Export limit exceeded: 363086 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 24931 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (24931 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2000-0305 2 Be, Microsoft 6 Beos, Terminal Server, Windows 2000 and 3 more 2026-04-16 N/A
Windows 95, Windows 98, Windows 2000, Windows NT 4.0, and Terminal Server systems allow a remote attacker to cause a denial of service by sending a large number of identical fragmented IP packets, aka jolt2 or the "IP Fragment Reassembly" vulnerability.
CVE-1999-0469 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Internet Explorer 5.0 allows window spoofing, allowing a remote attacker to spoof a legitimate web site and capture information from the client.
CVE-1999-1316 1 Microsoft 1 Windows Nt 2026-04-16 N/A
Passfilt.dll in Windows NT SP2 allows users to create a password that contains the user's name, which could make it easier for an attacker to guess.
CVE-1999-0233 1 Microsoft 1 Internet Information Services 2026-04-16 N/A
IIS 1.0 allows users to execute arbitrary commands using .bat or .cmd files.
CVE-2004-1361 1 Microsoft 4 Windows 2000, Windows 2003 Server, Windows Nt and 1 more 2026-04-16 N/A
Integer underflow in winhlp32.exe in Windows NT, Windows 2000 through SP4, Windows XP through SP2, and Windows 2003 allows remote attackers to execute arbitrary code via a malformed .hlp file, which leads to a heap-based buffer overflow.
CVE-1999-1538 1 Microsoft 1 Internet Information Server 2026-04-16 N/A
When IIS 2 or 3 is upgraded to IIS 4, ism.dll is inadvertently left in /scripts/iisadmin, which does not restrict access to the local machine and allows an unauthorized user to gain access to sensitive server information, including the Administrator's password.
CVE-2004-1043 1 Microsoft 2 Internet Explorer, Windows Xp 2026-04-16 N/A
Internet Explorer 6.0 on Windows XP SP2 allows remote attackers to execute arbitrary code by using the "Related Topics" command in the Help ActiveX Control (hhctrl.ocx) to open a Help popup window containing the PCHealth tools.htm file in the local zone and injecting Javascript to be executed, as demonstrated using "writehta.txt" and the ADODB recordset, which saves a .HTA file to the local system, aka the "HTML Help ActiveX control Cross Domain Vulnerability."
CVE-2002-2105 1 Microsoft 1 Windows Xp 2026-04-16 N/A
Microsoft Windows XP allows local users to prevent the system from booting via a corrupt explorer.exe.manifest file.
CVE-2000-0073 1 Microsoft 3 Windows 2000, Windows 98, Windows Nt 2026-04-16 N/A
Buffer overflow in Microsoft Rich Text Format (RTF) reader allows attackers to cause a denial of service via a malformed control word.
CVE-2000-0081 1 Microsoft 1 Hotmail 2026-04-16 N/A
Hotmail does not properly filter JavaScript code from a user's mailbox, which allows a remote attacker to execute the code by using hexadecimal codes to specify the javascript: protocol, e.g. jAvascript.
CVE-2001-0149 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Windows Scripting Host in Internet Explorer 5.5 and earlier allows remote attackers to read arbitrary files via the GetObject Javascript function and the htmlfile ActiveX object.
CVE-2006-4888 1 Microsoft 1 Ie 2026-04-16 N/A
Microsoft Internet Explorer 6 and earlier allows remote attackers to cause a denial of service (application hang) via a CSS-formatted HTML INPUT element within a DIV element that has a larger size than the INPUT.
CVE-2005-4697 1 Microsoft 1 Windows Xp 2026-04-16 N/A
The Microsoft Wireless Zero Configuration system (WZCS) allows local users to access WEP keys and pair-wise Master Keys (PMK) of the WPA pre-shared key via certain calls to the WZCQueryInterface API function in wzcsapi.dll.
CVE-2003-0344 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Buffer overflow in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to execute arbitrary code via / (slash) characters in the Type property of an Object tag in a web page.
CVE-2004-0200 1 Microsoft 24 .net Framework, Digital Image Pro, Digital Image Suite and 21 more 2026-04-16 N/A
Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation.
CVE-2004-2219 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Microsoft Internet Explorer 6 allows remote attackers to spoof the address bar to facilitate phishing attacks via Javascript that uses an invalid URI, modifies the Location field, then uses history.back to navigate to the previous domain, aka NullyFake.
CVE-2003-0114 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
The file upload control in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to automatically upload files from the local system via a web page containing a script to upload the files.
CVE-2005-0555 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Buffer overflow in the Content Advisor in Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via a crafted Content Advisor file, aka "Content Advisor Memory Corruption Vulnerability."
CVE-2005-0554 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Buffer overflow in the URL processor of Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a URL with a long hostname, aka "URL Parsing Memory Corruption Vulnerability."
CVE-2005-0551 1 Microsoft 3 Windows 2000, Windows 2003 Server, Windows Xp 2026-04-16 N/A
Stack-based buffer overflow in WINSRV.DLL in the Client Server Runtime System (CSRSS) process of Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to gain privileges via a specially-designed application that provides console window information with a long FaceName value.