Export limit exceeded: 363118 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 24931 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (24931 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2000-0328 1 Microsoft 1 Windows Nt 2026-04-16 N/A
Windows NT 4.0 generates predictable random TCP initial sequence numbers (ISN), which allows remote attackers to perform spoofing and session hijacking.
CVE-2000-0330 1 Microsoft 2 Windows 95, Windows 98 2026-04-16 N/A
The networking software in Windows 95 and Windows 98 allows remote attackers to execute commands via a long file name string, aka the "File Access URL" vulnerability.
CVE-2000-0415 1 Microsoft 2 Outlook, Outlook Express 2026-04-16 N/A
Buffer overflow in Outlook Express 4.x allows attackers to cause a denial of service via a mail or news message that has a .jpg or .bmp attachment with a long file name.
CVE-2000-0777 1 Microsoft 1 Money 2026-04-16 N/A
The password protection feature of Microsoft Money can store the password in plaintext, which allows attackers with physical access to the system to obtain the password, aka the "Money Password" vulnerability.
CVE-2001-0660 1 Microsoft 1 Exchange Server 2026-04-16 N/A
Outlook Web Access (OWA) in Microsoft Exchange 5.5, SP4 and earlier, allows remote attackers to identify valid user email addresses by directly accessing a back-end function that processes the global address list (GAL).
CVE-2001-0662 1 Microsoft 1 Windows Nt 2026-04-16 N/A
RPC endpoint mapper in Windows NT 4.0 allows remote attackers to cause a denial of service (loss of RPC services) via a malformed request.
CVE-2001-0663 1 Microsoft 2 Windows 2000, Windows Nt 2026-04-16 N/A
Terminal Server in Windows NT and Windows 2000 allows remote attackers to cause a denial of service via a sequence of invalid Remote Desktop Protocol (RDP) packets.
CVE-2001-0727 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Internet Explorer 6.0 allows remote attackers to execute arbitrary code by modifying the Content-Disposition and Content-Type header fields in a way that causes Internet Explorer to believe that the file is safe to open without prompting the user, aka the "File Execution Vulnerability."
CVE-1999-0349 1 Microsoft 1 Internet Information Server 2026-04-16 N/A
A buffer overflow in the FTP list (ls) command in IIS allows remote attackers to conduct a denial of service and, in some cases, execute arbitrary commands.
CVE-2000-0153 1 Microsoft 2 Frontpage, Personal Web Server 2026-04-16 N/A
FrontPage Personal Web Server (PWS) allows remote attackers to read files via a .... (dot dot) attack.
CVE-2002-0052 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Internet Explorer 6.0 and earlier does not properly handle VBScript in certain domain security checks, which allows remote attackers to read arbitrary files.
CVE-2002-0373 1 Microsoft 1 Windows Media Player 2026-04-16 N/A
The Windows Media Device Manager (WMDM) Service in Microsoft Windows Media Player 7.1 on Windows 2000 systems allows local users to obtain LocalSystem rights via a program that calls the WMDM service to connect to an invalid local storage device, aka "Privilege Elevation through Windows Media Device Manager Service".
CVE-2001-0153 1 Microsoft 2 Visual Basic, Visual Studio 2026-04-16 N/A
Buffer overflow in VB-TSQL debugger object (vbsdicli.exe) in Visual Studio 6.0 Enterprise Edition allows remote attackers to execute arbitrary commands.
CVE-2002-0721 1 Microsoft 2 Data Engine, Sql Server 2026-04-16 N/A
Microsoft SQL Server 7.0 and 2000 installs with weak permissions for extended stored procedures that are associated with helper functions, which could allow unprivileged users, and possibly remote attackers, to run stored procedures with administrator privileges via (1) xp_execresultset, (2) xp_printstatements, or (3) xp_displayparamstmt.
CVE-2006-3511 1 Microsoft 2 Internet Explorer, Windows Xp 2026-04-16 N/A
Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) by setting the fonts property of the HtmlDlgSafeHelper object, which triggers a null dereference.
CVE-2006-3648 1 Microsoft 3 Windows 2000, Windows 2003 Server, Windows Xp 2026-04-16 N/A
Unspecified vulnerability in Microsoft Windows 2000 SP4, XP SP1 and SP2, Server 2003 and 2003 SP1, allows remote attackers to execute arbitrary code via unspecified vectors involving unhandled exceptions, memory resident applications, and incorrectly "unloading chained exception."
CVE-2002-1183 1 Microsoft 3 Windows 98, Windows 98se, Windows Nt 2026-04-16 N/A
Microsoft Windows 98 and Windows NT 4.0 do not properly verify the Basic Constraints of digital certificates, allowing remote attackers to execute code, aka "New Variant of Certificate Validation Flaw Could Enable Identity Spoofing" (CAN-2002-0862).
CVE-2002-1185 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Internet Explorer 5.01 through 6.0 does not properly check certain parameters of a PNG file when opening it, which allows remote attackers to cause a denial of service (crash) by triggering a heap-based buffer overflow using invalid length codes during decompression, aka "Malformed PNG Image File Failure."
CVE-2002-1717 1 Microsoft 1 Internet Information Services 2026-04-16 N/A
Microsoft Internet Information Server (IIS) 5.1 allows remote attackers to view path information via a GET request to (1) /_vti_pvt/access.cnf, (2) /_vti_pvt/botinfs.cnf, (3) /_vti_pvt/bots.cnf, or (4) /_vti_pvt/linkinfo.cnf.
CVE-2006-1191 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Microsoft Internet Explorer 5.01 through 6 does not always correctly identify the domain that is associated with a browser window, which allows remote attackers to obtain sensitive cross-domain information and spoof sites by running script after the user has navigated to another site.