Filtered by vendor Microsoft
Subscribe
Total
19158 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-0504 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2023-12-10 | 7.5 HIGH | N/A |
| A Windows NT local user or administrator account has a default, null, blank, or missing password. | |||||
| CVE-2002-0366 | 1 Microsoft | 3 Windows 2000, Windows Nt, Windows Xp | 2023-12-10 | 7.2 HIGH | N/A |
| Buffer overflow in Remote Access Service (RAS) phonebook for Windows NT 4.0, 2000, XP, and Routing and Remote Access Server (RRAS) allows local users to execute arbitrary code by modifying the rasphone.pbk file to use a long dial-up entry. | |||||
| CVE-1999-0576 | 1 Microsoft | 1 Windows Nt | 2023-12-10 | 7.5 HIGH | N/A |
| A Windows NT system's file audit policy does not log an event success or failure for security-critical files or directories. | |||||
| CVE-2002-0056 | 1 Microsoft | 1 Sql Server | 2023-12-10 | 7.5 HIGH | N/A |
| Buffer overflow in SQL Server 7.0 and 2000 allows remote attackers to execute arbitrary code via a long OLE DB provider name to (1) OpenDataSource or (2) OpenRowset in an ad hoc connection. | |||||
| CVE-1999-0877 | 1 Microsoft | 1 Internet Explorer | 2023-12-10 | 4.3 MEDIUM | N/A |
| Internet Explorer 5 allows remote attackers to read files via an ExecCommand method called on an IFRAME. | |||||
| CVE-1999-0253 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2023-12-10 | 7.5 HIGH | N/A |
| IIS 3.0 with the iis-fix hotfix installed allows remote intruders to read source code for ASP programs by using a %2e instead of a . (dot) in the URL. | |||||
| CVE-1999-0577 | 1 Microsoft | 1 Windows Nt | 2023-12-10 | 10.0 HIGH | N/A |
| A Windows NT system's file audit policy does not log an event success or failure for non-critical files or directories. | |||||
| CVE-2000-0851 | 1 Microsoft | 1 Windows 2000 | 2023-12-10 | 4.6 MEDIUM | N/A |
| Buffer overflow in the Still Image Service in Windows 2000 allows local users to gain additional privileges via a long WM_USER message, aka the "Still Image Service Privilege Escalation" vulnerability. | |||||
| CVE-2003-0822 | 1 Microsoft | 4 Frontpage Server Extensions, Sharepoint Team Services, Windows 2000 and 1 more | 2023-12-10 | 7.5 HIGH | N/A |
| Buffer overflow in the debug functionality in fp30reg.dll of Microsoft FrontPage Server Extensions (FPSE) 2000 and 2002 allows remote attackers to execute arbitrary code via a crafted chunked encoded request. | |||||
| CVE-2001-0665 | 1 Microsoft | 1 Ie | 2023-12-10 | 7.5 HIGH | N/A |
| Internet Explorer 6 and earlier allows remote attackers to cause certain HTTP requests to be automatically executed and appear to come from the user, which could allow attackers to gain privileges or execute operations within web-based services, aka the "HTTP Request Encoding vulnerability." | |||||
| CVE-2001-0153 | 1 Microsoft | 2 Visual Basic, Visual Studio | 2023-12-10 | 7.5 HIGH | N/A |
| Buffer overflow in VB-TSQL debugger object (vbsdicli.exe) in Visual Studio 6.0 Enterprise Edition allows remote attackers to execute arbitrary commands. | |||||
| CVE-2002-0269 | 1 Microsoft | 1 Internet Explorer | 2023-12-10 | 7.5 HIGH | N/A |
| Internet Explorer 5.x and 6 interprets an object as an HTML document even when its MIME Content-Type is text/plain, which could allow remote attackers to execute arbitrary script in documents that the user does not expect, possibly through web applications that use a text/plain type to prevent cross-site scripting attacks. | |||||
| CVE-1999-0827 | 2 Microsoft, Netscape | 3 Ie, Internet Explorer, Navigator | 2023-12-10 | 2.6 LOW | N/A |
| By default, Internet Explorer 5.0 and other versions enables the "Navigate sub-frames across different domains" option, which allows frame spoofing. | |||||
| CVE-1999-0755 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2023-12-10 | 5.0 MEDIUM | N/A |
| Windows NT RRAS and RAS clients cache a user's password even if the user has not selected the "Save password" option. | |||||
| CVE-2000-0756 | 1 Microsoft | 1 Outlook | 2023-12-10 | 5.0 MEDIUM | N/A |
| Microsoft Outlook 2000 does not properly process long or malformed fields in vCard (.vcf) files, which allows attackers to cause a denial of service. | |||||
| CVE-1999-0274 | 1 Microsoft | 1 Windows Nt | 2023-12-10 | 5.0 MEDIUM | N/A |
| Denial of service in Windows NT DNS servers through malicious packet which contains a response to a query that wasn't made. | |||||
| CVE-2000-0088 | 1 Microsoft | 4 Office, Office Converter Pack, Powerpoint and 1 more | 2023-12-10 | 7.2 HIGH | N/A |
| Buffer overflow in the conversion utilities for Japanese, Korean and Chinese Word 5 documents allows an attacker to execute commands, aka the "Malformed Conversion Data" vulnerability. | |||||
| CVE-2003-0812 | 1 Microsoft | 2 Windows 2000, Windows Xp | 2023-12-10 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in a logging function for Windows Workstation Service (WKSSVC.DLL) allows remote attackers to execute arbitrary code via RPC calls that cause long entries to be written to a debug log file ("NetSetup.LOG"), as demonstrated using the NetAddAlternateComputerName API. | |||||
| CVE-2001-0005 | 1 Microsoft | 1 Powerpoint | 2023-12-10 | 6.2 MEDIUM | N/A |
| Buffer overflow in the parsing mechanism of the file loader in Microsoft PowerPoint 2000 allows attackers to execute arbitrary commands. | |||||
| CVE-2004-0727 | 1 Microsoft | 1 Internet Explorer | 2023-12-10 | 7.5 HIGH | N/A |
| Microsoft Internet Explorer 6.0.2800.1106 on Microsoft Windows XP SP2, and other versions including 5.01 and 5.5, allows remote web servers to bypass zone restrictions and execute arbitrary code in the local computer zone by redirecting a function to another function with the same name, as demonstrated by SimilarMethodNameRedir, aka the "Similar Method Name Redirection Cross Domain Vulnerability." | |||||