Export limit exceeded: 24914 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (24914 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-1696 | 2 Microsoft, Pgp | 2 Outlook, Personal Privacy | 2026-04-16 | 5.5 Medium |
| Microsoft Outlook plug-in PGP version 7.0, 7.0.3, and 7.0.4 silently saves a decrypted copy of a message to hard disk when "Automatically decrypt/verify when opening messages" option is checked, "Always use Secure Viewer when decrypting" option is not checked, and the user replies to an encrypted message. | ||||
| CVE-2002-1688 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| The browser history feature in Microsoft Internet Explorer 5.5 through 6.0 allows remote attackers to execute arbitrary script as other users and steal authentication information via cookies by injecting JavaScript into the URL, which is executed when the user hits the Back button. | ||||
| CVE-2002-1918 | 1 Microsoft | 1 Data Access Components | 2026-04-16 | N/A |
| Buffer overflow in Microsoft Active Data Objects (ADO) in Microsoft MDAC 2.5 through 2.7 allows remote attackers to have unknown impact with unknown attack vectors. NOTE: due to the lack of details available regarding this issue, perhaps it should be REJECTED. | ||||
| CVE-2002-1973 | 2 Microsoft, Working Resources Inc. | 2 Foundation Class Library, Badblue | 2026-04-16 | N/A |
| Buffer overflow in CHttpServer::OnParseError in the ISAPI extension (Isapi.cpp) when built using Microsoft Foundation Class (MFC) static libraries in Visual C++ 5.0, and 6.0 before SP3, as used in multiple products including BadBlue, allows remote attackers to cause a denial of service (access violation and crash) and possibly execute arbitrary code via a long query string that causes a parsing error. | ||||
| CVE-1999-1316 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| Passfilt.dll in Windows NT SP2 allows users to create a password that contains the user's name, which could make it easier for an attacker to guess. | ||||
| CVE-2002-2100 | 1 Microsoft | 1 Outlook | 2026-04-16 | N/A |
| Microsoft Outlook 2002 allows remote attackers to embed bypass the file download restrictions for attachments via an HTML email message that uses an IFRAME to reference malicious content. | ||||
| CVE-2002-2101 | 1 Microsoft | 1 Outlook | 2026-04-16 | N/A |
| Microsoft Outlook 2002 allows remote attackers to execute arbitrary JavaScript code, even when scripting is disabled, via an "about:" or "javascript:" URI in the href attribute of an "a" tag. | ||||
| CVE-2002-2132 | 1 Microsoft | 2 Windows 2000, Windows Xp | 2026-04-16 | N/A |
| Windows File Protection (WFP) in Windows 2000 and XP does not remove old security catalog .CAT files, which could allow local users to replace new files with vulnerable old files that have valid hash codes. | ||||
| CVE-1999-1367 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Internet Explorer 5.0 does not properly reset the username/password cache for Web sites that do not use standard cache controls, which could allow users on the same system to access restricted web sites that were visited by other users. | ||||
| CVE-2002-2413 | 2 Deerfield, Microsoft | 3 Website Pro, Windows 9x, Windows Nt | 2026-04-16 | N/A |
| WebSite Pro 3.1.11.0 on Windows allows remote attackers to read script source code for files with extensions greater than 3 characters via a URL request that uses the equivalent 8.3 file name. | ||||
| CVE-2003-0011 | 1 Microsoft | 1 Isa Server | 2026-04-16 | N/A |
| Unknown vulnerability in the DNS intrusion detection application filter for Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to cause a denial of service (blocked traffic to DNS servers) via a certain type of incoming DNS request that is not properly handled. | ||||
| CVE-2003-0117 | 1 Microsoft | 1 Biztalk Server | 2026-04-16 | N/A |
| Buffer overflow in the HTTP receiver function (BizTalkHTTPReceive.dll ISAPI) of Microsoft BizTalk Server 2002 allows attackers to execute arbitrary code via a certain request to the HTTP receiver. | ||||
| CVE-2003-0118 | 1 Microsoft | 1 Biztalk Server | 2026-04-16 | N/A |
| SQL injection vulnerability in the Document Tracking and Administration (DTA) website of Microsoft BizTalk Server 2000 and 2002 allows remote attackers to execute operating system commands via a request to (1) rawdocdata.asp or (2) RawCustomSearchField.asp containing an embedded SQL statement. | ||||
| CVE-1999-1453 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Internet Explorer 4 allows remote attackers (malicious web site operators) to read the contents of the clipboard via the Internet WebBrowser ActiveX object. | ||||
| CVE-2003-0530 | 1 Microsoft | 2 Ie, Internet Explorer | 2026-04-16 | N/A |
| Buffer overflow in the BR549.DLL ActiveX control for Internet Explorer 5.01 SP3 through 6.0 SP1 allows remote attackers to execute arbitrary code. | ||||
| CVE-2003-0531 | 1 Microsoft | 2 Ie, Internet Explorer | 2026-04-16 | N/A |
| Internet Explorer 5.01 SP3 through 6.0 SP1 allows remote attackers to access and execute script in the My Computer domain using the browser cache via crafted Content-Type and Content-Disposition headers, aka the "Browser Cache Script Execution in My Computer Zone" vulnerability. | ||||
| CVE-2003-0532 | 1 Microsoft | 2 Ie, Internet Explorer | 2026-04-16 | N/A |
| Internet Explorer 5.01 SP3 through 6.0 SP1 does not properly determine object types that are returned by web servers, which could allow remote attackers to execute arbitrary code via an object tag with a data parameter to a malicious file hosted on a server that returns an unsafe Content-Type, aka the "Object Type" vulnerability. | ||||
| CVE-2005-2087 | 1 Microsoft | 2 Ie, Internet Explorer | 2026-04-16 | N/A |
| Internet Explorer 5.01 SP4 up to 6 on various Windows operating systems, including IE 6.0.2900.2180 on Windows XP, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not ActiveX controls, as demonstrated using the JVIEW Profiler (Javaprxy.dll). NOTE: the researcher says that the vendor could not reproduce this problem. | ||||
| CVE-2002-0618 | 1 Microsoft | 2 Excel, Office | 2026-04-16 | N/A |
| The Macro Security Model in Microsoft Excel 2000 and 2002 for Windows allows remote attackers to execute code in the Local Computer zone by embedding HTML scripts within an Excel workbook that contains an XSL stylesheet, aka "Excel XSL Stylesheet Script Execution". | ||||
| CVE-2003-0807 | 1 Microsoft | 4 Windows 2000, Windows 2003 Server, Windows Nt and 1 more | 2026-04-16 | N/A |
| Buffer overflow in the COM Internet Services and in the RPC over HTTP Proxy components for Microsoft Windows NT Server 4.0, NT 4.0 Terminal Server Edition, 2000, XP, and Server 2003 allows remote attackers to cause a denial of service via a crafted request. | ||||