Search Results (365865 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-0419 1 Microsoft 2 Internet Information Server, Internet Information Services 2026-04-16 N/A
Information leaks in IIS 4 through 5.1 allow remote attackers to obtain potentially sensitive information or more easily conduct brute force attacks via responses from the server in which (2) in certain configurations, the server IP address is provided as the realm for Basic authentication, which could reveal real IP addresses that were obscured by NAT, or (3) when NTLM authentication is used, the NetBIOS name of the server and its Windows NT domain are revealed in response to an Authorization request. NOTE: this entry originally contained a vector (1) in which the server reveals whether it supports Basic or NTLM authentication through 401 Access Denied error messages. CVE has REJECTED this vector; it is not a vulnerability because the information is already available through legitimate use, since authentication cannot proceed without specifying a scheme that is supported by both the client and the server.
CVE-1999-0224 1 Microsoft 1 Windows Nt 2026-04-16 N/A
Denial of service in Windows NT messenger service through a long username.
CVE-1999-0225 1 Microsoft 1 Windows Nt 2026-04-16 N/A
Windows NT 4.0 allows remote attackers to cause a denial of service via a malformed SMB logon request in which the actual data size does not match the specified size.
CVE-1999-0226 1 Microsoft 1 Windows Nt 2026-04-16 N/A
Windows NT TCP/IP processes fragmented IP packets improperly, causing a denial of service.
CVE-1999-0229 1 Microsoft 1 Internet Information Server 2026-04-16 N/A
Denial of service in Windows NT IIS server using ..\..
CVE-2002-0421 1 Microsoft 1 Windows Nt 2026-04-16 N/A
IIS 4.0 allows local users to bypass the "User cannot change password" policy for Windows NT by directly calling .htr password changing programs in the /iisadmpwd directory, including (1) aexp2.htr, (2) aexp2b.htr, (3) aexp3.htr , or (4) aexp4.htr.
CVE-1999-0230 1 Cisco 1 Ios 2026-04-16 N/A
Buffer overflow in Cisco 7xx routers through the telnet service.
CVE-1999-0231 1 Seattle Lab Software 1 Slmail 2026-04-16 N/A
Buffer overflow in IP-Switch IMail and Seattle Labs Slmail 2.6 packages using a long VRFY command, causing a denial of service and possibly remote access.
CVE-1999-0236 2 Apache, Illinois 2 Http Server, Ncsa Httpd 2026-04-16 7.5 High
ScriptAlias directory in NCSA and Apache httpd allowed attackers to read CGI programs.
CVE-1999-0237 1 Webcom 1 Cgi Guestbook 2026-04-16 N/A
Remote execution of arbitrary commands through Guestbook CGI program.
CVE-1999-0240 2026-04-16 N/A
Some filters or firewalls allow fragmented SYN packets with IP reserved bits in violation of their implemented policy.
CVE-1999-0241 3 Sgi, Sun, Xfree86 Project 4 Irix, Solaris, Sunos and 1 more 2026-04-16 N/A
Guessable magic cookies in X Windows allows remote attackers to execute commands, e.g. through xterm.
CVE-1999-0242 1 Slackware 1 Slackware Linux 2026-04-16 N/A
Remote attackers can access mail files via POP3 in some Linux systems that are using shadow passwords.
CVE-1999-0243 2026-04-16 N/A
Linux cfingerd could be exploited to gain root access.
CVE-1999-0246 1 Hp 1 Hp-ux 2026-04-16 N/A
HP Remote Watch allows a remote user to gain root access.
CVE-1999-0247 1 Isc 1 Inn 2026-04-16 N/A
Buffer overflow in nnrpd program in INN up to version 1.6 allows remote users to execute arbitrary commands.
CVE-1999-0248 1 Ssh 1 Ssh 2026-04-16 N/A
A race condition in the authentication agent mechanism of sshd 1.2.17 allows an attacker to steal another user's credentials.
CVE-2002-0426 1 Linksys 1 Befvp41 2026-04-16 N/A
VPN Server module in Linksys EtherFast BEFVP41 Cable/DSL VPN Router before 1.40.1 reduces the key lengths for keys that are supplied via manual key entry, which makes it easier for attackers to crack the keys.
CVE-2002-0959 1 Splatt 1 Splatt Forum 2026-04-16 N/A
Cross-site scripting vulnerability in Splatt Forum 3.0 allows remote attackers to execute arbitrary script as other users via an [img] tag with a closing quote followed by the script.
CVE-1999-0252 1 Lsoft 1 Listserv 2026-04-16 N/A
Buffer overflow in listserv allows arbitrary command execution.