Total
29099 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-1999-1092 | 1 Iain Lea | 1 Tin | 2024-08-01 | N/A |
| tin 1.40 creates the .tin directory with insecure permissions, which allows local users to read passwords from the .inputhistory file. | ||||
| CVE-1999-1097 | 1 Microsoft | 1 Netmeeting | 2024-08-01 | N/A |
| Microsoft NetMeeting 2.1 allows one client to read the contents of another client's clipboard via a CTRL-C in the chat box when the box is empty. | ||||
| CVE-1999-1080 | 1 Sun | 1 Sunos | 2024-08-01 | N/A |
| rmmount in SunOS 5.7 may mount file systems without the nosuid flag set, contrary to the documentation and its use in previous versions of SunOS, which could allow local users with physical access to gain root privileges by mounting a floppy or CD-ROM that contains a setuid program and running volcheck, when the file systems do not have the nosuid option specified in rmmount.conf. | ||||
| CVE-1999-1073 | 1 Excite | 1 Ews | 2024-08-01 | N/A |
| Excite for Web Servers (EWS) 1.1 records the first two characters of a plaintext password in the beginning of the encrypted password, which makes it easier for an attacker to guess passwords via a brute force or dictionary attack. | ||||
| CVE-1999-1103 | 1 Digital | 1 Osf 1 | 2024-08-01 | N/A |
| dxconsole in DEC OSF/1 3.2C and earlier allows local users to read arbitrary files by specifying the file with the -file parameter. | ||||
| CVE-1999-1120 | 1 Sgi | 1 Irix | 2024-08-01 | N/A |
| netprint in SGI IRIX 6.4 and earlier trusts the PATH environmental variable for finding and executing the disable program, which allows local users to gain privileges. | ||||
| CVE-1999-1082 | 1 T. Hauck | 1 Jana Web Server | 2024-08-01 | N/A |
| Directory traversal vulnerability in Jana proxy web server 1.40 allows remote attackers to ready arbitrary files via a "......" (modified dot dot) attack. | ||||
| CVE-1999-1091 | 2 Rtin, Tin | 2 Rtin, Tin | 2024-08-01 | N/A |
| UNIX news readers tin and rtin create the /tmp/.tin_log file with insecure permissions and follow symlinks, which allows attackers to modify the permissions of files writable by the user via a symlink attack. | ||||
| CVE-1999-1126 | 1 Cisco | 1 Resource Manager | 2024-08-01 | N/A |
| Cisco Resource Manager (CRM) 1.1 and earlier creates certain files with insecure permissions that allow local users to obtain sensitive configuration information including usernames, passwords, and SNMP community strings, from (1) swim_swd.log, (2) swim_debug.log, (3) dbi_debug.log, and (4) temporary files whose names begin with "DPR_". | ||||
| CVE-1999-1093 | 1 Microsoft | 1 Internet Explorer | 2024-08-01 | N/A |
| Buffer overflow in the Window.External function in the JScript Scripting Engine in Internet Explorer 4.01 SP1 and earlier allows remote attackers to execute arbitrary commands via a malicious web page. | ||||
| CVE-1999-1106 | 1 Kde | 1 Kde | 2024-08-01 | N/A |
| Buffer overflow in kppp in KDE allows local users to gain root access via a long -c (account_name) command line argument. | ||||
| CVE-1999-1084 | 1 Microsoft | 1 Windows Nt | 2024-08-01 | N/A |
| The "AEDebug" registry key is installed with insecure permissions, which allows local users to modify the key to specify a Trojan Horse debugger which is automatically executed on a system crash. | ||||
| CVE-1999-1095 | 2 Redhat, Slackware | 2 Linux, Slackware Linux | 2024-08-01 | N/A |
| sort creates temporary files and follows symbolic links, which allows local users to modify arbitrary files that are writable by the user running sort, as observed in updatedb and other programs that use sort. | ||||
| CVE-1999-1134 | 1 Hp | 1 Hp-ux | 2024-08-01 | N/A |
| Vulnerability in Vue 3.0 in HP 9.x allows local users to gain root privileges, as fixed by PHSS_4038, PHSS_4055, and PHSS_4066. | ||||
| CVE-1999-1104 | 1 Microsoft | 1 Windows 95 | 2024-08-01 | N/A |
| Windows 95 uses weak encryption for the password list (.pwl) file used when password caching is enabled, which allows local users to gain privileges by decrypting the passwords. | ||||
| CVE-1999-1083 | 1 T. Hauck | 1 Jana Web Server | 2024-08-01 | N/A |
| Directory traversal vulnerability in Jana proxy web server 1.45 allows remote attackers to ready arbitrary files via a .. (dot dot) attack. | ||||
| CVE-1999-1086 | 1 Novell | 1 Netware | 2024-08-01 | N/A |
| Novell 5 and earlier, when running over IPX with a packet signature level less than 3, allows remote attackers to gain administrator privileges by spoofing the MAC address in IPC fragmented packets that make NetWare Core Protocol (NCP) calls. | ||||
| CVE-1999-1069 | 1 Icat | 1 Electronic Commerce Suite | 2024-08-01 | N/A |
| Directory traversal vulnerability in carbo.dll in iCat Carbo Server 3.0.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the icatcommand parameter. | ||||
| CVE-1999-1102 | 4 Apple, Bsd, Sgi and 1 more | 4 A Ux, Bsd, Irix and 1 more | 2024-08-01 | N/A |
| lpr on SunOS 4.1.1, BSD 4.3, A/UX 2.0.1, and other BSD-based operating systems allows local users to create or overwrite arbitrary files via a symlink attack that is triggered after invoking lpr 1000 times. | ||||
| CVE-1999-1100 | 1 Cisco | 1 Pix Private Link | 2024-08-01 | N/A |
| Cisco PIX Private Link 4.1.6 and earlier does not properly process certain commands in the configuration file, which reduces the effective key length of the DES key to 48 bits instead of 56 bits, which makes it easier for an attacker to find the proper key via a brute force attack. | ||||