Search Results (24931 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-0717 3 Linux, Microsoft, Opera 3 Linux Kernel, Windows, Opera Browser 2026-04-16 N/A
Opera 7.51 for Windows and 7.50 for Linux does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability.
CVE-2003-0906 1 Microsoft 3 Windows 2000, Windows Nt, Windows Xp 2026-04-16 N/A
Buffer overflow in the rendering for (1) Windows Metafile (WMF) or (2) Enhanced Metafile (EMF) image formats in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, and XP SP1 allows remote attackers to execute arbitrary code via a malformed WMF or EMF image.
CVE-2002-0370 5 Allume Systems Division, Ibm, Microsoft and 2 more 7 Stuffit Expander, Lotus Notes, Windows 98 Plus Pack and 4 more 2026-04-16 N/A
Buffer overflow in the ZIP capability for multiple products allows remote attackers to cause a denial of service or execute arbitrary code via ZIP files containing entries with long filenames, including (1) Microsoft Windows 98 with Plus! Pack, (2) Windows XP, (3) Windows ME, (4) Lotus Notes R4 through R6 (pre-gold), (5) Verity KeyView, and (6) Stuffit Expander before 7.0.
CVE-2000-0070 1 Microsoft 1 Windows Nt 2026-04-16 N/A
NtImpersonateClientOfPort local procedure call in Windows NT 4.0 allows local users to gain privileges, aka "Spoofed LPC Port Request."
CVE-2006-3449 1 Microsoft 1 Powerpoint 2026-04-16 N/A
Unspecified vulnerability in Microsoft PowerPoint 2000 through 2003, possibly a buffer overflow, allows user-assisted remote attackers to execute arbitrary commands via a malformed record in the BIFF file format used in a PPT file, a different issue than CVE-2006-1540, aka "Microsoft PowerPoint Malformed Record Vulnerability."
CVE-2005-1979 1 Microsoft 3 Windows 2000, Windows 2003 Server, Windows Xp 2026-04-16 N/A
Distributed Transaction Controller in Microsoft Windows allows remote servers to cause a denial of service (MSDTC service exception and exit) via an "unexpected protocol command during the reconnection request," which is not properly handled by the Transaction Internet Protocol (TIP) functionality.
CVE-2002-0726 1 Microsoft 1 Tsac Activex Control 2026-04-16 N/A
Buffer overflow in Microsoft Terminal Services Advanced Client (TSAC) ActiveX control allows remote attackers to execute arbitrary code via a long server name field.
CVE-2005-3644 1 Microsoft 2 Windows 2000, Windows Xp 2026-04-16 N/A
PNP_GetDeviceList (upnp_getdevicelist) in UPnP for Microsoft Windows 2000 SP4 and earlier, and possibly Windows XP SP1 and earlier, allows remote attackers to cause a denial of service (memory consumption) via a DCE RPC request that specifies a large output buffer size, a variant of CVE-2006-6296, and a different vulnerability than CVE-2005-2120.
CVE-2003-1305 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Microsoft Internet Explorer allows remote attackers to cause a denial of service (resource consumption) via a Javascript src attribute that recursively loads the current web page.
CVE-2000-0404 1 Microsoft 5 Terminal Server, Windows 2000, Windows 95 and 2 more 2026-04-16 N/A
The CIFS Computer Browser service allows remote attackers to cause a denial of service by sending a ResetBrowser frame to the Master Browser, aka the "ResetBrowser Frame" vulnerability.
CVE-2001-0344 1 Microsoft 1 Sql Server 2026-04-16 N/A
An SQL query method in Microsoft SQL Server 2000 Gold and 7.0 using Mixed Mode allows local database users to gain privileges by reusing a cached connection of the sa administrator account.
CVE-2003-1306 1 Microsoft 1 Urlscan 2026-04-16 N/A
Microsoft URLScan 2.5, with the RemoveServerHeader option enabled, allows remote attackers to obtain sensitive information (server name and version) via an HTTP request that generates certain errors such as 400 "Bad Request," which leak the Server header in the response.
CVE-2003-1326 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Microsoft Internet Explorer 5.5 and 6.0 allows remote attackers to bypass the cross-domain security model to run malicious script or arbitrary programs via dialog boxes, aka "Improper Cross Domain Security Validation with dialog box."
CVE-2003-0817 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Internet Explorer 5.01 through 6 SP1 allows remote attackers to bypass zone restrictions and read arbitrary files via an XML object.
CVE-2003-0809 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Internet Explorer 5.01 through 6.0 does not properly handle object tags returned from a Web server during XML data binding, which allows remote attackers to execute arbitrary code via an HTML e-mail message or web page.
CVE-2002-0500 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Internet Explorer 5.0 through 6.0 allows remote attackers to determine the existence of files on the client via an IMG tag with a dynsrc property that references the target file, which sets certain elements of the image object such as file size.
CVE-2003-0666 1 Microsoft 1 Wordperfect Converter 2026-04-16 N/A
Buffer overflow in Microsoft Wordperfect Converter allows remote attackers to execute arbitrary code via modified data offset and data size parameters in a Corel WordPerfect file.
CVE-2003-0531 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Internet Explorer 5.01 SP3 through 6.0 SP1 allows remote attackers to access and execute script in the My Computer domain using the browser cache via crafted Content-Type and Content-Disposition headers, aka the "Browser Cache Script Execution in My Computer Zone" vulnerability.
CVE-2000-0329 1 Microsoft 4 Ie, Internet Explorer, Outlook and 1 more 2026-04-16 N/A
A Microsoft ActiveX control allows a remote attacker to execute a malicious cabinet file via an attachment and an embedded script in an HTML mail, aka the "Active Setup Control" vulnerability.
CVE-2003-1357 2 Microsoft, Replicom 2 Windows Nt, Proxyview 2026-04-16 N/A
ProxyView has a default administrator password of Administrator for Embedded Windows NT, which allows remote attackers to gain access.