Export limit exceeded: 362976 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 19658 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (24926 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2000-0485 1 Microsoft 1 Sql Server 2026-04-16 N/A
Microsoft SQL Server allows local users to obtain database passwords via the Data Transformation Service (DTS) package Properties dialog, aka the "DTS Password" vulnerability.
CVE-2000-0325 1 Microsoft 1 Jet 2026-04-16 N/A
The Microsoft Jet database engine allows an attacker to execute commands via a database query, aka the "VBA Shell" vulnerability.
CVE-2006-4495 1 Microsoft 2 Ie, Windows 2003 Server 2026-04-16 N/A
Microsoft Internet Explorer allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code by instantiating certain Windows 2000 ActiveX COM Objects including (1) ciodm.dll, (2) myinfo.dll, (3) msdxm.ocx, and (4) creator.dll.
CVE-2005-0918 2 Adobe, Microsoft 2 Svg Viewer, Internet Explorer 2026-04-16 N/A
The NPSVG3.dll ActiveX control for Adobe SVG Viewer 3.02 and earlier, when running on Internet Explorer, allows remote attackers to determine the existence of arbitrary files by setting the src property to the target filename and using Javascript to determine if the web page immediately stops loading, which indicates whether the file exists or not.
CVE-2000-0323 1 Microsoft 1 Jet 2026-04-16 N/A
The Microsoft Jet database engine allows an attacker to modify text files via a database query, aka the "Text I-ISAM" vulnerability.
CVE-2006-3944 1 Microsoft 1 Ie 2026-04-16 N/A
Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) via a (1) Forms.ListBox.1 or (2) Forms.ListBox.1 object with the ListWidth property set to (a) 0x7fffffff, which triggers an integer overflow exception, or to (b) 0x7ffffffe, which triggers a null dereference.
CVE-2000-0197 1 Microsoft 1 Windows Nt 2026-04-16 N/A
The Windows NT scheduler uses the drive mapping of the interactive user who is currently logged onto the system, which allows the local user to gain privileges by providing a Trojan horse batch file in place of the original batch file.
CVE-2000-0167 1 Microsoft 1 Internet Information Server 2026-04-16 N/A
IIS Inetinfo.exe allows local users to cause a denial of service by creating a mail file with a long name and a .txt.eml extension in the pickup directory.
CVE-2005-0944 1 Microsoft 1 Jet 2026-04-16 N/A
Unknown vulnerability in Microsoft Jet DB engine (msjet40.dll) 4.00.8618.0, related to insufficient data validation, allows remote attackers to execute arbitrary code via a crafted mdb file.
CVE-2006-3449 1 Microsoft 1 Powerpoint 2026-04-16 N/A
Unspecified vulnerability in Microsoft PowerPoint 2000 through 2003, possibly a buffer overflow, allows user-assisted remote attackers to execute arbitrary commands via a malformed record in the BIFF file format used in a PPT file, a different issue than CVE-2006-1540, aka "Microsoft PowerPoint Malformed Record Vulnerability."
CVE-2005-0852 1 Microsoft 1 Windows Xp 2026-04-16 N/A
Microsoft Windows XP SP1 allows local users to cause a denial of service (system crash) via an empty datagram to a raw IP over IP socket (IP protocol 4), as originally demonstrated using code in Python 2.3.
CVE-2000-0036 1 Microsoft 2 Ie, Outlook Express 2026-04-16 N/A
Outlook Express 5 for Macintosh downloads attachments to HTML mail without prompting the user, aka the "HTML Mail Attachment" vulnerability.
CVE-1999-1581 1 Microsoft 1 Windows Nt 2026-04-16 N/A
Memory leak in Simple Network Management Protocol (SNMP) agent (snmp.exe) for Windows NT 4.0 before Service Pack 4 allows remote attackers to cause a denial of service (memory consumption) via a large number of SNMP packets with Object Identifiers (OIDs) that cannot be decoded.
CVE-1999-1473 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
When a Web site redirects the browser to another site, Internet Explorer 3.02 and 4.0 automatically resends authentication information to the second site, aka the "Page Redirect Issue."
CVE-1999-1472 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Internet Explorer 4.0 allows remote attackers to read arbitrary text and HTML files on the user's machine via a small IFRAME that uses Dynamic HTML (DHTML) to send the data to the attacker, aka the Freiburg text-viewing issue.
CVE-2006-3427 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by declaring the sourceURL attribute on an uninitialized DirectAnimation.StructuredGraphicsControl ActiveX Object, which triggers a null dereference.
CVE-2005-0563 1 Microsoft 1 Exchange Server 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Microsoft Outlook Web Access (OWA) component in Exchange Server 5.5 allows remote attackers to inject arbitrary web script or HTML via an email message with an encoded javascript: URL ("jav&#X41sc
ript:") in an IMG tag.
CVE-2005-0562 1 Microsoft 1 Msn Messenger 2026-04-16 N/A
GIF file validation error in MSN Messenger 6.2 allows remote attackers in a user's contact list to execute arbitrary code via a GIF image with an improper height and width.
CVE-2002-1769 1 Microsoft 2 Site Server, Site Server Commerce 2026-04-16 N/A
Microsoft Site Server 3.0 prior to SP4 installs a default user, LDAP_Anonymous, with a default password of LdapPassword_1, which allows remote attackers the "Log on locally" privilege.
CVE-1999-1446 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Internet Explorer 3 records a history of all URL's that are visited by a user in DAT files located in the Temporary Internet Files and History folders, which are not cleared when the user selects the "Clear History" option, and are not visible when the user browses the folders because of tailored displays.