Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-1999-1066 1 Sgi 1 Quake 1 Server 2026-04-16 N/A
Quake 1 server responds to an initial UDP game connection request with a large amount of traffic, which allows remote attackers to use the server as an amplifier in a "Smurf" style attack on another host, by spoofing the connection request.
CVE-1999-1067 1 Sgi 1 Irix 2026-04-16 N/A
SGI MachineInfo CGI program, installed by default on some web servers, prints potentially sensitive system status information, which could be used by remote attackers for information gathering activities.
CVE-1999-1069 1 Icat 1 Electronic Commerce Suite 2026-04-16 N/A
Directory traversal vulnerability in carbo.dll in iCat Carbo Server 3.0.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the icatcommand parameter.
CVE-1999-1070 1 Xylogics 1 Annex 2026-04-16 N/A
Buffer overflow in ping CGI program in Xylogics Annex terminal service allows remote attackers to cause a denial of service via a long query parameter.
CVE-1999-1071 1 Excite 1 Ews 2026-04-16 N/A
Excite for Web Servers (EWS) 1.1 installs the Architext.conf authentication file with world-writeable permissions, which allows local users to gain access to Excite accounts by modifying the file.
CVE-1999-1072 1 Excite 1 Ews 2026-04-16 N/A
Excite for Web Servers (EWS) 1.1 allows local users to gain privileges by obtaining the encrypted password from the world-readable Architext.conf authentication file and replaying the encrypted password in an HTTP request to AT-generated.cgi or AT-admin.cgi.
CVE-1999-1073 1 Excite 1 Ews 2026-04-16 N/A
Excite for Web Servers (EWS) 1.1 records the first two characters of a plaintext password in the beginning of the encrypted password, which makes it easier for an attacker to guess passwords via a brute force or dictionary attack.
CVE-1999-1074 1 Webmin 1 Webmin 2026-04-16 N/A
Webmin before 0.5 does not restrict the number of invalid passwords that are entered for a valid username, which could allow remote attackers to gain privileges via brute force password cracking.
CVE-1999-1076 1 Apple 1 Macos 2026-04-16 N/A
Idle locking function in MacOS 9 allows local users to bypass the password protection of idled sessions by selecting the "Log Out" option and selecting a "Cancel" option in the dialog box for an application that attempts to verify that the user wants to log out, which returns the attacker into the locked session.
CVE-1999-1078 1 Ipswitch 1 Ws Ftp Pro 2026-04-16 N/A
WS_FTP Pro 6.0 uses weak encryption for passwords in its initialization files, which allows remote attackers to easily decrypt the passwords and gain privileges.
CVE-1999-1079 1 Ibm 1 Aix 2026-04-16 N/A
Vulnerability in ptrace in AIX 4.3 allows local users to gain privileges by attaching to a setgid program.
CVE-1999-1080 1 Sun 1 Sunos 2026-04-16 N/A
rmmount in SunOS 5.7 may mount file systems without the nosuid flag set, contrary to the documentation and its use in previous versions of SunOS, which could allow local users with physical access to gain root privileges by mounting a floppy or CD-ROM that contains a setuid program and running volcheck, when the file systems do not have the nosuid option specified in rmmount.conf.
CVE-1999-1081 1 Novell 1 Web Server 2026-04-16 N/A
Vulnerability in files.pl script in Novell WebServer Examples Toolkit 2 allows remote attackers to read arbitrary files.
CVE-1999-1082 1 T. Hauck 1 Jana Web Server 2026-04-16 N/A
Directory traversal vulnerability in Jana proxy web server 1.40 allows remote attackers to ready arbitrary files via a "......" (modified dot dot) attack.
CVE-1999-1083 1 T. Hauck 1 Jana Web Server 2026-04-16 N/A
Directory traversal vulnerability in Jana proxy web server 1.45 allows remote attackers to ready arbitrary files via a .. (dot dot) attack.
CVE-1999-1084 1 Microsoft 1 Windows Nt 2026-04-16 N/A
The "AEDebug" registry key is installed with insecure permissions, which allows local users to modify the key to specify a Trojan Horse debugger which is automatically executed on a system crash.
CVE-1999-1085 1 Ssh 1 Secure Shell 2026-04-16 N/A
SSH 1.2.25, 1.2.23, and other versions, when used in in CBC (Cipher Block Chaining) or CFB (Cipher Feedback 64 bits) modes, allows remote attackers to insert arbitrary data into an existing stream between an SSH client and server by using a known plaintext attack and computing a valid CRC-32 checksum for the packet, aka the "SSH insertion attack."
CVE-1999-1086 1 Novell 1 Netware 2026-04-16 N/A
Novell 5 and earlier, when running over IPX with a packet signature level less than 3, allows remote attackers to gain administrator privileges by spoofing the MAC address in IPC fragmented packets that make NetWare Core Protocol (NCP) calls.
CVE-1999-1087 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Internet Explorer 4 treats a 32-bit number ("dotless IP address") in the a URL as the hostname instead of an IP address, which causes IE to apply Local Intranet Zone settings to the resulting web page, allowing remote malicious web servers to conduct unauthorized activities by using URLs that contain the dotless IP address for their server.
CVE-1999-1088 1 Hp 1 Hp-ux 2026-04-16 N/A
Vulnerability in chsh command in HP-UX 9.X through 10.20 allows local users to gain privileges.