Home / Early Warning / Vulnerabilities
Subscribe to INCIBE-CERT - Vulnerabilities RSS

Vulnerabilities

With the aim of informing, warning and helping professionals with the latest security vulnerabilities in technology systems, we have made a database available for users interested in this information, which is in Spanish and includes all of the latest documented and recognised vulnerabilities.

This repository, with over 75,000 registers, is based on the information from the NVD (http://nvd.nist.gov/) (National Vulnerability Database) – by virtue of a partnership agreement – through which INCIBE translates the included information into Spanish.

On occasions this list will show vulnerabilities that have still not been translated, as they are added while the INCIBE team is still carrying out the translation process. The CVE (Common Vulnerabilities and Exposures) Standard for Information Security Vulnerability Names is used (http://cve.mitre.org/) with the aim to support the exchange of information between different tools and databases.

All vulnerabilities collected are linked to different information sources, as well as available patches or solutions provided by manufacturers and developers. It is possible to carry out advanced searches, as there is the option to select different criteria to narrow down the results, some examples being vulnerability types, manufacturers and impact levels, among others. Through RSS feeds (https://www.incibe-cert.es/feed/vulnerabilities) or Newsletters (https://www.incibe-cert.es/en/subscriptions) we can be informed daily about the latest vulnerabilities added to the repository. Below there is a list, updated daily, where you can discover the latest vulnerabilities.

CVE-1999-1304

Severity: 
High
Publication date: 
11/30/1994
Last modified: 
03/07/2011
Description:  
Vulnerability in login in SCO UNIX 4.2 and earlier allows local users to gain root access.

CVE-1999-1305

Severity: 
High
Publication date: 
11/30/1994
Last modified: 
03/07/2011
Description:  
Vulnerability in "at" program in SCO UNIX 4.2 and earlier allows local users to gain root access.

CVE-1999-1248

Severity: 
Medium
Publication date: 
11/30/1994
Last modified: 
12/18/2017
Description:  
Vulnerability in Support Watch (aka SupportWatch) in HP-UX 8.0 through 9.0 allows local users to gain privileges.

CVE-1999-1310

Severity: 
None
Publication date: 
11/04/1994
Last modified: 
09/10/2008
Description:  
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-1022. Reason: This candidate is a duplicate of CVE-1999-1022. Notes: All CVE users should reference CVE-1999-1022 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.

CVE-1999-1022

Severity: 
Medium
Publication date: 
10/02/1994
Last modified: 
12/18/2017
Description:  
serial_ports administrative program in IRIX 4.x and 5.x trusts the user's PATH environmental variable to find and execute the ls program, which allows local users to gain root privileges via a Trojan horse ls program.

CVE-1999-1238

Severity: 
Medium
Publication date: 
09/21/1994
Last modified: 
12/18/2017
Description:  
Vulnerability in CORE-DIAG fileset in HP message catalog in HP-UX 9.05 and earlier allows local users to gain privileges.

CVE-1999-1219

Severity: 
High
Publication date: 
08/11/1994
Last modified: 
05/02/2018
Description:  
Vulnerability in sgihelp in the SGI help system and print manager in IRIX 5.2 and earlier allows local users to gain root privileges, possibly through the clogin command.

CVE-1999-1494

Severity: 
Low
Publication date: 
08/09/1994
Last modified: 
10/09/2017
Description:  
colorview in Silicon Graphics IRIX 5.1, 5.2, and 6.0 allows local attackers to read arbitrary files via the -text argument.

CVE-1999-1552

Severity: 
High
Publication date: 
07/20/1994
Last modified: 
09/10/2008
Description:  
dpsexec (DPS Server) when running under XDM in IBM AIX 3.2.5 and earlier does not properly check privileges, which allows local users to overwrite arbitrary files and gain privileges.

CVE-1999-1239

Severity: 
Medium
Publication date: 
07/13/1994
Last modified: 
12/18/2017
Description:  
HP-UX 9.x does not properly enable the Xauthority mechanism in certain conditions, which could allow local users to access the X display even when they have not explicitly been authorized to do so.

Pages