NVD Vulnerability Information Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
In descending order of publication date
In descending order of update date
Number of items displayed

You can search the list of vulnerabilities managed by the NVD (National Vulnerability Database).
Since vulnerability information is often updated before JVN (Japan Vulnerability Note), vulnerabilities that are not listed in JVN may be updated.

If there is a vulnerability related to JVN (Japan Vulnerability Note), the information will be displayed on the detail page.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW

Update Date:June 10, 2026, 5 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
343501 5.0 MEDIUM
easy_software_products cups The Internet Printing Protocol (IPP) implementation in CUPS before 1.1.21 allows remote attackers to cause a denial of service (service hang) via a certain UDP packet to the IPP port. NVD-CWE-Other
CVE-2004-0558 2018-03-13 10:29 2004-09-28 Show GitHub Exploit DB Packet Storm
343502 4.3 MEDIUM
wikyblog wikyblog Cross-site scripting (XSS) vulnerability in index.php/Special/Main/Templates in WikyBlog 1.7.2 and 1.7.3 rc2 allows remote attackers to inject arbitrary web script or HTML via the which parameter in … CWE-79
Cross-site Scripting 		CVE-2010-0754 2018-01-13 11:29 2010-02-27 Show GitHub Exploit DB Packet Storm
343503 5.0 MEDIUM
microsoft internet_information_server Microsoft IIS for Far East editions 4.0 and 5.0 allows remote attackers to read source code for parsed pages via a malformed URL that uses the lead-byte of a double-byte character. NVD-CWE-Other
CVE-2000-1090 2018-01-12 01:57 2001-02-12 Show GitHub Exploit DB Packet Storm
343504 5.0 MEDIUM
mysql mysql The mysql_uninstall_plugin function in sql/sql_plugin.cc in MySQL 5.1 before 5.1.46 does not check privileges before uninstalling a plugin, which allows remote attackers to uninstall arbitrary plugin… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2010-1621 2018-01-5 11:29 2010-05-15 Show GitHub Exploit DB Packet Storm
343505 7.5 HIGH
realnetworks helix_universal_server Multiple buffer overflows in RealNetworks Helix Universal Server 9.0 (9.0.2.768) allow remote attackers to execute arbitrary code via (1) a long Transport field in a SETUP RTSP request, (2) a DESCRIB… NVD-CWE-Other
CVE-2002-1643 2017-12-23 11:29 2002-12-19 Show GitHub Exploit DB Packet Storm
343506 7.5 HIGH
ramp_networks webramp WebRamp M3 router does not disable remote telnet or HTTP access to itself, even when access has been explicitly disabled. NVD-CWE-Other
CVE-1999-1264 2017-12-20 11:29 1999-01-21 Show GitHub Exploit DB Packet Storm
343507 2.1 LOW
linux linux_kernel The Linux 2.2.x kernel does not restrict the number of Unix domain sockets as defined by the wmem_max parameter, which allows local users to cause a denial of service by requesting a large number of … NVD-CWE-Other
CVE-2000-0227 2017-12-20 11:29 2000-03-23 Show GitHub Exploit DB Packet Storm
343508 5.0 MEDIUM
goahead_software goahead_webserver Directory traversal vulnerability in GoAhead web server 2.1 and earlier allows remote attackers to read arbitrary files via a .. attack in an HTTP GET request. NVD-CWE-Other
CVE-2001-0228 2017-12-20 11:29 2001-05-3 Show GitHub Exploit DB Packet Storm
343509 5.0 MEDIUM
goahead_software goahead_webserver GoAhead webserver 2.1 allows remote attackers to cause a denial of service via an HTTP request to the /aux directory. NVD-CWE-Other
CVE-2001-0385 2017-12-20 11:29 2001-07-2 Show GitHub Exploit DB Packet Storm
343510 4.6 MEDIUM
counterpane password_safe Password Safe 1.7(1) leaves cleartext passwords in memory when a user copies the password to the clipboard and minimizes Password Safe with the "Clear the password when minimized" and "Lock password … NVD-CWE-Other
CVE-2001-0984 2017-12-20 11:29 2001-09-13 Show GitHub Exploit DB Packet Storm
343511 5.0 MEDIUM
goahead_software
