Vulnerabilidades CVE
Base de dados CVE enriquecida com CISA KEV e NVD
| CVE ID | CVSS | Severidade | KEV | Avistamentos |
|---|---|---|---|---|
| CVE-1999-0892 Buffer overflow in Netscape Communicator before 4.7 via a dynamic font whose length field is less than the size of the font. | N/A | NONE | — | 0 |
| CVE-1999-0455 The Expression Evaluator sample application in ColdFusion allows remote attackers to read or delete files on the server via exprcalc.cfm, which does not restrict access to the server properly. | N/A | NONE | — | 0 |
| CVE-1999-0477 The Expression Evaluator in the ColdFusion Application Server allows a remote attacker to upload files to the server via openfile.cfm, which does not restrict access to the server properly. | N/A | NONE | — | 0 |
| CVE-2000-0006 strace allows local users to read arbitrary files via memory mapped file names. | N/A | NONE | — | 0 |
| CVE-2000-0008 FTPPro allows local users to read sensitive information, which is stored in plain text. | N/A | NONE | — | 0 |
| CVE-2000-0010 WebWho+ whois.cgi program allows remote attackers to execute commands via shell metacharacters in the TLD parameter. | N/A | NONE | — | 0 |
| CVE-2000-0012 Buffer overflow in w3-msql CGI program in miniSQL package allows remote attackers to execute commands. | N/A | NONE | — | 0 |
| CVE-2000-0027 IBM Network Station Manager NetStation allows local users to gain privileges via a symlink attack. | N/A | NONE | — | 0 |
| CVE-2000-0029 UnixWare pis and mkpis commands allow local users to gain privileges via a symlink attack. | N/A | NONE | — | 0 |
| CVE-2000-0033 InterScan VirusWall SMTP scanner does not properly scan messages with malformed attachments. | N/A | NONE | — | 0 |
| CVE-2000-0060 Buffer overflow in aVirt Rover POP3 server 1.1 allows remote attackers to cause a denial of service via a long user name. | N/A | NONE | — | 0 |
| CVE-1999-1573 Multiple unknown vulnerabilities in the "r-cmnds" (1) remshd, (2) rexecd, (3) rlogind, (4) rlogin, (5) remsh, (6) rcp, (7) rexec, and (8) rdist for HP-UX 10.00 through 11.00 allow attackers to gain pr... | N/A | NONE | — | 0 |
| CVE-2000-0014 Denial of service in Savant web server via a null character in the requested URL. | N/A | NONE | — | 0 |
| CVE-2000-0035 resend command in Majordomo allows local users to gain privileges via shell metacharacters. | N/A | NONE | — | 0 |
| CVE-2000-0037 Majordomo wrapper allows local users to gain privileges by specifying an alternate configuration file. | N/A | NONE | — | 0 |
| CVE-2000-0041 Macintosh systems generate large ICMP datagrams in response to malformed datagrams, allowing them to be used as amplifiers in a flood attack. | N/A | NONE | — | 0 |
| CVE-2000-0007 Trend Micro PC-Cillin does not restrict access to its internal proxy port, allowing remote attackers to conduct a denial of service. | N/A | NONE | — | 0 |
| CVE-2000-0009 The bna_pass program in Optivity NETarchitect uses the PATH environmental variable for finding the "rm" program, which allows local users to execute arbitrary commands. | N/A | NONE | — | 0 |
| CVE-2000-0039 AltaVista search engine allows remote attackers to read files above the document root via a .. (dot dot) in the query.cgi CGI program. | N/A | NONE | — | 0 |
| CVE-2000-0042 Buffer overflow in CSM mail server allows remote attackers to cause a denial of service or execute commands via a long HELO command. | N/A | NONE | — | 0 |
| CVE-2000-0100 The SMS Remote Control program is installed with insecure permissions, which allows local users to gain privileges by modifying or replacing the program. | N/A | NONE | — | 0 |
| CVE-1999-0001 ip_input.c in BSD-derived TCP/IP implementations allows remote attackers to cause a denial of service (crash or hang) via crafted packets. | N/A | NONE | — | 0 |
| CVE-2000-0003 Buffer overflow in UnixWare rtpm program allows local users to gain privileges via a long environmental variable. | N/A | NONE | — | 0 |
| CVE-2000-0043 Buffer overflow in CamShot WebCam HTTP server allows remote attackers to execute commands via a long GET request. | N/A | NONE | — | 0 |
| CVE-2000-0076 nviboot boot script in the Debian nvi package allows local users to delete files via malformed entries in vi.recover. | N/A | NONE | — | 0 |
| CVE-1999-0154 IIS 2.0 and 3.0 allows remote attackers to read the source code for ASP pages by appending a . (dot) to the end of the URL. | N/A | NONE | — | 0 |
| CVE-1999-0808 Multiple buffer overflows in ISC DHCP Distribution server (dhcpd) 1.0 and 2.0 allow a remote attacker to cause a denial of service (crash) and possibly execute arbitrary commands via long options. | N/A | NONE | — | 0 |
| CVE-1999-0815 Memory leak in SNMP agent in Windows NT 4.0 before SP5 allows remote attackers to conduct a denial of service (memory exhaustion) via a large number of queries. | N/A | NONE | — | 0 |
| CVE-1999-1035 IIS 3.0 and 4.0 on x86 and Alpha allows remote attackers to cause a denial of service (hang) via a malformed GET request, aka the IIS "GET" vulnerability. | N/A | NONE | — | 0 |
