National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): PHP
  • Search Type: Search All
  • Contains Software Flaws (CVE)
There are 27,047 matching records.
Displaying matches 26981 through 27000.
Vuln ID Summary CVSS Severity
CVE-1999-1550

bigconf.conf in F5 BIG/ip 2.1.2 and earlier allows remote attackers to read arbitrary files by specifying the target file in the "file" parameter.

Published: November 08, 1999; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-1999-1571

Buffer overflow in sar for SCO OpenServer 5.0.0 through 5.0.5 may allow local users to gain root privileges via a long -f parameter, a different vulnerability than CVE-1999-1570.

Published: November 04, 1999; 12:00:00 AM -05:00
    V2: 7.2 HIGH
CVE-1999-1531

Buffer overflow in IBM HomePagePrint 1.0.7 for Windows98J allows a malicious Web site to execute arbitrary code on a viewer's system via a long IMG_SRC HTML tag.

Published: November 02, 1999; 12:00:00 AM -05:00
    V2: 7.5 HIGH
CVE-1999-1047

When BSDI patches for Gauntlet 5.0 BSDI are installed in a particular order, Gauntlet allows remote attackers to bypass firewall access restrictions, and does not log the activities.

Published: October 18, 1999; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-1999-1351

Directory traversal vulnerability in KVIrc IRC client 0.9.0 with the "Listen to !nick <soundname> requests" option enabled allows remote attackers to read arbitrary files via a .. (dot dot) in a DCC GET request.

Published: September 24, 1999; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM
CVE-1999-1356

Compaq Integration Maintenance Utility as used in Compaq Insight Manager agent before SmartStart 4.50 modifies the legal notice caption (LegalNoticeCaption) and text (LegalNoticeText) in Windows NT, which could produce a legal notice that is in violation of the security policy.

Published: September 02, 1999; 12:00:00 AM -04:00
    V2: 4.6 MEDIUM
CVE-1999-1337

FTP client in Midnight Commander (mc) before 4.5.11 stores usernames and passwords for visited sites in plaintext in the world-readable history file, which allows other local users to gain privileges.

Published: August 01, 1999; 12:00:00 AM -04:00
    V2: 4.6 MEDIUM
CVE-2000-0323

The Microsoft Jet database engine allows an attacker to modify text files via a database query, aka the "Text I-ISAM" vulnerability.

Published: July 28, 1999; 12:00:00 AM -04:00
    V2: 7.6 HIGH
CVE-1999-1028

Symantec pcAnywhere 8.0 allows remote attackers to cause a denial of service (CPU utilization) via a large amount of data to port 5631.

Published: May 28, 1999; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM
CVE-1999-0801

BMC Patrol allows remote attackers to gain access to an agent by spoofing frames.

Published: April 09, 1999; 12:00:00 AM -04:00
    V2: 10.0 HIGH
CVE-1999-0921

BMC Patrol allows any remote attacker to flood its UDP port, causing a denial of service.

Published: April 01, 1999; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-1999-1397

Index Server 2.0 on IIS 4.0 stores physical path information in the ContentIndex\Catalogs subkey of the AllowedPaths registry key, whose permissions allows local and remote users to obtain the physical paths of directories that are being indexed.

Published: March 23, 1999; 12:00:00 AM -05:00
    V2: 7.5 HIGH
CVE-1999-1203

Multilink PPP for ISDN dialup users in Ascend before 4.6 allows remote attackers to cause a denial of service via a spoofed endpoint identifier.

Published: February 12, 1999; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-1999-0395

A race condition in the BackWeb Polite Agent Protocol allows an attacker to spoof a BackWeb server.

Published: January 01, 1999; 12:00:00 AM -05:00
    V2: 5.1 MEDIUM
CVE-1999-0661

A system is running a version of software that was replaced with a Trojan Horse at one of its distribution points, such as (1) TCP Wrappers 7.6, (2) util-linux 2.9g, (3) wuarchive ftpd (wuftpd) 2.2 and 2.1f, (4) IRC client (ircII) ircII 2.2.9, (5) OpenSSH 3.4p1, or (6) Sendmail 8.12.6.

Published: January 01, 1999; 12:00:00 AM -05:00
    V2: 10.0 HIGH
CVE-1999-1411

The installation of the fsp package 2.71-10 in Debian GNU/Linux 2.0 adds the anonymous FTP user without notifying the administrator, which could automatically enable anonymous FTP on some servers such as wu-ftp.

Published: November 26, 1998; 12:00:00 AM -05:00
    V2: 7.5 HIGH
CVE-1999-1459

BMC PATROL Agent before 3.2.07 allows local users to gain root privileges via a symlink attack on a temporary file.

Published: November 02, 1998; 12:00:00 AM -05:00
    V2: 7.2 HIGH
CVE-1999-1181

Vulnerability in On-Line Customer Registration software for IRIX 6.2 through 6.4 allows local users to gain root privileges.

Published: September 29, 1998; 12:00:00 AM -04:00
    V2: 7.2 HIGH
CVE-1999-1292

Buffer overflow in web administration feature of Kolban Webcam32 4.8.3 and earlier allows remote attackers to execute arbitrary commands via a long URL.

Published: September 01, 1998; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-1999-1558

Vulnerability in loginout in Digital OpenVMS 7.1 and earlier allows unauthorized access when external authentication is enabled.

Published: July 16, 1998; 12:00:00 AM -04:00
    V2: 7.5 HIGH