |
| CVE-1999-0605 | MEDIUM | 5.0 | 1999-04-01 | An incorrect configuration of the Order Form 1.0 shopping cart CGI program could disclose private information. | |
| CVE-1999-0606 | MEDIUM | 5.0 | 1999-04-01 | An incorrect configuration of the EZMall 2000 shopping cart CGI program "mall2000.cgi" could disclose private information. | |
| CVE-1999-0607 | MEDIUM | 5.0 | 1999-04-20 | quikstore.cgi in QuikStore shopping cart stores quikstore.cfg under the web document root with insufficient access control, which allows remote attackers to obtain the clea… | |
| CVE-1999-0608 | MEDIUM | 5.0 | 1999-04-01 | An incorrect configuration of the PDG Shopping Cart CGI program "shopper.cgi" could disclose private information. | |
| CVE-1999-0609 | MEDIUM | 5.0 | 1999-04-01 | An incorrect configuration of the SoftCart CGI program "SoftCart.exe" could disclose private information. | |
| CVE-1999-0610 | MEDIUM | 5.0 | 1999-04-01 | An incorrect configuration of the Webcart CGI program could disclose private information. | |
| CVE-1999-0628 | MEDIUM | 5.0 | 1997-07-01 | The rwho/rwhod service is running, which exposes machine status and user information. | |
| CVE-1999-0650 | MEDIUM | 5.0 | 1999-01-01 | The netstat service is running, which provides sensitive information to remote attackers. | |
| CVE-1999-0656 | MEDIUM | 5.0 | 1999-01-01 | The ugidd RPC interface, by design, allows remote attackers to enumerate valid usernames by specifying arbitrary UIDs that ugidd maps to local user and group names. | |
| CVE-1999-0668 | MEDIUM | 5.1 | 1999-08-21 | The scriptlet.typelib ActiveX control is marked as "safe for scripting" for Internet Explorer, which allows a remote attacker to execute arbitrary commands as demonstrated … | |
| CVE-1999-0669 | MEDIUM | 4.0 | 1999-09-01 | The Eyedog ActiveX control is marked as "safe for scripting" for Internet Explorer, which allows a remote attacker to execute arbitrary commands as demonstrated by Bubbleboy. | |
| CVE-1999-0670 | MEDIUM | 4.0 | 1999-09-01 | Buffer overflow in the Eyedog ActiveX control allows a remote attacker to execute arbitrary commands. | |
| CVE-1999-0671 | MEDIUM | 5.1 | 1999-08-03 | Buffer overflow in ToxSoft NextFTP client through CWD command. | |
| CVE-1999-0672 | MEDIUM | 5.1 | 1999-08-01 | Buffer overflow in Fujitsu Chocoa IRC client via IRC channel topics. | |
| CVE-1999-0673 | MEDIUM | 5.1 | 1999-08-08 | Buffer overflow in ALMail32 POP3 client via From: or To: headers. | |
| CVE-1999-0675 | MEDIUM | 5.0 | 1999-08-09 | Check Point FireWall-1 can be subjected to a denial of service via UDP packets that are sent through VPN-1 to port 0 of a host. | |
| CVE-1999-0676 | MEDIUM | 4.6 | 1999-08-09 | sdtcm_convert in Solaris 2.6 allows a local user to overwrite sensitive files via a symlink attack. | |
| CVE-1999-0678 | MEDIUM | 5.0 | 1999-01-17 | A default configuration of Apache on Debian GNU/Linux sets the ServerRoot to /usr/doc, which allows remote users to read documentation files for the entire server. |