Export limit exceeded: 24910 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (24910 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-1999-1359 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| When the Ntconfig.pol file is used on a server whose name is longer than 13 characters, Windows NT does not properly enforce policies for global groups, which could allow users to bypass restrictions that were intended by those policies. | ||||
| CVE-2002-2164 | 1 Microsoft | 1 Outlook Express | 2026-04-16 | N/A |
| Buffer overflow in Microsoft Outlook Express 5.0, 5.5, and 6.0 allows remote attackers to cause a denial of service (crash) via a long <A HREF> link. | ||||
| CVE-1999-0012 | 2 Microsoft, Netscape | 5 Frontpage, Internet Information Server, Personal Web Server and 2 more | 2026-04-16 | 7 High |
| Some web servers under Microsoft Windows allow remote attackers to bypass access restrictions for files with long file names. | ||||
| CVE-1999-0015 | 4 Hp, Microsoft, Netbsd and 1 more | 5 Hp-ux, Windows 95, Windows Nt and 2 more | 2026-04-16 | N/A |
| Teardrop IP denial of service. | ||||
| CVE-1999-0140 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| Denial of service in RAS/PPTP on NT systems. | ||||
| CVE-1999-0153 | 2 Microsoft, Sco | 4 Windows 2000, Windows 95, Windows Nt and 1 more | 2026-04-16 | N/A |
| Windows 95/NT out of band (OOB) data denial of service through NETBIOS port, aka WinNuke. | ||||
| CVE-1999-0191 | 1 Microsoft | 1 Internet Information Server | 2026-04-16 | N/A |
| IIS newdsn.exe CGI script allows remote users to overwrite files. | ||||
| CVE-1999-0249 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2026-04-16 | N/A |
| Windows NT RSHSVC program allows remote users to execute arbitrary commands. | ||||
| CVE-1999-0280 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Remote command execution in Microsoft Internet Explorer using .lnk and .url files. | ||||
| CVE-1999-0288 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| The WINS server in Microsoft Windows NT 4.0 before SP4 allows remote attackers to cause a denial of service (process termination) via invalid UDP frames to port 137 (NETBIOS Name Service), as demonstrated via a flood of random packets. | ||||
| CVE-1999-0289 | 2 Apache, Microsoft | 2 Http Server, Windows | 2026-04-16 | N/A |
| The Apache web server for Win32 may provide access to restricted files when a . (dot) is appended to a requested URL. | ||||
| CVE-2002-0862 | 2 Apple, Microsoft | 10 Macos, Internet Explorer, Office and 7 more | 2026-04-16 | N/A |
| The (1) CertGetCertificateChain, (2) CertVerifyCertificateChainPolicy, and (3) WinVerifyTrust APIs within the CryptoAPI for Microsoft products including Microsoft Windows 98 through XP, Office for Mac, Internet Explorer for Mac, and Outlook Express for Mac, do not properly verify the Basic Constraints of intermediate CA-signed X.509 certificates, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack for SSL sessions, as originally reported for Internet Explorer and IIS. | ||||
| CVE-2002-0869 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2026-04-16 | N/A |
| Unknown vulnerability in the hosting process (dllhost.exe) for Microsoft Internet Information Server (IIS) 4.0 through 5.1 allows remote attackers to gain privileges by executing an out of process application that acquires LocalSystem privileges, aka "Out of Process Privilege Elevation." | ||||
| CVE-2002-0969 | 2 Microsoft, Oracle | 2 Windows, Mysql | 2026-04-16 | 7.8 High |
| Buffer overflow in MySQL daemon (mysqld) before 3.23.50, and 4.0 beta before 4.02, on the Win32 platform, allows local users to execute arbitrary code via a long "datadir" parameter in the my.ini initialization file, whose permissions on Windows allow Full Control to the Everyone group. | ||||
| CVE-1999-1367 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Internet Explorer 5.0 does not properly reset the username/password cache for Web sites that do not use standard cache controls, which could allow users on the same system to access restricted web sites that were visited by other users. | ||||
| CVE-2002-0980 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| The Web Folder component for Internet Explorer 5.5 and 6.0 writes an error message to a known location in the temporary folder, which allows remote attackers to execute arbitrary code by injecting it into the error message, then referring to the error message file via a mhtml: URL. | ||||
| CVE-2005-2089 | 1 Microsoft | 1 Internet Information Services | 2026-04-16 | N/A |
| Microsoft IIS 5.0 and 6.0 allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes IIS to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka "HTTP Request Smuggling." | ||||
| CVE-2002-1056 | 1 Microsoft | 2 Outlook, Word | 2026-04-16 | N/A |
| Microsoft Outlook 2000 and 2002, when configured to use Microsoft Word as the email editor, does not block scripts that are used while editing email messages in HTML or Rich Text Format (RTF), which could allow remote attackers to execute arbitrary scripts via an email that the user forwards or replies to. | ||||
| CVE-2002-1138 | 1 Microsoft | 2 Data Engine, Sql Server | 2026-04-16 | N/A |
| Microsoft SQL Server 7.0 and 2000, including Microsoft Data Engine (MSDE) 1.0 and Microsoft Desktop Engine (MSDE) 2000, writes output files for scheduled jobs under its own privileges instead of the entity that launched it, which allows attackers to overwrite system files, aka "Flaw in Output File Handling for Scheduled Jobs." | ||||
| CVE-2002-1140 | 1 Microsoft | 1 Services | 2026-04-16 | N/A |
| The Sun Microsystems RPC library Services for Unix 3.0 Interix SD, as implemented on Microsoft Windows NT4, 2000, and XP, allows remote attackers to cause a denial of service (service hang) via malformed packet fragments, aka "Improper parameter size check leading to denial of service." | ||||