Vulnerabilities

With the aim of informing, warning and helping professionals with the latest security vulnerabilities in technology systems, we have made a database available for users interested in this information, which is in Spanish and includes all of the latest documented and recognised vulnerabilities.

This repository, with over 75,000 registers, is based on the information from the NVD (National Vulnerability Database) – by virtue of a partnership agreement – through which INCIBE translates the included information into Spanish.

On occasions this list will show vulnerabilities that have still not been translated, as they are added while the INCIBE team is still carrying out the translation process. The CVE (Common Vulnerabilities and Exposures) Standard for Information Security Vulnerability Names is used with the aim to support the exchange of information between different tools and databases.

All vulnerabilities collected are linked to different information sources, as well as available patches or solutions provided by manufacturers and developers. It is possible to carry out advanced searches, as there is the option to select different criteria to narrow down the results, some examples being vulnerability types, manufacturers and impact levels, among others.

Through RSS feeds or Newsletters we can be informed daily about the latest vulnerabilities added to the repository. Below there is a list, updated daily, where you can discover the latest vulnerabilities.

CVE-1999-0675

Publication date:

09/08/1999

Check Point FireWall-1 can be subjected to a denial of service via UDP packets that are sent through VPN-1 to port 0 of a host.

Severity CVSS v4.0: Pending analysis

Last modification:

03/04/2025

CVE-1999-0674

Publication date:

09/08/1999

The BSD profil system call allows a local user to modify the internal data space of a program via profiling and execve.

Severity CVSS v4.0: Pending analysis

Last modification:

03/04/2025

CVE-1999-0676

Publication date:

09/08/1999

sdtcm_convert in Solaris 2.6 allows a local user to overwrite sensitive files via a symlink attack.

Severity CVSS v4.0: Pending analysis

Last modification:

03/04/2025

CVE-1999-0680

Publication date:

09/08/1999

Windows NT Terminal Server performs extra work when a client opens a new connection but before it is authenticated, allowing for a denial of service.

Severity CVSS v4.0: Pending analysis

Last modification:

03/04/2025

CVE-1999-0673

Publication date:

08/08/1999

Buffer overflow in ALMail32 POP3 client via From: or To: headers.

Severity CVSS v4.0: Pending analysis

Last modification:

03/04/2025

CVE-1999-0722

Publication date:

08/08/1999

The default configuration of Cobalt RaQ2 servers allows remote users to install arbitrary software packages.

Severity CVSS v4.0: Pending analysis

Last modification:

03/04/2025

CVE-1999-1524

Publication date:

07/08/1999

FlowPoint DSL router firmware versions prior to 3.0.8 allows a remote attacker to exploit a password recovery feature from the network and conduct brute force password guessing, instead of limiting the feature to the serial console port.

Severity CVSS v4.0: Pending analysis

Last modification:

03/04/2025

CVE-1999-0727

Publication date:

06/08/1999

A kernel leak in the OpenBSD kernel allows IPsec packets to be sent unencrypted.

Severity CVSS v4.0: Pending analysis

Last modification:

03/04/2025

CVE-1999-0682

Publication date:

06/08/1999

Microsoft Exchange 5.5 allows a remote attacker to relay email (i.e. spam) using encapsulated SMTP addresses, even if the anti-relaying features are enabled.

Severity CVSS v4.0: Pending analysis

Last modification:

03/04/2025