Vulnerabilities (CVE)

Filtered by vendor Microsoft Subscribe
Filtered by product Windows 95
Total 57 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2006-7031 1 Microsoft 10 Internet Explorer, Windows 2000, Windows 2003 Server and 7 more 2023-12-15 5.0 MEDIUM N/A
Microsoft Internet Explorer 6.0.2900 SP2 and earlier allows remote attackers to cause a denial of service (crash) via a table element with a CSS attribute that sets the position, which triggers an "unhandled exception" in mshtml.dll.
CVE-2003-1569 2 Goahead, Microsoft 4 Goahead Webserver, Windows 95, Windows 98 and 1 more 2023-12-10 5.0 MEDIUM N/A
GoAhead WebServer before 2.1.5 on Windows 95, 98, and ME allows remote attackers to cause a denial of service (daemon crash) via an HTTP request with a (1) con, (2) nul, (3) clock$, or (4) config$ device name in a path component, different vectors than CVE-2001-0385.
CVE-1999-1593 1 Microsoft 3 Windows 2000, Windows 95, Windows 98 2023-12-10 7.6 HIGH N/A
Windows Internet Naming Service (WINS) allows remote attackers to cause a denial of service (connectivity loss) or steal credentials via a 1Ch registration that causes WINS to change the domain controller to point to a malicious server. NOTE: this problem may be limited when Windows 95/98 clients are used, or if the primary domain controller becomes unavailable.
CVE-2007-3958 1 Microsoft 8 Internet Explorer, Windows 2000, Windows 95 and 5 more 2023-12-10 7.1 HIGH N/A
Microsoft Windows Explorer (explorer.exe) allows user-assisted remote attackers to cause a denial of service via a certain GIF file, as demonstrated by Art.gif.
CVE-2007-1043 9 Apple, Ezboo, Hp and 6 more 18 Mac Os X, Webstats, Hp-ux and 15 more 2023-12-10 7.5 HIGH N/A
Ezboo webstats, possibly 3.0.3, allows remote attackers to bypass authentication and gain access via a direct request to (1) update.php and (2) config.php.
CVE-2007-2186 2 Foxit, Microsoft 9 Pdf Reader, Windows 2000, Windows 2003 Server and 6 more 2023-12-10 5.0 MEDIUM N/A
Foxit Reader 2.0 allows remote attackers to cause a denial of service (application crash) via a crafted PDF document.
CVE-2006-7039 2 Atrium Software, Microsoft 9 Mercur Messaging 2005, Windows 2000, Windows 2003 Server and 6 more 2023-12-10 5.0 MEDIUM N/A
The IMAP4 service in MERCUR Messaging 2005 before Service Pack 4 allows remote attackers to cause a denial of service (crash) via a message with a long subject field.
CVE-2007-1898 8 Apple, Hp, Jetbox and 5 more 16 Mac Os X, Hp-ux, Tru64 and 13 more 2023-12-10 5.8 MEDIUM N/A
formmail.php in Jetbox CMS 2.1 allows remote attackers to send arbitrary e-mails (spam) via modified recipient, _SETTINGS[allowed_email_hosts][], and subject parameters.
CVE-2007-2736 9 Achievo, Apple, Hp and 6 more 18 Achievo, A Ux, Mac Os X and 15 more 2023-12-10 10.0 HIGH N/A
PHP remote file inclusion vulnerability in index.php in Achievo 1.1.0 allows remote attackers to execute arbitrary PHP code via a URL in the config_atkroot parameter.
CVE-2006-6261 2 Microsoft, Quinnware 7 Windows 2000, Windows 95, Windows 98 and 4 more 2023-12-10 9.3 HIGH N/A
Buffer overflow in Quintessential Player 4.50.1.82 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) M3u or (2) M3u-8 file; or a (3) crafted PLS file with a long value in the (a) NumberofEntries, (b) Length (aka Length1), (c) Filename (aka File1), (d) Title (aka Title1) field, or other unspecified fields.
CVE-2006-7034 9 Apple, Hp, Ibm and 6 more 18 Mac Os X, Hp-ux, Tru64 and 15 more 2023-12-10 7.5 HIGH N/A
SQL injection vulnerability in directory.php in Super Link Exchange Script 1.0 might allow remote attackers to execute arbitrary SQL queries via the cat parameter.
CVE-2006-7037 2 Mathsoft, Microsoft 9 Mathcad, Windows 2000, Windows 2003 Server and 6 more 2023-12-10 4.4 MEDIUM N/A
Mathcad 12 through 13.1 allows local users to bypass the security features by directly accessing or editing the XML representation of the worksheet with a text editor or other program, which allows attackers to (1) bypass password protection by replacing the password field with a hash of a known password, (2) modify timestamps to avoid detection of modifications, (3) remove locks by removing the "is-locked" attribute, and (4) view locked data, which is stored in plaintext.
CVE-2005-2388 1 Microsoft 7 Windows 2000, Windows 2003 Server, Windows 95 and 4 more 2023-12-10 7.2 HIGH N/A
Buffer overflow in a certain USB driver, as used on Microsoft Windows, allows attackers to execute arbitrary code.
CVE-1999-1291 1 Microsoft 2 Windows 95, Windows Nt 2023-12-10 5.0 MEDIUM N/A
TCP/IP implementation in Microsoft Windows 95, Windows NT 4.0, and possibly others, allows remote attackers to reset connections by forcing a reset (RST) via a PSH ACK or other means, obtaining the target's last sequence number from the resulting packet, then spoofing a reset to the target.
CVE-2002-1325 1 Microsoft 8 Windows 2000, Windows 2000 Terminal Services, Windows 95 and 5 more 2023-12-10 5.0 MEDIUM N/A
Microsoft Virtual Machine (VM) build 5.0.3805 and earlier allows remote attackers to determine a local user's username via a Java applet that accesses the user.dir system property, aka "User.dir Exposure Vulnerability."
CVE-2000-0155 1 Microsoft 3 Windows 95, Windows 98, Windows Nt 2023-12-10 7.2 HIGH N/A
Windows NT Autorun executes the autorun.inf file on non-removable media, which allows local attackers to specify an alternate program to execute when other users access a drive.
CVE-1999-0387 1 Microsoft 2 Windows 95, Windows 98 2023-12-10 7.8 HIGH N/A
A legacy credential caching mechanism used in Windows 95 and Windows 98 systems allows attackers to read plaintext network passwords.
CVE-1999-0256 2 Jgaa, Microsoft 3 Warftpd, Windows 95, Windows Nt 2023-12-10 7.5 HIGH N/A
Buffer overflow in War FTP allows remote execution of commands.
CVE-2000-0168 1 Microsoft 3 Windows 95, Windows 98, Windows 98se 2023-12-10 5.0 MEDIUM N/A
Microsoft Windows 9x operating systems allow an attacker to cause a denial of service via a pathname that includes file device names, aka the "DOS Device in Path Name" vulnerability.
CVE-2000-0305 2 Be, Microsoft 6 Beos, Terminal Server, Windows 2000 and 3 more 2023-12-10 7.8 HIGH N/A
Windows 95, Windows 98, Windows 2000, Windows NT 4.0, and Terminal Server systems allow a remote attacker to cause a denial of service by sending a large number of identical fragmented IP packets, aka jolt2 or the "IP Fragment Reassembly" vulnerability.