Vulnerabilities

With the aim of informing, warning and helping professionals with the latest security vulnerabilities in technology systems, we have made a database available for users interested in this information, which is in Spanish and includes all of the latest documented and recognised vulnerabilities.

This repository, with over 75,000 registers, is based on the information from the NVD (National Vulnerability Database) – by virtue of a partnership agreement – through which INCIBE translates the included information into Spanish.

On occasions this list will show vulnerabilities that have still not been translated, as they are added while the INCIBE team is still carrying out the translation process. The CVE  (Common Vulnerabilities and Exposures) Standard for Information Security Vulnerability Names is used with the aim to support the exchange of information between different tools and databases.

All vulnerabilities collected are linked to different information sources, as well as available patches or solutions provided by manufacturers and developers. It is possible to carry out advanced searches, as there is the option to select different criteria to narrow down the results, some examples being vulnerability types, manufacturers and impact levels, among others.

Through RSS feeds or Newsletters we can be informed daily about the latest vulnerabilities added to the repository. Below there is a list, updated daily, where you can discover the latest vulnerabilities.

CVE-1999-1531

Publication date:
02/11/1999
Buffer overflow in IBM HomePagePrint 1.0.7 for Windows98J allows a malicious Web site to execute arbitrary code on a viewer's system via a long IMG_SRC HTML tag.
Severity CVSS v4.0: Pending analysis
Last modification:
03/04/2025

CVE-1999-0948

Publication date:
02/11/1999
Buffer overflow in uum program for Canna input system allows local users to gain root privileges.
Severity CVSS v4.0: Pending analysis
Last modification:
03/04/2025

CVE-1999-0949

Publication date:
02/11/1999
Buffer overflow in canuum program for Canna input system allows local users to gain root privileges.
Severity CVSS v4.0: Pending analysis
Last modification:
03/04/2025

CVE-1999-1517

Publication date:
01/11/1999
runtar in the Amanda backup system used in various UNIX operating systems executes tar with root privileges, which allows a user to overwrite or read arbitrary files by providing the target files to runtar.
Severity CVSS v4.0: Pending analysis
Last modification:
03/04/2025

CVE-1999-1077

Publication date:
01/11/1999
Idle locking function in MacOS 9 allows local attackers to bypass the password protection of idled sessions via the programmer's switch or CMD-PWR keyboard sequence, which brings up a debugger that the attacker can use to disable the lock.
Severity CVSS v4.0: Pending analysis
Last modification:
03/04/2025

CVE-1999-0854

Publication date:
01/11/1999
Ultimate Bulletin Board stores data files in the cgi-bin directory, allowing remote attackers to view the data if an error occurs when the HTTP server attempts to execute the file.
Severity CVSS v4.0: Pending analysis
Last modification:
03/04/2025

CVE-1999-0827

Publication date:
01/11/1999
By default, Internet Explorer 5.0 and other versions enables the "Navigate sub-frames across different domains" option, which allows frame spoofing.
Severity CVSS v4.0: Pending analysis
Last modification:
03/04/2025

CVE-1999-0829

Publication date:
01/11/1999
HP Secure Web Console uses weak encryption.
Severity CVSS v4.0: Pending analysis
Last modification:
03/04/2025

CVE-1999-0830

Publication date:
01/11/1999
Buffer overflow in SCO UnixWare Xsco command via a long argument.
Severity CVSS v4.0: Pending analysis
Last modification:
03/04/2025

CVE-1999-0354

Publication date:
01/11/1999
Internet Explorer 4.x or 5.x with Word 97 allows arbitrary execution of Visual Basic programs to the IE client through the Word 97 template, which doesn't warn the user that the template contains executable content. Also applies to Outlook when the client views a malicious email message.
Severity CVSS v4.0: Pending analysis
Last modification:
03/04/2025

CVE-1999-1577

Publication date:
31/10/1999
Buffer overflow in HHOpen ActiveX control (hhopen.ocx) 1.0.0.1 for Internet Explorer 4.01 and 5 allows remote attackers to execute arbitrary commands via long arguments to the OpenHelp method.
Severity CVSS v4.0: Pending analysis
Last modification:
03/04/2025

CVE-1999-0873

Publication date:
30/10/1999
Buffer overflow in Skyfull mail server via MAIL FROM command.
Severity CVSS v4.0: Pending analysis
Last modification:
03/04/2025