CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 9 and 10)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
15901 CVE-1999-0878 Overflow +Priv 1999-08-22 2008-09-09
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in WU-FTPD and related FTP servers allows remote attackers to gain root privileges via MAPPING_CHDIR.
15902 CVE-1999-0876 119 Overflow 2000-01-04 2018-08-13
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in Internet Explorer 4.0 via EMBED tag.
15903 CVE-1999-0874 119 DoS Overflow 1999-06-16 2018-10-12
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in IIS 4.0 allows remote attackers to cause a denial of service via a malformed request for files with .HTR, .IDC, or .STM extensions.
15904 CVE-1999-0853 Overflow +Priv 1999-12-01 2008-09-09
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in Netscape Enterprise Server and Netscape FastTrack Server allows remote attackers to gain privileges via the HTTP Basic Authentication procedure.
15905 CVE-1999-0837 DoS 1999-11-10 2018-10-30
10.0
Admin Remote Low Not required Complete Complete Complete
Denial of service in BIND by improperly closing TCP sessions via so_linger.
15906 CVE-1999-0836 1998-12-02 2008-09-09
10.0
Admin Remote Low Not required Complete Complete Complete
UnixWare uidadmin allows local users to modify arbitrary files via a symlink attack.
15907 CVE-1999-0835 DoS 1999-11-10 2018-10-30
10.0
Admin Remote Low Not required Complete Complete Complete
Denial of service in BIND named via malformed SIG records.
15908 CVE-1999-0834 Overflow 1999-12-01 2008-09-09
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in RSAREF2 via the encryption and decryption functions in the RSAREF library.
15909 CVE-1999-0832 Exec Code Overflow 1999-11-09 2008-09-09
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in NFS server on Linux allows attackers to execute commands via a long pathname.
15910 CVE-1999-0822 Overflow 1999-11-30 2008-09-09
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in Qpopper (qpop) 3.0 allows remote root access via AUTH command.
15911 CVE-1999-0817 1999-09-15 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
Lynx WWW client allows a remote attacker to specify command-line parameters which Lynx uses when calling external programs to handle certain protocols, e.g. telnet.
15912 CVE-1999-0816 1998-05-10 2008-09-09
10.0
Admin Remote Low Not required Complete Complete Complete
The Motorola CableRouter allows any remote user to connect to and configure the router on port 1024.
15913 CVE-1999-0814 1999-08-11 2008-09-09
10.0
None Remote Low Not required Complete Complete Complete
Red Hat pump DHCP client allows remote attackers to gain root access in some configurations.
15914 CVE-1999-0810 DoS 1999-07-21 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
Denial of service in Samba NETBIOS name service daemon (nmbd).
15915 CVE-1999-0801 1999-04-09 2008-09-09
10.0
Admin Remote Low Not required Complete Complete Complete
BMC Patrol allows remote attackers to gain access to an agent by spoofing frames.
15916 CVE-1999-0799 Overflow 1997-06-01 2008-09-09
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in bootpd 2.4.3 and earlier via a long boot file location.
15917 CVE-1999-0798 Overflow 1998-12-04 2016-10-17
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in bootpd on OpenBSD, FreeBSD, and Linux systems via a malformed header type.
15918 CVE-1999-0791 1999-10-06 2008-09-09
10.0
Admin Remote Low Not required Complete Complete Complete
Hybrid Network cable modems do not include an authentication mechanism for administration, allowing remote attackers to compromise the system through the HSMP protocol.
15919 CVE-1999-0789 Overflow 1999-09-28 2008-09-09
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in AIX ftpd in the libc library.
15920 CVE-1999-0775 1999-06-10 2008-09-09
10.0
Admin Remote Low Not required Complete Complete Complete
Cisco Gigabit Switch routers running IOS allow remote attackers to forward unauthorized packets due to improper handling of the "established" keyword in an access list.
15921 CVE-1999-0766 16 Exec Code 1999-10-21 2018-10-12
9.3
Admin Remote Medium Not required Complete Complete Complete
The Microsoft Java Virtual Machine allows a malicious Java applet to execute arbitrary commands outside of the sandbox environment.
15922 CVE-1999-0765 1999-05-19 2008-09-09
10.0
Admin Remote Low Not required Complete Complete Complete
SGI IRIX midikeys program allows local users to modify arbitrary files via a text editor.
15923 CVE-1999-0760 +Priv 2001-03-12 2017-10-09
10.0
Admin Remote Low Not required Complete Complete Complete
Undocumented ColdFusion Markup Language (CFML) tags and functions in the ColdFusion Administrator allow users to gain additional privileges.
15924 CVE-1999-0759 Overflow 1999-09-13 2008-09-09
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in FuseMAIL POP service via long USER and PASS commands.
15925 CVE-1999-0754 +Priv 1999-05-11 2008-09-09
10.0
Admin Remote Low Not required Complete Complete Complete
The INN inndstart program allows local users to gain privileges by specifying an alternate configuration file using the INNCONF environmental variable.
15926 CVE-1999-0745 Overflow 1999-08-18 2008-09-09
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in Source Code Browser Program Database Name Server Daemon (pdnsd) for the IBM AIX C Set ++ compiler.
