Total
29750 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-1999-1398 | 1 Sgi | 1 Irix | 2025-04-03 | N/A |
| Vulnerability in xfsdump in SGI IRIX may allow local users to obtain root privileges via the bck.log log file, possibly via a symlink attack. | ||||
| CVE-1999-1405 | 1 Ibm | 1 Aix | 2025-04-03 | N/A |
| snap command in AIX before 4.3.2 creates the /tmp/ibmsupt directory with world-readable permissions and does not remove or clear the directory when snap -a is executed, which could allow local users to access the shadowed password file by creating /tmp/ibmsupt/general/passwd before root runs snap -a. | ||||
| CVE-1999-1409 | 2 Netbsd, Sgi | 2 Netbsd, Irix | 2025-04-03 | N/A |
| The at program in IRIX 6.2 and NetBSD 1.3.2 and earlier allows local users to read portions of arbitrary files by submitting the file to at with the -f argument, which generates error messages that at sends to the user via e-mail. | ||||
| CVE-1999-1416 | 1 Inso | 1 Dwhttpd | 2025-04-03 | N/A |
| AnswerBook2 (AB2) web server dwhttpd 3.1a4 allows remote attackers to cause a denial of service (resource exhaustion) via an HTTP POST request with a large content-length. | ||||
| CVE-1999-1421 | 1 N-base | 2 Nh208, Nh215 | 2025-04-03 | N/A |
| NBase switches NH208 and NH215 run a TFTP server which allows remote attackers to send software updates to modify the switch or cause a denial of service (crash) by guessing the target filenames, which have default names. | ||||
| CVE-1999-1423 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
| ping in Solaris 2.3 through 2.6 allows local users to cause a denial of service (crash) via a ping request to a multicast address through the loopback interface, e.g. via ping -i. | ||||
| CVE-2000-0097 | 1 Microsoft | 1 Index Server | 2025-04-03 | N/A |
| The WebHits ISAPI filter in Microsoft Index Server allows remote attackers to read arbitrary files, aka the "Malformed Hit-Highlighting Argument" vulnerability. | ||||
| CVE-1999-1424 | 1 Sun | 1 Solstice Adminsuite | 2025-04-03 | N/A |
| Solaris Solstice AdminSuite (AdminSuite) 2.1 uses unsafe permissions when adding new users to the NIS+ password table, which allows local users to gain root access by modifying their password table entries. | ||||
| CVE-2000-0098 | 1 Microsoft | 1 Index Server | 2025-04-03 | N/A |
| Microsoft Index Server allows remote attackers to determine the real path for a web directory via a request to an Internet Data Query file that does not exist. | ||||
| CVE-1999-1426 | 1 Sun | 1 Solstice Adminsuite | 2025-04-03 | N/A |
| Solaris Solstice AdminSuite (AdminSuite) 2.1 follows symbolic links when updating an NIS database, which allows local users to overwrite arbitrary files. | ||||
| CVE-2002-1635 | 1 Oracle | 1 Application Server | 2025-04-03 | N/A |
| The Apache configuration file (httpd.conf) in Oracle 9i Application Server (9iAS) uses a Location alias for /perl directory instead of a ScriptAlias, which allows remote attackers to read the source code of arbitrary CGI files via a URL containing the /perl directory instead of /cgi-bin. | ||||
| CVE-1999-1438 | 1 Sun | 1 Sunos | 2025-04-03 | N/A |
| Vulnerability in /bin/mail in SunOS 4.1.1 and earlier allows local users to gain root privileges via certain command line arguments. | ||||
| CVE-2000-0101 | 1 Make-a-store | 1 Orderpage | 2025-04-03 | N/A |
| The Make-a-Store OrderPage shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. | ||||
| CVE-1999-1449 | 1 Sun | 1 Sunos | 2025-04-03 | N/A |
| SunOS 4.1.4 on a Sparc 20 machine allows local users to cause a denial of service (kernel panic) by reading from the /dev/tcx0 TCX device. | ||||
| CVE-1999-1452 | 1 Microsoft | 1 Windows Nt | 2025-04-03 | N/A |
| GINA in Windows NT 4.0 allows attackers with physical access to display a portion of the clipboard of the user who has locked the workstation by pasting (CTRL-V) the contents into the username prompt. | ||||
| CVE-2002-1640 | 1 Oracle | 1 Configurator | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Oracle Configurator before 11.5.7.17.32 and 11.5.6.16.53 allows remote attackers to inject arbitrary web script or HTML via (1) Text Features in the DHTML UI or (2) the test parameter to the oracle.apps.cz.servlet.UiServlet servlet. | ||||
| CVE-1999-1458 | 1 Digital | 1 Unix | 2025-04-03 | N/A |
| Buffer overflow in at program in Digital UNIX 4.0 allows local users to gain root privileges via a long command line argument. | ||||
| CVE-1999-1466 | 1 Cisco | 1 Ios | 2025-04-03 | N/A |
| Vulnerability in Cisco routers versions 8.2 through 9.1 allows remote attackers to bypass access control lists when extended IP access lists are used on certain interfaces, the IP route cache is enabled, and the access list uses the "established" keyword. | ||||
| CVE-1999-1468 | 4 Cray, Next, Sgi and 1 more | 4 Unicos, Next, Irix and 1 more | 2025-04-03 | N/A |
| rdist in various UNIX systems uses popen to execute sendmail, which allows local users to gain root privileges by modifying the IFS (Internal Field Separator) variable. | ||||
| CVE-2000-0105 | 1 Microsoft | 1 Outlook Express | 2025-04-03 | N/A |
| Outlook Express 5.01 and Internet Explorer 5.01 allow remote attackers to view a user's email messages via a script that accesses a variable that references subsequent email messages that are read by the client. | ||||