Export limit exceeded: 24924 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (24924 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-0416 | 1 Microsoft | 7 Windows 2000, Windows 2003 Server, Windows 98 and 4 more | 2026-04-16 | N/A |
| The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 allows remote attackers to execute arbitrary code via the AnimationHeaderBlock length field, which leads to a stack-based buffer overflow. | ||||
| CVE-2005-0049 | 1 Microsoft | 2 Sharepoint Portal Server, Sharepoint Team Services | 2026-04-16 | N/A |
| Windows SharePoint Services and SharePoint Team Services for Windows Server 2003 does not properly validate an HTTP redirection query, which allows remote attackers to inject arbitrary HTML and web script via a cross-site scripting (XSS) attack, or to spoof the web cache. | ||||
| CVE-2005-0452 | 1 Microsoft | 1 Asp.net | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Microsoft ASP.NET (.Net) 1.0 and 1.1 to SP1 allow remote attackers to inject arbitrary HTML or web script via Unicode representations for ASCII fullwidth characters that are converted to normal ASCII characters, including ">" and "<". | ||||
| CVE-2005-0545 | 1 Microsoft | 2 Windows 2000, Windows Xp | 2026-04-16 | N/A |
| Microsoft Windows XP Pro SP2 and Windows 2000 Server SP4 running Active Directory allow local users to bypass group policies that restrict access to hidden drives by using the browse feature in Office 10 applications such as Word or Excel, or using a flash drive. NOTE: this issue has been disputed in a followup post. | ||||
| CVE-2005-1829 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Microsoft Internet Explorer 6 SP2 allows remote attackers to cause a denial of service (infinite loop and application crash) via two embedded files that call each other. | ||||
| CVE-2005-0110 | 1 Microsoft | 1 Ie | 2026-04-16 | N/A |
| Internet Explorer 6 on Windows XP SP2 allows remote attackers to bypass the file download warning dialog and possibly trick an unknowledgeable user into executing arbitrary code via a web page with a body element containing an onclick tag, as demonstrated using the createElement function. | ||||
| CVE-2004-1043 | 1 Microsoft | 2 Internet Explorer, Windows Xp | 2026-04-16 | N/A |
| Internet Explorer 6.0 on Windows XP SP2 allows remote attackers to execute arbitrary code by using the "Related Topics" command in the Help ActiveX Control (hhctrl.ocx) to open a Help popup window containing the PCHealth tools.htm file in the local zone and injecting Javascript to be executed, as demonstrated using "writehta.txt" and the ADODB recordset, which saves a .HTA file to the local system, aka the "HTML Help ActiveX control Cross Domain Vulnerability." | ||||
| CVE-2004-0869 | 1 Microsoft | 1 Ie | 2026-04-16 | N/A |
| Internet Explorer does not prevent cookies that are sent over an insecure channel (HTTP) from also being sent over a secure channel (HTTPS/SSL) in the same domain, which could allow remote attackers to steal cookies and conduct unauthorized activities, aka "Cross Security Boundary Cookie Injection." | ||||
| CVE-2006-1193 | 1 Microsoft | 1 Exchange Server | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Microsoft Exchange Server 2000 SP1 through SP3, when running Outlook Web Access (OWA), allows user-assisted remote attackers to inject arbitrary HTML or web script via unknown vectors related to "HTML parsing." | ||||
| CVE-2001-0016 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| NTLM Security Support Provider (NTLMSSP) service does not properly check the function number in an LPC request, which could allow local users to gain administrator level access. | ||||
| CVE-2004-0569 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| The RPC Runtime Library for Microsoft Windows NT 4.0 allows remote attackers to read active memory or cause a denial of service (system crash) via a malicious message, possibly related to improper length values. | ||||
| CVE-2000-1139 | 1 Microsoft | 1 Exchange Server | 2026-04-16 | N/A |
| The installation of Microsoft Exchange 2000 before Rev. A creates a user account with a known password, which could allow attackers to gain privileges, aka the "Exchange User Account" vulnerability. | ||||
| CVE-2004-0568 | 1 Microsoft | 4 Windows 2000, Windows 2003 Server, Windows Nt and 1 more | 2026-04-16 | N/A |
| HyperTerminal application for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the length of a value that is saved in a session file, which allows remote attackers to execute arbitrary code via a malicious HyperTerminal session file (.ht), web site, or Telnet URL contained in an e-mail message, triggering a buffer overflow. | ||||
| CVE-2003-1275 | 1 Microsoft | 1 Pocket Ie | 2026-04-16 | N/A |
| Pocket Internet Explorer (PIE) 3.0 allows remote attackers to cause a denial of service (crash) via a Javascript function that uses the object.innerHTML function to recursively call that function. | ||||
| CVE-1999-1222 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| Netbt.sys in Windows NT 4.0 allows remote malicious DNS servers to cause a denial of service (crash) by returning 0.0.0.0 as the IP address for a DNS host name lookup. | ||||
| CVE-1999-1316 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| Passfilt.dll in Windows NT SP2 allows users to create a password that contains the user's name, which could make it easier for an attacker to guess. | ||||
| CVE-2003-1472 | 2 3d-ftp, Microsoft | 2 3d-ftp, All Windows | 2026-04-16 | N/A |
| Buffer overflow in 3D-FTP client 4.0 allows remote FTP servers to cause a denial of service (crash) and possibly execute arbitrary code via a long banner. | ||||
| CVE-2003-0344 | 1 Microsoft | 2 Ie, Internet Explorer | 2026-04-16 | N/A |
| Buffer overflow in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to execute arbitrary code via / (slash) characters in the Type property of an Object tag in a web page. | ||||
| CVE-2003-0821 | 1 Microsoft | 2 Word, Works | 2026-04-16 | N/A |
| Microsoft Excel 97, 2000, and 2002 allows remote attackers to execute arbitrary code via a spreadsheet with a malicious XLM (Excel 4) macro that bypasses the macro security model. | ||||
| CVE-2003-0819 | 1 Microsoft | 1 Proxy Server | 2026-04-16 | N/A |
| Buffer overflow in the H.323 filter of Microsoft Internet Security and Acceleration Server 2000 allows remote attackers to execute arbitrary code in the Microsoft Firewall Service via certain H.323 traffic, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol. | ||||