| CVE-1999-1042 Cisco Resource Manager (CRM) 1.0 and 1.1 creates world-readable log files and temporary files, which may expose sensitive information, to local users such as user IDs, passwords and SNMP community str... | N/A | NONE | — | 0 |
| CVE-1999-1043 Microsoft Exchange Server 5.5 and 5.0 does not properly handle (1) malformed NNTP data, or (2) malformed SMTP data, which allows remote attackers to cause a denial of service (application error). | N/A | NONE | — | 0 |
| CVE-1999-1055 Microsoft Excel 97 does not warn the user before executing worksheet functions, which could allow attackers to execute arbitrary commands by using the CALL function to execute a malicious DLL, aka the... | N/A | NONE | — | 0 |
| CVE-1999-1074 Webmin before 0.5 does not restrict the number of invalid passwords that are entered for a valid username, which could allow remote attackers to gain privileges via brute force password cracking. | N/A | NONE | — | 0 |
| CVE-1999-1084 The "AEDebug" registry key is installed with insecure permissions, which allows local users to modify the key to specify a Trojan Horse debugger which is automatically executed on a system crash. | N/A | NONE | — | 0 |
| CVE-1999-1087 Internet Explorer 4 treats a 32-bit number ("dotless IP address") in the a URL as the hostname instead of an IP address, which causes IE to apply Local Intranet Zone settings to the resulting web page... | N/A | NONE | — | 0 |
| CVE-1999-1093 Buffer overflow in the Window.External function in the JScript Scripting Engine in Internet Explorer 4.01 SP1 and earlier allows remote attackers to execute arbitrary commands via a malicious web page... | N/A | NONE | — | 0 |
| CVE-1999-1094 Buffer overflow in Internet Explorer 4.01 and earlier allows remote attackers to execute arbitrary commands via a long URL with the "mk:" protocol, aka the "MK Overrun security issue." | N/A | NONE | — | 0 |
| CVE-1999-1100 Cisco PIX Private Link 4.1.6 and earlier does not properly process certain commands in the configuration file, which reduces the effective key length of the DES key to 48 bits instead of 56 bits, whic... | N/A | NONE | — | 0 |
| CVE-1999-1102 lpr on SunOS 4.1.1, BSD 4.3, A/UX 2.0.1, and other BSD-based operating systems allows local users to create or overwrite arbitrary files via a symlink attack that is triggered after invoking lpr 1000 ... | N/A | NONE | — | 0 |
| CVE-1999-1104 Windows 95 uses weak encryption for the password list (.pwl) file used when password caching is enabled, which allows local users to gain privileges by decrypting the passwords. | N/A | NONE | — | 0 |
| CVE-1999-1105 Windows 95, when Remote Administration and File Sharing for NetWare Networks is enabled, creates a share (C$) when an administrator logs in remotely, which allows remote attackers to read arbitrary fi... | N/A | NONE | — | 0 |
| CVE-1999-1117 lquerypv in AIX 4.1 and 4.2 allows local users to read arbitrary files by specifying the file in the -h command line parameter. | N/A | NONE | — | 0 |
| CVE-1999-1124 HTTP Client application in ColdFusion allows remote attackers to bypass access restrictions for web pages on other ports by providing the target page to the mainframeset.cfm application, which request... | N/A | NONE | — | 0 |
| CVE-1999-1126 Cisco Resource Manager (CRM) 1.1 and earlier creates certain files with insecure permissions that allow local users to obtain sensitive configuration information including usernames, passwords, and SN... | N/A | NONE | — | 0 |
| CVE-2026-3785 A vulnerability was identified in EasyCMS up to 1.6. The affected element is an unknown function of the file /RbacnodeAction.class.php of the component Request Parameter Handler. The manipulation of t... | 6.3 | MEDIUM | — | 0 |
| CVE-1999-1127 Windows NT 4.0 does not properly shut down invalid named pipe RPC connections, which allows remote attackers to cause a denial of service (resource exhaustion) via a series of connections containing m... | 7.5 | HIGH | — | 0 |
| CVE-1999-1132 Windows NT 4.0 allows remote attackers to cause a denial of service (crash) via extra source routing data such as (1) a Routing Information Field (RIF) field with a hop count greater than 7, or (2) a ... | N/A | NONE | — | 0 |
| CVE-1999-1148 FTP service in IIS 4.0 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via many passive (PASV) connections at the same time. | N/A | NONE | — | 0 |
| CVE-1999-1157 Tcpip.sys in Windows NT 4.0 before SP4 allows remote attackers to cause a denial of service via an ICMP Subnet Mask Address Request packet, when certain multiple IP addresses are bound to the same net... | N/A | NONE | — | 0 |
| CVE-1999-1167 Cross-site scripting vulnerability in Third Voice Web annotation utility allows remote users to read sensitive data and generate fake web pages for other Third Voice users by injecting malicious Javas... | N/A | NONE | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.