Export limit exceeded: 351443 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 18287 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (18287 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2001-0242 | 1 Microsoft | 1 Windows Media Player | 2026-04-16 | N/A |
| Buffer overflows in Microsoft Windows Media Player 7 and earlier allow remote attackers to execute arbitrary commands via (1) a long version tag in an .ASX file, or (2) a long banner tag, a variant of the ".ASX Buffer Overrun" vulnerability as discussed in MS:MS00-090. | ||||
| CVE-1999-1132 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| Windows NT 4.0 allows remote attackers to cause a denial of service (crash) via extra source routing data such as (1) a Routing Information Field (RIF) field with a hop count greater than 7, or (2) a list containing duplicate Token Ring IDs. | ||||
| CVE-1999-0074 | 4 Freebsd, Linux, Microsoft and 1 more | 4 Freebsd, Linux Kernel, Windows Nt and 1 more | 2026-04-16 | N/A |
| Listening TCP ports are sequentially allocated, allowing spoofing attacks. | ||||
| CVE-2002-0863 | 1 Microsoft | 5 .net Windows Server, Windows 2000, Windows 2000 Terminal Services and 2 more | 2026-04-16 | N/A |
| Remote Data Protocol (RDP) version 5.0 in Microsoft Windows 2000 and RDP 5.1 in Windows XP does not encrypt the checksums of plaintext session data, which could allow a remote attacker to determine the contents of encrypted sessions via sniffing, aka "Weak Encryption in RDP Protocol." | ||||
| CVE-2004-0211 | 1 Microsoft | 1 Windows 2003 Server | 2026-04-16 | N/A |
| The kernel for Microsoft Windows Server 2003 does not reset certain values in CPU data structures, which allows local users to cause a denial of service (system crash) via a malicious program. | ||||
| CVE-2001-0241 | 1 Microsoft | 1 Windows 2000 | 2026-04-16 | N/A |
| Buffer overflow in Internet Printing ISAPI extension in Windows 2000 allows remote attackers to gain root privileges via a long print request that is passed to the extension through IIS 5.0. | ||||
| CVE-1999-0015 | 4 Hp, Microsoft, Netbsd and 1 more | 5 Hp-ux, Windows 95, Windows Nt and 2 more | 2026-04-16 | N/A |
| Teardrop IP denial of service. | ||||
| CVE-1999-0576 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| A Windows NT system's file audit policy does not log an event success or failure for security-critical files or directories. | ||||
| CVE-2004-0209 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2026-04-16 | N/A |
| Unknown vulnerability in the Graphics Rendering Engine processes of Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code via (1) Windows Metafile (WMF) or (2) Enhanced Metafile (EMF) image formats that involve "an unchecked buffer." | ||||
| CVE-1999-0357 | 1 Microsoft | 1 Windows 98 | 2026-04-16 | N/A |
| Windows 98 and other operating systems allows remote attackers to cause a denial of service via crafted "oshare" packets, possibly involving invalid fragmentation offsets. | ||||
| CVE-1999-0499 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2026-04-16 | N/A |
| NETBIOS share information may be published through SNMP registry keys in NT. | ||||
| CVE-2004-1305 | 2 Microsoft, Nortel | 19 Windows 2000, Windows 2003 Server, Windows 98 and 16 more | 2026-04-16 | N/A |
| The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 allow remote attackers to cause a denial of service via (1) the frame number set to zero, which causes an invalid memory address to be used and leads to a kernel crash, or (2) the rate number set to zero, which leads to resource exhaustion and hang. | ||||
| CVE-2004-0208 | 1 Microsoft | 4 Windows 2000, Windows 2003 Server, Windows Nt and 1 more | 2026-04-16 | N/A |
| The Virtual DOS Machine (VDM) subsystem of Microsoft Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to access kernel memory and gain privileges via a malicious program that modified some system structures in a way that is not properly validated by privileged operating system functions. | ||||
| CVE-2006-3209 | 1 Microsoft | 1 Windows Xp | 2026-04-16 | N/A |
| The Task scheduler (at.exe) on Microsoft Windows XP spawns each scheduled process with SYSTEM permissions, which allows local users to gain privileges. NOTE: this issue has been disputed by third parties, who state that the Task scheduler is limited to the Administrators group by default upon installation | ||||
| CVE-2000-0495 | 1 Microsoft | 1 Windows Media Services | 2026-04-16 | N/A |
| Microsoft Windows Media Encoder allows remote attackers to cause a denial of service via a malformed request, aka the "Malformed Windows Media Encoder Request" vulnerability. | ||||
| CVE-2001-0237 | 1 Microsoft | 1 Windows 2000 | 2026-04-16 | N/A |
| Memory leak in Microsoft 2000 domain controller allows remote attackers to cause a denial of service by repeatedly connecting to the Kerberos service and then disconnecting without sending any data. | ||||
| CVE-2001-0046 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2026-04-16 | N/A |
| The default permissions for the SNMP Parameters registry key in Windows NT 4.0 allows remote attackers to read and possibly modify the SNMP community strings to obtain sensitive information or modify network configuration, aka one of the "Registry Permissions" vulnerabilities. | ||||
| CVE-2004-0214 | 1 Microsoft | 5 Internet Explorer, Windows 2000, Windows 98 and 2 more | 2026-04-16 | N/A |
| Buffer overflow in Microsoft Internet Explorer and Explorer on Windows XP SP1, WIndows 2000, Windows 98, and Windows Me may allow remote malicious servers to cause a denial of service (application crash) and possibly execute arbitrary code via long share names, as demonstrated using Samba. | ||||
| CVE-1999-1127 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | 7.5 High |
| Windows NT 4.0 does not properly shut down invalid named pipe RPC connections, which allows remote attackers to cause a denial of service (resource exhaustion) via a series of connections containing malformed data, aka the "Named Pipes Over RPC" vulnerability. | ||||
| CVE-2001-0006 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | 7.1 High |
| The Winsock2ProtocolCatalogMutex mutex in Windows NT 4.0 has inappropriate Everyone/Full Control permissions, which allows local users to modify the permissions to "No Access" and disable Winsock network connectivity to cause a denial of service, aka the "Winsock Mutex" vulnerability. | ||||