Export limit exceeded: 24926 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 24926 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (24926 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-0208 1 Microsoft 4 Windows 2000, Windows 2003 Server, Windows Nt and 1 more 2026-04-16 N/A
The Virtual DOS Machine (VDM) subsystem of Microsoft Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to access kernel memory and gain privileges via a malicious program that modified some system structures in a way that is not properly validated by privileged operating system functions.
CVE-2004-0206 1 Microsoft 5 Windows 2000, Windows 2003 Server, Windows 98 and 2 more 2026-04-16 N/A
Network Dynamic Data Exchange (NetDDE) services for Microsoft Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows attackers to remotely execute arbitrary code or locally gain privileges via a malicious message or application that involves an "unchecked buffer," possibly a buffer overflow.
CVE-2002-0391 5 Freebsd, Microsoft, Openbsd and 2 more 9 Freebsd, Windows 2000, Windows Nt and 6 more 2026-04-16 9.8 Critical
Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdr_array through RPC services such as rpc.cmsd and dmispd.
CVE-2006-3431 1 Microsoft 1 Excel 2026-04-16 N/A
Buffer overflow in certain Asian language versions of Microsoft Excel might allow user-assisted attackers to execute arbitrary code via a crafted STYLE record in a spreadsheet that triggers the overflow when the user attempts to repair the document or selects the "Style" option, as demonstrated by nanika.xls. NOTE: Microsoft has confirmed to CVE via e-mail that this is different than the other Excel vulnerabilities announced before 20060707, including CVE-2006-3059 and CVE-2006-3086.
CVE-2000-0503 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
The IFRAME of the WebBrowser control in Internet Explorer 5.01 allows a remote attacker to violate the cross frame security policy via the NavigateComplete2 event.
CVE-2003-0719 1 Microsoft 7 Netmeeting, Windows 2000, Windows 2003 Server and 4 more 2026-04-16 N/A
Buffer overflow in the Private Communications Transport (PCT) protocol implementation in the Microsoft SSL library, as used in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via PCT 1.0 handshake packets.
CVE-2000-0475 1 Microsoft 1 Windows 2000 2026-04-16 N/A
Windows 2000 allows a local user process to access another user's desktop within the same windows station, aka the "Desktop Separation" vulnerability.
CVE-2003-0715 1 Microsoft 4 Windows 2000, Windows 2003 Server, Windows Nt and 1 more 2026-04-16 N/A
Heap-based buffer overflow in the Distributed Component Object Model (DCOM) interface in the RPCSS Service allows remote attackers to execute arbitrary code via a malformed DCERPC DCOM object activation request packet with modified length fields, a different vulnerability than CVE-2003-0352 (Blaster/Nachi) and CVE-2003-0528.
CVE-2000-0311 1 Microsoft 1 Windows 2000 2026-04-16 N/A
The Windows 2000 domain controller allows a malicious user to modify Active Directory information by modifying an unprotected attribute, aka the "Mixed Object Access" vulnerability.
CVE-1999-0496 1 Microsoft 1 Windows Nt 2026-04-16 N/A
A Windows NT 4.0 user can gain administrative rights by forcing NtOpenProcessToken to succeed regardless of the user's permissions, aka GetAdmin.
CVE-2000-0266 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Internet Explorer 5.01 allows remote attackers to bypass the cross frame security policy via a malicious applet that interacts with the Java JSObject to modify the DOM properties to set the IFRAME to an arbitrary Javascript URL.
CVE-2005-4868 2 Ibm, Microsoft 2 Db2 Universal Database, Windows 2026-04-16 7.1 High
Shared memory sections and events in IBM DB2 8.1 have default permissions of read and write for the Everyone group, which allows local users to gain unauthorized access, gain sensitive information, such as cleartext passwords, and cause a denial of service.
CVE-2003-0604 1 Microsoft 1 Windows Media Player 2026-04-16 N/A
Windows Media Player (WMP) 7 and 8, as running on Internet Explorer and possibly other Microsoft products that process HTML, allows remote attackers to bypass zone restrictions and access or execute arbitrary files via an IFRAME tag pointing to an ASF file whose Content-location contains a File:// URL.
CVE-2000-0216 1 Microsoft 3 Exchange Server, Outlook, Windows Messaging 2026-04-16 N/A
Microsoft email clients in Outlook, Exchange, and Windows Messaging automatically respond to Read Receipt and Delivery Receipt tags, which could allow an attacker to flood a mail system with responses by forging a Read Receipt request that is redirected to a large distribution list.
CVE-2006-3591 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (application crash) by accessing the URL property of a TriEditDocument.TriEditDocument object before it has been initialized, which triggers a NULL pointer dereference.
CVE-2002-1339 1 Microsoft 1 Office Web Components 2026-04-16 N/A
The "XMLURL" property in the Spreadsheet component of Office Web Components (OWC) 10 follows redirections, which allows remote attackers to determine the existence of local files based on exceptions, or to read WorkSheet XML files.
CVE-2006-3658 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by accessing the object references of a FolderItem ActiveX object, which triggers a null dereference in the security check.
CVE-2000-0200 1 Microsoft 3 Clip Art, Greetings, Home Publishing 2026-04-16 N/A
Buffer overflow in Microsoft Clip Art Gallery allows remote attackers to cause a denial of service or execute commands via a malformed CIL (clip art library) file, aka the "Clip Art Buffer Overrun" vulnerability.
CVE-2005-2304 1 Microsoft 2 Internet Explorer, Live Messenger 2026-04-16 N/A
Microsoft MSN Messenger 9.0 and Internet Explorer 6.0 allows remote attackers to cause a denial of service (crash) via an image with an ICC Profile with a large Tag Count.
CVE-1999-0294 1 Microsoft 1 Wins 2026-04-16 N/A
All records in a WINS database can be deleted through SNMP for a denial of service.