Launchpad CVE tracker

Search CVEs
324601324625 of 324625 results
CVE-1999-1169 (Candidate)
nobo 1.2 allows remote attackers to cause a denial of service (crash) via a series of large UDP packets.
Created and modified .

CVE-1999-1168 (Candidate)
install.iss installation script for Internet Security Scanner (ISS) for Linux, version 5.3, allows local users to change the permissions of arbitrary files via a symlink attack on a temporary file.
Created and modified .

CVE-1999-1166 (Candidate)
Linux 2.0.37 does not properly encode the Custom segment limit, which allows local users to gain root privileges by accessing and modifying kernel memory.
Created and modified .

CVE-1999-1134 (Candidate)
Vulnerability in Vue 3.0 in HP 9.x allows local users to gain root privileges, as fixed by PHSS_4038, PHSS_4055, and PHSS_4066.
Created and modified .

CVE-1999-1128 (Candidate)
Internet Explorer 3.01 on Windows 95 allows remote malicious web sites to execute arbitrary commands via a .isp file, which is automatically downloaded and executed without prompting the user.
Created and modified .

CVE-1999-1124 (Candidate)
HTTP Client application in ColdFusion allows remote attackers to bypass access restrictions for web pages on other ports by providing the target page to the mainframeset.cfm application, which requests the page from the server, making it look like the request is coming from the local host.
Created and modified .

CVE-1999-1110 (Candidate)
Windows Media Player ActiveX object as used in Internet Explorer 5.0 returns a specific error code when a file does not exist, which allows remote malicious web sites to determine the existence of files on the client.
Created and modified .

CVE-1999-1101 (Candidate)
Kabsoftware Lydia utility uses weak encryption to store user passwords in the lydia.ini file, which allows local users to easily decrypt the passwords and gain privileges.
Created and modified .

CVE-1999-1070 (Candidate)
Buffer overflow in ping CGI program in Xylogics Annex terminal service allows remote attackers to cause a denial of service via a long query parameter.
Created and modified .

CVE-1999-1053 (Candidate) cleanses user-inserted SSI commands by removing text between "<!--" and "-->" separators, which allows remote attackers to execute arbitrary commands when is run on Apache 1.3.9 and possibly other versions, since Apache allows other closing sequences besides "-->".
Created and modified .

CVE-1999-1051 (Candidate)
Default configuration in Matt Wright FormHandler.cgi script allows arbitrary directories to be used for attachments, and only restricts access to the /etc/ directory, which allows remote attackers to read arbitrary files via the reply_message_attach attachment parameter.
Created and modified .

CVE-1999-1042 (Candidate)
Cisco Resource Manager (CRM) 1.0 and 1.1 creates world-readable log files and temporary files, which may expose sensitive information, to local users such as user IDs, passwords and SNMP community strings.
Created and modified .

CVE-1999-1039 (Candidate)
Vulnerability in (1) diskalign and (2) diskperf in IRIX 6.4 patches 2291 and 2848 allow a local user to create root-owned files leading to a root compromise.
Created and modified .

CVE-1999-1012 (Candidate)
SMTP component of Lotus Domino 4.6.1 on AS/400, and possibly other operating systems, allows a remote attacker to crash the mail server via a long string.
Created and modified .

CVE-1999-0926 (Candidate)
Apache allows remote attackers to conduct a denial of service via a large number of MIME headers.
Created and modified .

CVE-1999-0792 (Candidate)
ROUTERmate has a default SNMP community name which allows remote attackers to modify its configuration.
Created and modified .

CVE-1999-0784 (Candidate)
Denial of service in Oracle TNSLSNR SQL*Net Listener via a malformed string to the listener port, aka NERP.
Created and modified .

CVE-1999-0673 (Candidate)
Buffer overflow in ALMail32 POP3 client via From: or To: headers.
Created and modified .

CVE-1999-0298 (Candidate)
ypbind with -ypset and -ypsetme options activated in Linux Slackware and SunOS allows local and remote attackers to overwrite files via a .. (dot dot) attack.
Created and modified .

CVE-1999-0187 (Candidate)
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-0022. Reason: This candidate is a duplicate of CVE-1999-0022. Notes: All CVE users should reference CVE-1999-0022 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
Created and modified .

CVE-1999-0110 (Candidate)
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-0315. Reason: This candidate's original description had a typo that delayed it from being detected as a duplicate of CVE-1999-0315. Notes: All CVE users should reference CVE-1999-0315 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
Created and modified .

CVE-1999-0088 (Candidate)
IRIX and AIX automountd services (autofsd) allow remote users to execute root commands.
Created and modified .

CVE-1999-0020 (Candidate)
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-0032. Reason: This candidate is a duplicate of CVE-1999-0032. Notes: All CVE users should reference CVE-1999-0032 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
Created and modified .

CVE-2001-1266 (Entry)
Directory traversal vulnerability in Doug Neal's HTTPD Daemon (DNHTTPD) before 0.4.1 allows remote attackers to view arbitrary files via a .. (dot dot) attack using the dot hex code '%2E'.
Created and modified .

CVE-1999-0248 (Entry)
A race condition in the authentication agent mechanism of sshd 1.2.17 allows an attacker to steal another user's credentials.
Created and modified .

324601324625 of 324625 results
Launchpad includes full support for the CVE framework. We update the Launchpad CVE database daily to ensure it includes details of all known vulnerabilities.