orange_software
montavista_software 		goahead_webserver
orange_web_server
hard_hat_linux 		Directory traversal vulnerability in GoAhead Web Server 2.1 allows remote attackers to read arbitrary files via a URL with an encoded / (%5C) in a .. (dot dot) sequence. NOTE: it is highly likely th… NVD-CWE-Other
CVE-2002-0680 2017-12-20 11:29 2002-07-23 Show GitHub Exploit DB Packet Storm
343512 7.5 HIGH
goahead_software goahead_webserver Cross-site scripting vulnerability in GoAhead Web Server 2.1 allows remote attackers to execute script as other web users via script in a URL that generates a "404 not found" message, which does not … NVD-CWE-Other
CVE-2002-0681 2017-12-20 11:29 2002-07-23 Show GitHub Exploit DB Packet Storm
343513 7.5 HIGH
goahead_software goahead_webserver Buffer overflow in GoAhead WebServer 2.1 allows remote attackers to execute arbitrary code via a long HTTP GET request with a large number of subdirectories. NVD-CWE-Other
CVE-2002-1951 2017-12-20 11:29 2002-12-31 Show GitHub Exploit DB Packet Storm
343514 2.1 LOW
allaire coldfusion_server The ColdFusion CFCRYPT program for encrypting CFML templates has weak encryption, allowing attackers to decrypt the templates. NVD-CWE-Other
CVE-1999-0757 2017-12-19 11:29 2001-03-12 Show GitHub Exploit DB Packet Storm
343515 5.0 MEDIUM
novell netware Novell NetWare Transaction Tracking System (TTS) in Novell 4.11 and earlier allows remote attackers to cause a denial of service via a large number of requests. NVD-CWE-Other
CVE-1999-0805 2017-12-19 11:29 2001-03-12 Show GitHub Exploit DB Packet Storm
343516 10.0 HIGH
motorola motorola_cablerouter A memory leak in a Motorola CableRouter allows remote attackers to conduct a denial of service via a large number of telnet connections. NVD-CWE-Other
CVE-1999-0919 2017-12-19 11:29 1998-05-10 Show GitHub Exploit DB Packet Storm
343517 5.0 MEDIUM
omnicron omnihttpd The OmniHTTPD visadmin.exe program allows a remote attacker to conduct a denial of service via a malformed URL which causes a large number of temporary files to be created. NVD-CWE-Other
CVE-1999-0970 2017-12-19 11:29 1999-06-5 Show GitHub Exploit DB Packet Storm
343518 7.5 HIGH
novell netware The installation of Novell Netware NDS 5.99 provides an unauthenticated client with Read access for the tree, which allows remote attackers to access sensitive information such as users, groups, and … NVD-CWE-Other
CVE-1999-1020 2017-12-19 11:29 1998-09-18 Show GitHub Exploit DB Packet Storm
343519 6.2 MEDIUM
sgi irix serial_ports administrative program in IRIX 4.x and 5.x trusts the user's PATH environmental variable to find and execute the ls program, which allows local users to gain root privileges via a Trojan… NVD-CWE-Other
CVE-1999-1022 2017-12-19 11:29 1994-10-2 Show GitHub Exploit DB Packet Storm
343520 7.5 HIGH
ssh ssh2 SSH server (sshd2) before 2.0.12 does not properly record login attempts if the connection is closed before the maximum number of tries, allowing a remote attacker to guess the password without showi… NVD-CWE-Other
CVE-1999-1029 2017-12-19 11:29 1999-05-13 Show GitHub Exploit DB Packet Storm
343521 10.0 HIGH
ipswitch imail Buffer overflow in IMonitor in IMail 5.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long string to port 8181. NVD-CWE-Other
CVE-1999-1046 2017-12-19 11:29 1999-03-1 Show GitHub Exploit DB Packet Storm
343522 5.0 MEDIUM
matt_wright formhandler.cgi Directory traversal vulnerability in Matt Wright FormHandler.cgi script allows remote attackers to read arbitrary files via (1) a .. (dot dot) in the reply_message_attach attachment parameter, or (2)… NVD-CWE-Other
CVE-1999-1050 2017-12-19 11:29 1999-11-12 Show GitHub Exploit DB Packet Storm
343523 7.5 HIGH
arcane_software vermillion_ftp_daemon Buffer overflow in Vermillion FTP Daemon VFTPD 1.23 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via several long CWD commands. NVD-CWE-Other
