1999 CVEs

1579 CVEs published in 1999. 8 critical, 19 high. Browse by vendor, severity, or with PoCs.

Top CVEs published in 1999
CVESeverityScorePublishedSummary
CVE-1999-0199Critical9.82020-10-06manual/search.texi in the GNU C Library (aka glibc) before 2.2 lacks a statement about the unspecified tdelete return value upon deletion of a tree's root, whi…
CVE-1999-1588Critical9.81999-12-31Buffer overflow in nlps_server in Sun Solaris x86 2.4, 2.5, and 2.5.1 allows remote attackers to execute arbitrary code as root via a long string beginning wit…
CVE-1999-1324Critical9.81999-12-31VAXstations running Open VMS 5.3 through 5.5-2 with VMS DECwindows or MOTIF do not properly disable access to user accounts that exceed the break-in limit thre…
CVE-1999-0426Critical9.81999-03-01The default permissions of /dev/kmem in Linux versions before 2.0.36 allows IP spoofing.
CVE-1999-0006Critical9.81998-07-14Buffer overflow in POP servers based on BSD/Qualcomm's qpopper allows remote attackers to gain root access using a long PASS command.
CVE-1999-0043Critical9.81996-12-04Command execution via shell metachars in INN daemon (innd) 1.5 using "newgroup" and "rmgroup" control messages, and others.
CVE-1999-0066Critical9.81995-07-31AnyForm CGI remote execution.
CVE-1999-0511Critical9.11997-01-01IP forwarding is enabled on a machine which is not a router or firewall.
CVE-1999-0069High8.41998-04-29Solaris ufsrestore buffer overflow.
CVE-1999-0013High8.41998-01-22Stolen credentials from SSH clients via ssh-agent program, allowing other local users to access remote accounts belonging to the ssh-agent user.
CVE-1999-0029High8.41997-07-16root privileges via buffer overflow in ordist command on SGI IRIX systems.
CVE-1999-0036High8.41997-05-26IRIX login program with a nonzero LOCKOUT parameter allows creation or damage to files.
CVE-1999-0038High8.41997-04-26Buffer overflow in xlock program allows local users to execute commands as root.
CVE-1999-0084High8.41990-05-01Certain NFS servers allow users to use mknod to gain privileges by creating a writable kmem device and setting the UID to 0.
CVE-1999-0468High8.21999-04-09Internet Explorer 5.0 allows a remote server to read arbitrary files on the client's file system using the Microsoft Scriptlet Component.
CVE-1999-1549High7.81999-11-16Lynx 2.x does not properly distinguish between internal and external HTML, which may allow a local attacker to read a "secure" hidden form value from a tempora…
CVE-1999-0022High7.81996-07-03Local user gains root privileges via buffer overflow in rdist, via expstr() function.
CVE-1999-1127High7.51999-12-31Windows NT 4.0 does not properly shut down invalid named pipe RPC connections, which allows remote attackers to cause a denial of service (resource exhaustion)…
CVE-1999-1568High7.51999-01-01Off-by-one error in NcFTPd FTP server before 2.4.1 allows a remote attacker to cause a denial of service (crash) via a long PORT command.
CVE-1999-0052High7.51998-11-04IP fragmentation denial of service in FreeBSD allows a remote attacker to cause a crash.