15927 CVE-1999-0741 1999-08-19 2008-09-09
10.0
Admin Remote Low Not required Complete Complete Complete
QMS CrownNet Unix Utilities for 2060 allows root to log on without a password.
15928 CVE-1999-0730 1999-06-12 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
The zsoelim program in the Debian man-db package allows local users to overwrite files via a symlink attack.
15929 CVE-1999-0722 1999-08-08 2008-09-09
10.0
Admin Remote Low Not required Complete Complete Complete
The default configuration of Cobalt RaQ2 servers allows remote users to install arbitrary software packages.
15930 CVE-1999-0704 Overflow 1999-09-16 2008-09-09
9.3
Admin Remote Medium Not required Complete Complete Complete
Buffer overflow in Berkeley automounter daemon (amd) logging facility provided in the Linux am-utils package and others.
15931 CVE-1999-0702 94 1999-09-10 2018-10-12
10.0
None Remote Low Not required Complete Complete Complete
Internet Explorer 5.0 and 5.01 allows remote attackers to modify or execute files via the Import/Export Favorites feature, aka the "ImportExportFavorites" vulnerability.
15932 CVE-1999-0698 DoS 1999-01-01 2005-10-20
10.0
None Remote Low Not required Complete Complete Complete
Denial of service in IP protocol logger (ippl) on Red Hat and Debian Linux.
15933 CVE-1999-0696 Overflow 1999-07-01 2018-10-30
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in CDE Calendar Manager Service Daemon (rpc.cmsd).
15934 CVE-1999-0692 +Priv 1999-07-19 2008-09-09
10.0
Admin Remote Low Not required Complete Complete Complete
The default configuration of the Array Services daemon (arrayd) disables authentication, allowing remote users to gain root privileges.
15935 CVE-1999-0667 DoS 1997-09-19 2008-09-09
10.0
None Remote Low Not required Complete Complete Complete
The ARP protocol allows any host to spoof ARP replies and poison the ARP cache to conduct IP address spoofing or a denial of service.
15936 CVE-1999-0665 1999-01-01 2005-10-20
10.0
None Remote Low Not required Complete Complete Complete
An application-critical Windows NT registry key has an inappropriate value.
15937 CVE-1999-0664 1999-01-01 2005-10-20
10.0
None Remote Low Not required Complete Complete Complete
An application-critical Windows NT registry key has inappropriate permissions.
15938 CVE-1999-0663 1999-01-01 2005-10-20
10.0
None Remote Low Not required Complete Complete Complete
A system-critical program, library, or file has a checksum or other integrity measurement that indicates that it has been modified.
15939 CVE-1999-0662 1999-01-01 2005-10-20
10.0
None Remote Low Not required Complete Complete Complete
A system-critical program or library does not have the appropriate patch, hotfix, or service pack installed, or is outdated or obsolete.
15940 CVE-1999-0661 1999-01-01 2016-10-17
10.0
None Remote Low Not required Complete Complete Complete
A system is running a version of software that was replaced with a Trojan Horse at one of its distribution points, such as (1) TCP Wrappers 7.6, (2) util-linux 2.9g, (3) wuarchive ftpd (wuftpd) 2.2 and 2.1f, (4) IRC client (ircII) ircII 2.2.9, (5) OpenSSH 3.4p1, or (6) Sendmail 8.12.6.
15941 CVE-1999-0654 1999-01-01 2005-10-20
10.0
None Remote Low Not required Complete Complete Complete
The OS/2 or POSIX subsystem in NT is enabled.
15942 CVE-1999-0653 1999-01-01 2005-10-20
10.0
None Remote Low Not required Complete Complete Complete
A component service related to NIS+ is running.
15943 CVE-1999-0640 1999-01-01 2005-10-20
10.0
None Remote Low Not required Complete Complete Complete
The Gopher service is running.
15944 CVE-1999-0636 1999-01-01 2005-10-20
10.0
None Remote Low Not required Complete Complete Complete
The discard service is running.
15945 CVE-1999-0630 1999-01-01 2005-10-20
10.0
None Remote Low Not required Complete Complete Complete
The NT Alerter and Messenger services are running.
15946 CVE-1999-0618 1999-01-01 2005-10-20
10.0
None Remote Low Not required Complete Complete Complete
The rexec service is running.
15947 CVE-1999-0611 1999-01-01 2005-10-20
10.0
None Remote Low Not required Complete Complete Complete
A system-critical Windows NT registry key has an inappropriate value.
15948 CVE-1999-0603 1999-01-01 2005-10-20
10.0
None Remote Low Not required Complete Complete Complete
In Windows NT, an inappropriate user is a member of a group, e.g. Administrator, Backup Operators, Domain Admins, Domain Guests, Power Users, Print Operators, Replicators, System Operators, etc.
15949 CVE-1999-0602 1999-01-01 2005-10-20
10.0
None Remote Low Not required Complete Complete Complete
A network intrusion detection system (IDS) does not properly reassemble fragmented packets.
15950 CVE-1999-0601 1999-01-01 2005-10-20
10.0
None Remote Low Not required Complete Complete Complete
A network intrusion detection system (IDS) does not properly handle data within TCP handshake packets.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.