CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 2 and 2.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
4301 CVE-1999-1010 1999-12-14 2016-10-17
2.1
None Local Low Not required Partial None None
An SSH 1.2.27 server allows a client to use the "none" cipher, even if it is not allowed by the server policy.
4302 CVE-1999-1009 1999-12-12 2008-09-09
2.6
None Remote High Not required Partial None None
The Disney Go Express Search allows remote attackers to access and modify search information for users by connecting to an HTTP server on the user's system.
4303 CVE-1999-1001 1999-12-16 2008-09-09
2.6
None Remote High Not required None Partial None
Cisco Cache Engine allows a remote attacker to gain access via a null username and password.
4304 CVE-1999-0990 1999-12-05 2008-09-09
2.1
None Local Low Not required Partial None None
Error messages generated by gdm with the VerboseAuth setting allows an attacker to identify valid users on a system.
4305 CVE-1999-0976 DoS 1999-12-07 2008-09-09
2.1
None Local Low Not required None None Partial
Sendmail allows local users to reinitialize the aliases database via the newaliases command, then cause a denial of service by interrupting Sendmail.
4306 CVE-1999-0957 1997-06-18 2008-09-09
2.1
None Local Low Not required None Partial None
MajorCool mj_key_cache program allows local users to modify files via a symlink attack.
4307 CVE-1999-0916 1999-06-29 2008-09-09
2.1
None Local Low Not required Partial None None
WebTrends software stores account names and passwords in a file which does not have restricted access permissions.
4308 CVE-1999-0912 DoS 1999-09-22 2008-09-09
2.1
None Local Low Not required None None Partial
FreeBSD VFS cache (vfs_cache) allows local users to cause a denial of service by opening a large number of files.
4309 CVE-1999-0907 1999-09-16 2008-09-09
2.1
None Local Low Not required Partial None None
sccw allows local users to read arbitrary files.
4310 CVE-1999-0893 1999-10-11 2008-09-09
2.1
None Local Low Not required None Partial None
userOsa in SCO OpenServer allows local users to corrupt files via a symlink attack.
4311 CVE-1999-0871 1998-09-04 2018-10-12
2.6
None Remote High Not required Partial None None
Internet Explorer 4.0 and 4.01 allow a remote attacker to read files via IE's cross frame security, aka the "Cross Frame Navigate" vulnerability.
4312 CVE-1999-0870 1998-10-01 2018-10-12
2.6
None Remote High Not required Partial None None
Internet Explorer 4.01 allows remote attackers to read arbitrary files by pasting a file name into the file upload control, aka untrusted scripted paste.
4313 CVE-1999-0869 1998-12-01 2018-10-12
2.6
None Remote High Not required Partial None None
Internet Explorer 3.x to 4.01 allows a remote attacker to insert malicious content into a frame of another web site, aka frame spoofing.
4314 CVE-1999-0862 +Priv 1999-12-02 2008-09-09
2.1
None Local Low Not required Partial None None
Insecure directory permissions in RPM distribution for PostgreSQL allows local users to gain privileges by reading a plaintext password file.
4315 CVE-1999-0861 362 +Info 1999-08-11 2018-10-12
2.6
None Remote High Not required Partial None None
Race condition in the SSL ISAPI filter in IIS and other servers may leak information in plaintext.
4316 CVE-1999-0860 1999-12-01 2018-10-30
2.1
None Local Low Not required Partial None None
Solaris chkperm allows local users to read files owned by bin via the VMSYS environmental variable and a symlink attack.
4317 CVE-1999-0859 1999-12-01 2018-10-30
2.1
None Local Low Not required Partial None None
Solaris arp allows local users to read files via the -f parameter, which lists lines in the file that do not parse properly.
4318 CVE-1999-0857 1999-12-01 2008-09-09
2.1
None Local Low Not required None Partial None
FreeBSD gdc program allows local users to modify files via a symlink attack.
4319 CVE-1999-0851 DoS 1999-11-10 2018-10-30
2.1
None Local Low Not required None None Partial
Denial of service in BIND named via naptr.
4320 CVE-1999-0827 1999-11-01 2008-09-09
2.6
None Remote High Not required Partial None None
By default, Internet Explorer 5.0 and other versions enables the "Navigate sub-frames across different domains" option, which allows frame spoofing.
4321 CVE-1999-0803 1999-05-25 2016-10-17
2.1
None Local Low Not required None Partial None
The fwluser script in AIX eNetwork Firewall allows local users to write to arbitrary files via a symlink attack.
4322 CVE-1999-0797 DoS 1998-06-29 2008-09-09
2.6
None Remote High Not required None None Partial
NIS finger allows an attacker to conduct a denial of service via a large number of finger requests, resulting in a large number of NIS queries.
4323 CVE-1999-0793 1999-11-17 2018-10-12
2.6
None Remote High Not required Partial None None
Internet Explorer allows remote attackers to read files by redirecting data to a Javascript applet.
4324 CVE-1999-0790 2000-04-01 2008-09-09
2.6
None Remote High Not required Partial None None
A remote attacker can read information from a Netscape user's cache via JavaScript.
4325 CVE-1999-0787 1999-09-17 2016-10-17
2.1
None Local Low Not required None Partial None
The SSH authentication agent follows symlinks via a UNIX domain socket.
