| | CVE-1999-0004 | HPE | medium | 5.0 | 3.4%
| | MIME buffer overflow in email clients, e.g. Solaris mailtool and Outlook. | Dec 16, 1997 | Apr 16, 2026 |
| | CVE-1999-0016 | Microsoft | medium | 5.0 | 81.0%
| | Land IP denial of service. | Dec 1, 1997 | Apr 16, 2026 |
| | CVE-1999-0967 | Microsoft | critical | 10.0 | 17.9%
| | Buffer overflow in the HTML library used by Internet Explorer, Outlook Express, and Windows Explorer… | Nov 1, 1997 | Apr 16, 2026 |
| | CVE-1999-0294 | Microsoft | medium | 5.0 | 11.4%
| | All records in a WINS database can be deleted through SNMP for a denial of service. | Oct 1, 1997 | Apr 16, 2026 |
| | CVE-1999-0191 | Microsoft | medium | 6.4 | 62.0%
| | IIS newdsn.exe CGI script allows remote users to overwrite files. | Sep 1, 1997 | Apr 16, 2026 |
| | CVE-1999-0071 | Apache | high | 7.5 | 7.3%
| | Apache httpd cookie buffer overflow for versions 1.1.1 and earlier. | Sep 1, 1997 | Apr 16, 2026 |
| | CVE-1999-1446 | Microsoft | low | 2.1 | 0.8%
| | Internet Explorer 3 records a history of all URL's that are visited by a user in DAT files located i… | Aug 5, 1997 | Apr 16, 2026 |
| | CVE-1999-0031 | Microsoft | low | 2.6 | 2.9%
| | JavaScript in Internet Explorer 3.x and 4.x, and Netscape 2.x, 3.x and 4.x, allows remote attackers … | Jul 8, 1997 | Apr 16, 2026 |
| | CVE-1999-0281 | Microsoft | medium | 5.0 | 6.9%
| | Denial of service in IIS using long URLs. | Jun 1, 1997 | Apr 16, 2026 |
| | CVE-1999-0280 | Microsoft | high | 7.5 | 2.8%
| | Remote command execution in Microsoft Internet Explorer using .lnk and .url files. | Apr 1, 1997 | Apr 16, 2026 |
| | CVE-1999-1128 | Microsoft | medium | 5.1 | 6.1%
| | Internet Explorer 3.01 on Windows 95 allows remote malicious web sites to execute arbitrary commands… | Mar 1, 1997 | Apr 16, 2026 |
| | CVE-1999-0253 | Microsoft | high | 7.5 | 3.0%
| | IIS 3.0 with the iis-fix hotfix installed allows remote intruders to read source code for ASP progra… | Jan 1, 1997 | Apr 16, 2026 |
| | CVE-1999-0519 | Microsoft | high | 7.5 | 11.5%
| | A NETBIOS/SMB share password is the default, null, or missing. | Jan 1, 1997 | Apr 16, 2026 |
| | CVE-1999-0236 | Apache | high | 7.5 | 17.6%
| | ScriptAlias directory in NCSA and Apache httpd allowed attackers to read CGI programs. | Jan 1, 1997 | Apr 16, 2026 |
| | CVE-1999-0045 | Apache | high | 7.5 | 32.8%
| | List of arbitrary files on Web host via nph-test-cgi script. | Dec 10, 1996 | Apr 16, 2026 |
| | CVE-1999-0070 | Apache | medium | 5.0 | 85.2%
| | test-cgi program allows an attacker to list files on the server. | Apr 1, 1996 | Apr 16, 2026 |
| | CVE-1999-0067 | Apache | critical | 10.0 | 90.0%
| | phf CGI program allows remote command execution through shell metacharacters. | Mar 20, 1996 | Apr 16, 2026 |
| | CVE-1999-0233 | Microsoft | critical | 10.0 | 30.8%
| | IIS 1.0 allows users to execute arbitrary commands using .bat or .cmd files. | Feb 25, 1996 | Apr 16, 2026 |