Export limit exceeded: 18287 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (18287 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-1999-0506 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2026-04-16 | N/A |
| A Windows NT domain user or administrator account has a default, null, blank, or missing password. | ||||
| CVE-2006-1626 | 1 Microsoft | 2 Internet Explorer, Windows Xp | 2026-04-16 | N/A |
| Internet Explorer 6 for Windows XP SP2 and earlier allows remote attackers to spoof the address bar and possibly conduct phishing attacks by re-opening the window to a malicious Shockwave Flash application, then changing the window location back to a trusted URL while the Flash application is still loading. NOTE: this is a different vulnerability than CVE-2006-1192. | ||||
| CVE-2002-2132 | 1 Microsoft | 2 Windows 2000, Windows Xp | 2026-04-16 | N/A |
| Windows File Protection (WFP) in Windows 2000 and XP does not remove old security catalog .CAT files, which could allow local users to replace new files with vulnerable old files that have valid hash codes. | ||||
| CVE-1999-0886 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| The security descriptor for RASMAN allows users to point to an alternate location via the Windows NT Service Control Manager. | ||||
| CVE-1999-0288 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| The WINS server in Microsoft Windows NT 4.0 before SP4 allows remote attackers to cause a denial of service (process termination) via invalid UDP frames to port 137 (NETBIOS Name Service), as demonstrated via a flood of random packets. | ||||
| CVE-2002-2117 | 1 Microsoft | 1 Windows Xp | 2026-04-16 | N/A |
| Microsoft Windows XP allows remote attackers to cause a denial of service (CPU consumption) by flooding UDP port 500 (ISAKMP). | ||||
| CVE-2000-0834 | 1 Microsoft | 1 Windows 2000 | 2026-04-16 | N/A |
| The Windows 2000 telnet client attempts to perform NTLM authentication by default, which allows remote attackers to capture and replay the NTLM challenge/response via a telnet:// URL that points to the malicious server, aka the "Windows 2000 Telnet Client NTLM Authentication" vulnerability. | ||||
| CVE-1999-1581 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| Memory leak in Simple Network Management Protocol (SNMP) agent (snmp.exe) for Windows NT 4.0 before Service Pack 4 allows remote attackers to cause a denial of service (memory consumption) via a large number of SNMP packets with Object Identifiers (OIDs) that cannot be decoded. | ||||
| CVE-2002-2077 | 1 Microsoft | 1 Windows 2000 | 2026-04-16 | N/A |
| The DCOM client in Windows 2000 before SP3 does not properly clear memory before sending an "alter context" request, which may allow remote attackers to obtain sensitive information by sniffing the session. | ||||
| CVE-1999-0224 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| Denial of service in Windows NT messenger service through a long username. | ||||
| CVE-2002-0224 | 1 Microsoft | 3 Internet Information Services, Sql Server, Windows 2000 | 2026-04-16 | N/A |
| The MSDTC (Microsoft Distributed Transaction Service Coordinator) for Microsoft Windows 2000, Microsoft IIS 5.0 and SQL Server 6.5 through SQL 2000 0.0 allows remote attackers to cause a denial of service (crash or hang) via malformed (random) input. | ||||
| CVE-2002-2105 | 1 Microsoft | 1 Windows Xp | 2026-04-16 | N/A |
| Microsoft Windows XP allows local users to prevent the system from booting via a corrupt explorer.exe.manifest file. | ||||
| CVE-2006-1475 | 1 Microsoft | 1 Windows Xp | 2026-04-16 | N/A |
| Windows Firewall in Microsoft Windows XP SP2 does not produce application alerts when an application is executed using the NTFS Alternate Data Streams (ADS) filename:stream syntax, which might allow local users to launch a Trojan horse attack in which the victim does not obtain the alert that Windows Firewall would have produced for a non-ADS file. | ||||
| CVE-2000-0790 | 1 Microsoft | 3 Windows 2000, Windows 98, Windows 98se | 2026-04-16 | N/A |
| The web-based folder display capability in Microsoft Internet Explorer 5.5 on Windows 98 allows local users to insert Trojan horse programs by modifying the Folder.htt file and using the InvokeVerb method in the ShellDefView ActiveX control to specify a default execute option for the first file that is listed in the folder. | ||||
| CVE-2005-1935 | 1 Microsoft | 4 Windows 2000, Windows 2003 Server, Windows Nt and 1 more | 2026-04-16 | N/A |
| Heap-based buffer overflow in the BERDecBitString function in Microsoft ASN.1 library (MSASN1.DLL) allows remote attackers to execute arbitrary code via nested constructed bit strings, which leads to a realloc of a non-null pointer and causes the function to overwrite previously freed memory, as demonstrated using a SPNEGO token with a constructed bit string during HTTP authentication, and a different vulnerability than CVE-2003-0818. NOTE: the researcher has claimed that MS:MS04-007 fixes this issue. | ||||
| CVE-1999-0505 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2026-04-16 | N/A |
| A Windows NT domain user or administrator account has a guessable password. | ||||
| CVE-2002-1933 | 1 Microsoft | 1 Windows 2000 Terminal Services | 2026-04-16 | N/A |
| The terminal services screensaver for Microsoft Windows 2000 does not automatically lock the terminal window if the window is minimized, which could allow local users to gain access to the terminal server window. | ||||
| CVE-2002-1932 | 1 Microsoft | 2 Windows 2000, Windows Xp | 2026-04-16 | N/A |
| Microsoft Windows XP and Windows 2000, when configured to send administrative alerts and the "Do not overwrite events (clear log manually)" option is set, does not notify the administrator when the log reaches its maximum size, which allows local users and remote attackers to avoid detection. | ||||
| CVE-2000-0771 | 1 Microsoft | 1 Windows 2000 | 2026-04-16 | N/A |
| Microsoft Windows 2000 allows local users to cause a denial of service by corrupting the local security policy via malformed RPC traffic, aka the "Local Security Policy Corruption" vulnerability. | ||||
| CVE-1999-0824 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| A Windows NT user can use SUBST to map a drive letter to a folder, which is not unmapped after the user logs off, potentially allowing that user to modify the location of folders accessed by later users. | ||||