CVE-1999-1058 2017-12-19 11:29 1999-11-22 Show GitHub Exploit DB Packet Storm
343524 7.5 HIGH
hp jetdirect HP Laserjet printers with JetDirect cards, when configured with TCP/IP, can be configured without a password, which allows remote attackers to connect to the printer and change its IP address or disa… NVD-CWE-Other
CVE-1999-1061 2017-12-19 11:29 1997-10-4 Show GitHub Exploit DB Packet Storm
343525 7.5 HIGH
hp jetdirect HP Laserjet printers with JetDirect cards, when configured with TCP/IP, allow remote attackers to bypass print filters by directly sending PostScript documents to TCP ports 9099 and 9100. NVD-CWE-Other
CVE-1999-1062 2017-12-19 11:29 1997-10-4 Show GitHub Exploit DB Packet Storm
343526 10.0 HIGH
cdomain cdomainfree CDomain whois_raw.cgi whois CGI script allows remote attackers to execute arbitrary commands via shell metacharacters in the fqdn parameter. NVD-CWE-Other
CVE-1999-1063 2017-12-19 11:29 1999-06-1 Show GitHub Exploit DB Packet Storm
343527 5.0 MEDIUM
icat electronic_commerce_suite Directory traversal vulnerability in carbo.dll in iCat Carbo Server 3.0.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the icatcommand parameter. NVD-CWE-Other
CVE-1999-1069 2017-12-19 11:29 1997-11-8 Show GitHub Exploit DB Packet Storm
343528 7.2 HIGH
excite ews Excite for Web Servers (EWS) 1.1 installs the Architext.conf authentication file with world-writeable permissions, which allows local users to gain access to Excite accounts by modifying the file. NVD-CWE-Other
CVE-1999-1071 2017-12-19 11:29 1998-11-30 Show GitHub Exploit DB Packet Storm
343529 5.0 MEDIUM
novell web_server Vulnerability in files.pl script in Novell WebServer Examples Toolkit 2 allows remote attackers to read arbitrary files. NVD-CWE-Other
CVE-1999-1081 2017-12-19 11:29 2002-01-15 Show GitHub Exploit DB Packet Storm
343530 5.0 MEDIUM
rtin
tin 		rtin
tin 		UNIX news readers tin and rtin create the /tmp/.tin_log file with insecure permissions and follow symlinks, which allows attackers to modify the permissions of files writable by the user via a symlin… NVD-CWE-Other
CVE-1999-1091 2017-12-19 11:29 2002-01-15 Show GitHub Exploit DB Packet Storm
343531 7.2 HIGH
kde kde Buffer overflow in kscreensaver in KDE klock allows local users to gain root privileges via a long HOME environmental variable. NVD-CWE-Other
CVE-1999-1096 2017-12-19 11:29 1998-05-16 Show GitHub Exploit DB Packet Storm
343532 6.4 MEDIUM
microsoft netmeeting Microsoft NetMeeting 2.1 allows one client to read the contents of another client's clipboard via a CTRL-C in the chat box when the box is empty. NVD-CWE-Other
CVE-1999-1097 2017-12-19 11:29 1999-05-4 Show GitHub Exploit DB Packet Storm
343533 7.2 HIGH
kde kde Buffer overflow in kppp in KDE allows local users to gain root access via a long -c (account_name) command line argument. NVD-CWE-Other
CVE-1999-1106 2017-12-19 11:29 1998-04-29 Show GitHub Exploit DB Packet Storm
343534 7.2 HIGH
kde kde Buffer overflow in kppp in KDE allows local users to gain root access via a long PATH environmental variable. NVD-CWE-Other
CVE-1999-1107 2017-12-19 11:29 1998-11-18 Show GitHub Exploit DB Packet Storm
343535 7.5 HIGH
irfanview irfanview Buffer overflow in IrfanView32 3.07 and earlier allows attackers to execute arbitrary commands via a long string after the "8BPS" image type in a Photo Shop image header. NVD-CWE-Other
CVE-1999-1112 2017-12-19 11:29 1999-11-9 Show GitHub Exploit DB Packet Storm
343536 7.2 HIGH
sun sunos The installation of Sun Source (sunsrc) tapes allows local users to gain root privileges via setuid root programs (1) makeinstall or (2) winstall. NVD-CWE-Other
CVE-1999-1123 2017-12-19 11:29 1991-05-20 Show GitHub Exploit DB Packet Storm
343537 2.1 LOW
cisco resource_manager Cisco Resource Manager (CRM) 1.1 and earlier creates certain files with insecure permissions that allow local users to obtain sensitive configuration information including usernames, passwords, and S… NVD-CWE-Other
