| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2001-0195 | Hig | 0.51 | 7.8 | 0.00 | Mar 26, 2001 | sash before 3.4-4 in Debian GNU/Linux does not properly clone /etc/shadow, which makes it world-readable and could allow local users to gain privileges via password cracking. | |
| CVE-2001-0006 | Hig | 0.49 | 7.1 | 0.00 | Feb 12, 2001 | The Winsock2ProtocolCatalogMutex mutex in Windows NT 4.0 has inappropriate Everyone/Full Control permissions, which allows local users to modify the permissions to "No Access" and disable Winsock network connectivity to cause a denial of service, aka the "Winsock Mutex" vulnerability. | |
| CVE-2000-0497 | Hig | 0.49 | 7.5 | 0.01 | Jun 8, 2000 | IBM WebSphere server 3.0.2 allows a remote attacker to view source code of a JSP program by requesting a URL which provides the JSP extension in upper case. | |
| CVE-2000-0499 | Hig | 0.49 | 7.5 | 0.01 | Jun 8, 2000 | The default configuration of BEA WebLogic 3.1.8 through 4.5.1 allows a remote attacker to view source code of a JSP program by requesting a URL which provides the JSP extension in upper case. | |
| CVE-2000-0498 | Hig | 0.49 | 7.5 | 0.02 | Jun 8, 2000 | Unify eWave ServletExec allows a remote attacker to view source code of a JSP program by requesting a URL which provides the JSP extension in upper case. | |
| CVE-2000-0342 | Hig | 0.52 | 7.5 | 0.02 | Apr 28, 2000 | Eudora 4.x allows remote attackers to bypass the user warning for executable attachments such as .exe, .com, and .bat by using a .lnk file that refers to the attachment, aka "Stealth Attachment." | |
| CVE-2000-0258 | Hig | 0.50 | 7.5 | 0.20 | Apr 12, 2000 | IIS 4.0 and 5.0 allows remote attackers to cause a denial of service by sending many URLs with a large number of escaped characters, aka the "Myriad Escaped Characters" Vulnerability. | |
| CVE-1999-1127 | Hig | 0.51 | 7.5 | 0.30 | Dec 31, 1999 | Windows NT 4.0 does not properly shut down invalid named pipe RPC connections, which allows remote attackers to cause a denial of service (resource exhaustion) via a series of connections containing malformed data, aka the "Named Pipes Over RPC" vulnerability. | |
| CVE-1999-1549 | Hig | 0.51 | 7.8 | 0.00 | Nov 16, 1999 | Lynx 2.x does not properly distinguish between internal and external HTML, which may allow a local attacker to read a "secure" hidden form value from a temporary file and craft a LYNXOPTIONS: URL that causes Lynx to modify the user's configuration file and execute commands. | |
| CVE-1999-0468 | Hig | 0.53 | 8.2 | 0.02 | Apr 9, 1999 | Internet Explorer 5.0 allows a remote server to read arbitrary files on the client's file system using the Microsoft Scriptlet Component. | |
| CVE-1999-1568 | Hig | 0.49 | 7.5 | 0.02 | Jan 1, 1999 | Off-by-one error in NcFTPd FTP server before 2.4.1 allows a remote attacker to cause a denial of service (crash) via a long PORT command. | |
| CVE-1999-0052 | Hig | 0.49 | 7.5 | 0.01 | Nov 4, 1998 | IP fragmentation denial of service in FreeBSD allows a remote attacker to cause a crash. | |
| CVE-1999-1152 | Hig | 0.49 | 7.5 | 0.01 | Jun 3, 1998 | Compaq/Microcom 6000 Access Integrator does not disconnect a client after a certain number of failed login attempts, which allows remote attackers to guess usernames or passwords via a brute force attack. | |
| CVE-1999-0069 | Hig | 0.58 | 8.4 | 0.01 | Apr 29, 1998 | Solaris ufsrestore buffer overflow. | |
| CVE-1999-0012 | Hig | 0.46 | 7.0 | 0.01 | Feb 6, 1998 | Some web servers under Microsoft Windows allow remote attackers to bypass access restrictions for files with long file names. | |
| CVE-1999-0013 | Hig | 0.55 | 8.4 | 0.01 | Jan 22, 1998 | Stolen credentials from SSH clients via ssh-agent program, allowing other local users to access remote accounts belonging to the ssh-agent user. | |
| CVE-1999-0239 | Hig | 0.52 | 7.5 | 0.04 | Jan 1, 1998 | Netscape FastTrack Web server lists files when a lowercase "get" command is used instead of an uppercase GET. | |
| CVE-1999-0029 | Hig | 0.58 | 8.4 | 0.00 | Jul 16, 1997 | root privileges via buffer overflow in ordist command on SGI IRIX systems. | |
| CVE-1999-0059 | Hig | 0.48 | 7.3 | 0.01 | Jul 14, 1997 | IRIX fam service allows an attacker to obtain a list of all files on the server. | |
| CVE-1999-0036 | Hig | 0.58 | 8.4 | 0.01 | May 26, 1997 | IRIX login program with a nonzero LOCKOUT parameter allows creation or damage to files. | |
| CVE-1999-0039 | Hig | 0.52 | 7.3 | 0.21 | May 6, 1997 | webdist CGI program (webdist.cgi) in SGI IRIX allows remote attackers to execute arbitrary commands via shell metacharacters in the distloc parameter. | |
| CVE-1999-0038 | Hig | 0.58 | 8.4 | 0.00 | Apr 26, 1997 | Buffer overflow in xlock program allows local users to execute commands as root. | |
| CVE-1999-0236 | Hig | 0.53 | 7.5 | 0.14 | Jan 1, 1997 | ScriptAlias directory in NCSA and Apache httpd allowed attackers to read CGI programs. | |
| CVE-1999-0022 | Hig | 0.51 | 7.8 | 0.00 | Jul 3, 1996 | Local user gains root privileges via buffer overflow in rdist, via expstr() function. | |
| CVE-1999-0084 | Hig | 0.55 | 8.4 | 0.00 | May 1, 1990 | Certain NFS servers allow users to use mknod to gain privileges by creating a writable kmem device and setting the UID to 0. |
- risk 0.51cvss 7.8epss 0.00
sash before 3.4-4 in Debian GNU/Linux does not properly clone /etc/shadow, which makes it world-readable and could allow local users to gain privileges via password cracking.