4326 CVE-1999-0782 1998-11-18 2016-10-17
2.1
None Local Low Not required None Partial None
KDE kppp allows local users to create a directory in an arbitrary location via the HOME environmental variable.
4327 CVE-1999-0770 DoS 1999-07-29 2008-09-09
2.1
None Local Low Not required None None Partial
Firewall-1 sets a long timeout for connections that begin with ACK or other packets except SYN, allowing an attacker to conduct a denial of service via a large number of connection attempts to unresponsive systems.
4328 CVE-1999-0762 1999-05-24 2008-09-09
2.6
None Remote High Not required Partial None None
When Javascript is embedded within the TITLE tag, Netscape Communicator allows a remote attacker to use the "about" protocol to gain access to browser information.
4329 CVE-1999-0757 2001-03-12 2017-12-18
2.1
None Local Low Not required Partial None None
The ColdFusion CFCRYPT program for encrypting CFML templates has weak encryption, allowing attackers to decrypt the templates.
4330 CVE-1999-0749 Overflow 1999-08-16 2018-10-12
2.6
None Remote High Not required None Partial None
Buffer overflow in Microsoft Telnet client in Windows 95 and Windows 98 via a malformed Telnet argument.
4331 CVE-1999-0747 DoS 1999-08-18 2008-09-09
2.1
None Local Low Not required None None Partial
Denial of service in BSDi Symmetric Multiprocessing (SMP) when an fstat call is made when the system has a high CPU load.
4332 CVE-1999-0743 1999-08-20 2018-05-02
2.1
None Local Low Not required None Partial None
Trn allows local users to overwrite other users' files via symlinks.
4333 CVE-1999-0732 1999-08-19 2016-09-16
2.1
None Local Low Not required None Partial None
The logging facility of the Debian smtp-refuser package allows local users to delete arbitrary files using symbolic links.
4334 CVE-1999-0717 1999-05-07 2018-10-12
2.6
None Remote High Not required None Partial None
A remote attacker can disable the virus warning mechanism in Microsoft Excel 97.
4335 CVE-1999-0714 1999-02-15 2008-09-09
2.1
None Local Low Not required Partial None None
Vulnerability in Compaq Tru64 UNIX edauth command.
4336 CVE-1999-0712 1999-04-27 2008-09-09
2.1
None Local Low Not required Partial None None
A vulnerability in Caldera Open Administration System (COAS) allows the /etc/shadow password file to be made world-readable.
4337 CVE-1999-0694 DoS 1999-08-11 2008-09-09
2.1
None Local Low Not required None None Partial
Denial of service in AIX ptrace system call allows local users to crash the system.
4338 CVE-1999-0595 2000-01-20 2008-09-09
2.1
None Local Low Not required Partial None None
A Windows NT system does not clear the system page file during shutdown, which might allow sensitive information to be recorded.
4339 CVE-1999-0585 2000-07-01 2008-09-09
2.1
None Local Low Not required Partial None None
A Windows NT administrator account has the default name of Administrator.
4340 CVE-1999-0487 1999-05-01 2018-10-12
2.6
None Remote High Not required Partial None None
The DHTML Edit ActiveX control in Internet Explorer allows remote attackers to read arbitrary files.
4341 CVE-1999-0485 1999-02-19 2008-09-09
2.6
None Remote High Not required None None Partial
Remote attackers can cause a system crash through ipintr() in ipq in OpenBSD.
4342 CVE-1999-0484 Overflow 1999-02-23 2008-09-09
2.1
None Local Low Not required None Partial None
Buffer overflow in OpenBSD ping.
4343 CVE-1999-0483 1999-02-25 2008-09-09
2.1
None Local Low Not required None None Partial
OpenBSD crash using nlink value in FFS and EXT2FS filesystems.
4344 CVE-1999-0480 DoS 1999-04-01 2008-09-09
2.1
None Local Low Not required None None Partial
Local attackers can conduct a denial of service in Midnight Commander 4.x with a symlink attack.
4345 CVE-1999-0473 1999-04-07 2008-09-09
2.1
None Local Low Not required None Partial None
The rsync command before rsync 2.3.1 may inadvertently change the permissions of the client's working directory to the permissions of the directory being transferred.
4346 CVE-1999-0468 1999-04-09 2018-10-12
2.6
None Remote High Not required Partial None None
Internet Explorer 5.0 allows a remote server to read arbitrary files on the client's file system using the Microsoft Scriptlet Component.
4347 CVE-1999-0464 DoS 1999-01-04 2016-10-17
2.1
None Local Low Not required None None Partial
Local users can perform a denial of service in Tripwire 1.2 and earlier using long filenames.
4348 CVE-1999-0460 DoS Overflow 1999-02-19 2008-09-05
2.1
None Local Low Not required None None Partial
Buffer overflow in Linux autofs module through long directory names allows local users to perform a denial of service.
4349 CVE-1999-0458 1999-01-06 2008-09-09
2.1
None Local Low Not required Partial None None
L0phtcrack 2.5 used temporary files in the system TEMP directory which could contain password information.
4350 CVE-1999-0451 DoS 1999-01-19 2008-09-05
2.1
None Local Low Not required None None Partial
Denial of service in Linux 2.0.36 allows local users to prevent any server from listening on any non-privileged port.
Total number of vulnerabilities : 4356   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 (This Page)88
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.