Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (111 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-1999-0253 1 Microsoft 2 Internet Information Server, Internet Information Services 2025-04-03 N/A
IIS 3.0 with the iis-fix hotfix installed allows remote intruders to read source code for ASP programs by using a %2e instead of a . (dot) in the URL.
CVE-1999-0348 1 Microsoft 1 Internet Information Server 2025-04-03 N/A
IIS ASP caching problem releases sensitive information when two virtual servers share the same physical directory.
CVE-1999-0448 1 Microsoft 1 Internet Information Server 2025-04-03 N/A
IIS 4.0 and Apache log HTTP request methods, regardless of how long they are, allowing a remote attacker to hide the URL they really request.
CVE-1999-0737 1 Microsoft 1 Internet Information Server 2025-04-03 N/A
The viewcode.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files.
CVE-1999-0738 1 Microsoft 1 Internet Information Server 2025-04-03 N/A
The code.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files.
CVE-1999-0777 1 Microsoft 2 Commercial Internet System, Internet Information Server 2025-04-03 N/A
IIS FTP servers may allow a remote attacker to read or delete files on the server, even if they have "No Access" permissions.
CVE-1999-0861 1 Microsoft 4 Commercial Internet System, Internet Information Server, Site Server and 1 more 2025-04-03 N/A
Race condition in the SSL ISAPI filter in IIS and other servers may leak information in plaintext.
CVE-1999-1035 1 Microsoft 1 Internet Information Server 2025-04-03 N/A
IIS 3.0 and 4.0 on x86 and Alpha allows remote attackers to cause a denial of service (hang) via a malformed GET request, aka the IIS "GET" vulnerability.
CVE-1999-1376 1 Microsoft 1 Internet Information Server 2025-04-03 N/A
Buffer overflow in fpcount.exe in IIS 4.0 with FrontPage Server Extensions allows remote attackers to execute arbitrary commands.
CVE-1999-1451 1 Microsoft 2 Internet Information Server, Site Server 2025-04-03 N/A
The Winmsdp.exe sample file in IIS 4.0 and Site Server 3.0 allows remote attackers to read arbitrary files.
CVE-1999-1478 1 Microsoft 1 Internet Information Server 2025-04-03 N/A
The Sun HotSpot Performance Engine VM allows a remote attacker to cause a denial of service on any server running HotSpot via a URL that includes the [ character.