- risk 0.49cvss 7.1epss 0.00
The Winsock2ProtocolCatalogMutex mutex in Windows NT 4.0 has inappropriate Everyone/Full Control permissions, which allows local users to modify the permissions to "No Access" and disable Winsock network connectivity to cause a denial of service, aka the "Winsock Mutex" vulnerability.
- risk 0.49cvss 7.5epss 0.01
IBM WebSphere server 3.0.2 allows a remote attacker to view source code of a JSP program by requesting a URL which provides the JSP extension in upper case.
- risk 0.49cvss 7.5epss 0.01
The default configuration of BEA WebLogic 3.1.8 through 4.5.1 allows a remote attacker to view source code of a JSP program by requesting a URL which provides the JSP extension in upper case.
- risk 0.49cvss 7.5epss 0.02
Unify eWave ServletExec allows a remote attacker to view source code of a JSP program by requesting a URL which provides the JSP extension in upper case.
- risk 0.52cvss 7.5epss 0.02
Eudora 4.x allows remote attackers to bypass the user warning for executable attachments such as .exe, .com, and .bat by using a .lnk file that refers to the attachment, aka "Stealth Attachment."
- risk 0.50cvss 7.5epss 0.20
IIS 4.0 and 5.0 allows remote attackers to cause a denial of service by sending many URLs with a large number of escaped characters, aka the "Myriad Escaped Characters" Vulnerability.
- risk 0.51cvss 7.5epss 0.30
Windows NT 4.0 does not properly shut down invalid named pipe RPC connections, which allows remote attackers to cause a denial of service (resource exhaustion) via a series of connections containing malformed data, aka the "Named Pipes Over RPC" vulnerability.
- risk 0.51cvss 7.8epss 0.00
Lynx 2.x does not properly distinguish between internal and external HTML, which may allow a local attacker to read a "secure" hidden form value from a temporary file and craft a LYNXOPTIONS: URL that causes Lynx to modify the user's configuration file and execute commands.
- risk 0.53cvss 8.2epss 0.02
Internet Explorer 5.0 allows a remote server to read arbitrary files on the client's file system using the Microsoft Scriptlet Component.
- risk 0.49cvss 7.5epss 0.02
Off-by-one error in NcFTPd FTP server before 2.4.1 allows a remote attacker to cause a denial of service (crash) via a long PORT command.
- risk 0.49cvss 7.5epss 0.01
IP fragmentation denial of service in FreeBSD allows a remote attacker to cause a crash.
- risk 0.49cvss 7.5epss 0.01
Compaq/Microcom 6000 Access Integrator does not disconnect a client after a certain number of failed login attempts, which allows remote attackers to guess usernames or passwords via a brute force attack.
- risk 0.58cvss 8.4epss 0.01
Solaris ufsrestore buffer overflow.
- risk 0.46cvss 7.0epss 0.01
Some web servers under Microsoft Windows allow remote attackers to bypass access restrictions for files with long file names.
- risk 0.55cvss 8.4epss 0.01
Stolen credentials from SSH clients via ssh-agent program, allowing other local users to access remote accounts belonging to the ssh-agent user.
- risk 0.52cvss 7.5epss 0.04
Netscape FastTrack Web server lists files when a lowercase "get" command is used instead of an uppercase GET.
- risk 0.58cvss 8.4epss 0.00
root privileges via buffer overflow in ordist command on SGI IRIX systems.
- risk 0.48cvss 7.3epss 0.01
IRIX fam service allows an attacker to obtain a list of all files on the server.
- risk 0.58cvss 8.4epss 0.01
IRIX login program with a nonzero LOCKOUT parameter allows creation or damage to files.
- risk 0.52cvss 7.3epss 0.21
webdist CGI program (webdist.cgi) in SGI IRIX allows remote attackers to execute arbitrary commands via shell metacharacters in the distloc parameter.
- risk 0.58cvss 8.4epss 0.00
Buffer overflow in xlock program allows local users to execute commands as root.
- risk 0.53cvss 7.5epss 0.14
ScriptAlias directory in NCSA and Apache httpd allowed attackers to read CGI programs.
- risk 0.51cvss 7.8epss 0.00
Local user gains root privileges via buffer overflow in rdist, via expstr() function.
- risk 0.55cvss 8.4epss 0.00
Certain NFS servers allow users to use mknod to gain privileges by creating a writable kmem device and setting the UID to 0.