CVE-1999-1126 2017-12-19 11:29 1999-12-31 Show GitHub Exploit DB Packet Storm
343538 7.5 HIGH
cisco ios
catalyst_2900_vlan 		Cisco Catalyst 2900 Virtual LAN (VLAN) switches allow remote attackers to inject 802.1q frames into another VLAN by forging the VLAN identifier in the trunking tag. NVD-CWE-Other
CVE-1999-1129 2017-12-19 11:29 1999-09-1 Show GitHub Exploit DB Packet Storm
343539 4.6 MEDIUM
hp hp-ux HP-UX 9.x and 10.x running X windows may allow local attackers to gain privileges via (1) vuefile, (2) vuepad, (3) dtfile, or (4) dtpad, which do not authenticate users. NVD-CWE-Other
CVE-1999-1133 2017-12-19 11:29 1997-09-1 Show GitHub Exploit DB Packet Storm
343540 7.2 HIGH
hp hp-ux Vulnerability in VUE 3.0 in HP 9.x allows local users to gain root privileges, as fixed by PHSS_4994 and PHSS_5438. NVD-CWE-Other
CVE-1999-1135 2017-12-19 11:29 1994-04-20 Show GitHub Exploit DB Packet Storm
343541 7.5 HIGH
ascom timeplex_routers Ascom Timeplex router allows remote attackers to obtain sensitive information or conduct unauthorized activities by entering debug mode through a sequence of CTRL-D characters. NVD-CWE-Other
CVE-1999-1141 2017-12-19 11:29 1997-05-15 Show GitHub Exploit DB Packet Storm
343542 5.0 MEDIUM
computer_software_manufaktur csm_proxy Buffer overflow in CSM Proxy 4.1 allows remote attackers to cause a denial of service (crash) via a long string to the FTP port. NVD-CWE-Other
CVE-1999-1149 2017-12-19 11:29 1998-07-16 Show GitHub Exploit DB Packet Storm
343543 7.5 HIGH
livingston_portmaster portmaster Livingston Portmaster routers running ComOS use the same initial sequence number (ISN) for TCP connections, which allows remote attackers to conduct spoofing and hijack TCP sessions. NVD-CWE-Other
CVE-1999-1150 2017-12-19 11:29 1998-06-30 Show GitHub Exploit DB Packet Storm
343544 5.0 MEDIUM
compaq_microcom microcom_6000_access_integrator Compaq/Microcom 6000 Access Integrator does not cause a session timeout after prompting for a username or password, which allows remote attackers to cause a denial of service by connecting to the int… NVD-CWE-Other
CVE-1999-1151 2017-12-19 11:29 1998-06-3 Show GitHub Exploit DB Packet Storm
343545 7.5 HIGH
hamcards_postcard_cgi hamcards_postcard_cgi HAMcards Postcard CGI script 1.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the recipient email address. NVD-CWE-Other
CVE-1999-1153 2017-12-19 11:29 1998-11-9 Show GitHub Exploit DB Packet Storm
343546 7.5 HIGH
lakeweb filemail_cgi_script LakeWeb Filemail CGI script allows remote attackers to execute arbitrary commands via shell metacharacters in the recipient email address. NVD-CWE-Other
CVE-1999-1154 2017-12-19 11:29 1998-11-9 Show GitHub Exploit DB Packet Storm
343547 7.5 HIGH
lakeweb mail_list_cgi_script LakeWeb Mail List CGI script allows remote attackers to execute arbitrary commands via shell metacharacters in the recipient email address. NVD-CWE-Other
CVE-1999-1155 2017-12-19 11:29 1998-11-9 Show GitHub Exploit DB Packet Storm
343548 5.0 MEDIUM
sambar sambar_server Sambar Server 4.1 beta allows remote attackers to obtain sensitive information about the server via an HTTP request for the dumpenv.pl script. NVD-CWE-Other
CVE-1999-1178 2017-12-19 11:29 1998-06-10 Show GitHub Exploit DB Packet Storm
343549 4.6 MEDIUM
university_of_washington
freebsd
slackware 		pine
freebsd
slackware_linux 		Pine before version 3.94 allows local users to gain privileges via a symlink attack on a lockfile that is created when a user receives new mail. NVD-CWE-Other
CVE-1999-1187 2017-12-19 11:29 1996-08-26 Show GitHub Exploit DB Packet Storm
343550 5.0 MEDIUM
vintra_systems smtp_mailserver Vintra SMTP MailServer allows remote attackers to cause a denial of service via a malformed "EXPN *@" command. NVD-CWE-Other
CVE-1999-1200 2017-12-19 11:29 1998-07-20 Show GitHub Exploit DB Packet Storm