Filtered by vendor Microsoft
Subscriptions
Total
23185 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-1999-0815 | 1 Microsoft | 1 Windows Nt | 2025-04-03 | N/A |
| Memory leak in SNMP agent in Windows NT 4.0 before SP5 allows remote attackers to conduct a denial of service (memory exhaustion) via a large number of queries. | ||||
| CVE-2001-0246 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | N/A |
| Internet Explorer 5.5 and earlier does not properly verify the domain of a frame within a browser window, which allows remote web site operators to read certain files on the client by sending information from a local frame to a frame in a different domain, aka a variant of the "Frame Domain Verification" vulnerability. | ||||
| CVE-1999-0802 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | N/A |
| Buffer overflow in Internet Explorer 5 allows remote attackers to execute commands via a malformed Favorites icon. | ||||
| CVE-2001-1571 | 1 Microsoft | 1 Windows Xp | 2025-04-03 | N/A |
| The Remote Desktop client in Windows XP sends the most recent user account name in cleartext, which could allow remote attackers to obtain terminal server user account names via sniffing. | ||||
| CVE-2000-0089 | 1 Microsoft | 1 Windows Nt | 2025-04-03 | N/A |
| The rdisk utility in Microsoft Terminal Server Edition and Windows NT 4.0 stores registry hive information in a temporary file with permissions that allow local users to read it, aka the "RDISK Registry Enumeration File" vulnerability. | ||||
| CVE-2003-0011 | 1 Microsoft | 1 Isa Server | 2025-04-03 | N/A |
| Unknown vulnerability in the DNS intrusion detection application filter for Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to cause a denial of service (blocked traffic to DNS servers) via a certain type of incoming DNS request that is not properly handled. | ||||
| CVE-2001-1570 | 1 Microsoft | 1 Windows Xp | 2025-04-03 | N/A |
| Windows XP with fast user switching and account lockout enabled allows local users to deny user account access by setting the fast user switch to the same user (self) multiple times, which causes other accounts to be locked out. | ||||
| CVE-2002-0020 | 1 Microsoft | 2 Interix, Windows 2000 | 2025-04-03 | N/A |
| Buffer overflow in telnet server in Windows 2000 and Interix 2.2 allows remote attackers to execute arbitrary code via malformed protocol options. | ||||
| CVE-2002-0021 | 1 Microsoft | 1 Office | 2025-04-03 | N/A |
| Network Product Identification (PID) Checker in Microsoft Office v. X for Mac allows remote attackers to cause a denial of service (crash) via a malformed product announcement. | ||||
| CVE-2002-0618 | 1 Microsoft | 2 Excel, Office | 2025-04-03 | N/A |
| The Macro Security Model in Microsoft Excel 2000 and 2002 for Windows allows remote attackers to execute code in the Local Computer zone by embedding HTML scripts within an Excel workbook that contains an XSL stylesheet, aka "Excel XSL Stylesheet Script Execution". | ||||
| CVE-2000-1149 | 1 Microsoft | 1 Windows Nt | 2025-04-03 | N/A |
| Buffer overflow in RegAPI.DLL used by Windows NT 4.0 Terminal Server allows remote attackers to execute arbitrary commands via a long username, aka the "Terminal Server Login Buffer Overflow" vulnerability. | ||||
| CVE-2002-0696 | 1 Microsoft | 1 Visual Foxpro | 2025-04-03 | N/A |
| Microsoft Visual FoxPro 6.0 does not register its associated files with Internet Explorer, which allows remote attackers to execute Visual FoxPro applications without warning via HTML that references specially-crafted filenames. | ||||
| CVE-2002-0718 | 1 Microsoft | 1 Content Management Server | 2025-04-03 | N/A |
| Web authoring command in Microsoft Content Management Server (MCMS) 2001 allows attackers to authenticate and upload executable content, by modifying the upload location, aka "Program Execution via MCMS Authoring Function." | ||||
| CVE-2002-1138 | 1 Microsoft | 2 Data Engine, Sql Server | 2025-04-03 | N/A |
| Microsoft SQL Server 7.0 and 2000, including Microsoft Data Engine (MSDE) 1.0 and Microsoft Desktop Engine (MSDE) 2000, writes output files for scheduled jobs under its own privileges instead of the entity that launched it, which allows attackers to overwrite system files, aka "Flaw in Output File Handling for Scheduled Jobs." | ||||
| CVE-2002-1698 | 1 Microsoft | 1 Msn Messenger | 2025-04-03 | N/A |
| Buffer overflow in Microsoft MSN Messenger Service 1.0 through 4.6 allows remote attackers to cause a denial of service (crash) via a long FN (font) argument in the message header. | ||||
| CVE-2002-1984 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | N/A |
| Microsoft Internet Explorer 5.0.1 through 6.0 on Windows 2000 or Windows XP allows remote attackers to cause a denial of service (crash) via an OBJECT tag that contains a crafted CLASSID (CLSID) value of "CLSID:00022613-0000-0000-C000-000000000046". | ||||
| CVE-2003-0117 | 1 Microsoft | 1 Biztalk Server | 2025-04-03 | N/A |
| Buffer overflow in the HTTP receiver function (BizTalkHTTPReceive.dll ISAPI) of Microsoft BizTalk Server 2002 allows attackers to execute arbitrary code via a certain request to the HTTP receiver. | ||||
| CVE-2004-0209 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2025-04-03 | N/A |
| Unknown vulnerability in the Graphics Rendering Engine processes of Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code via (1) Windows Metafile (WMF) or (2) Enhanced Metafile (EMF) image formats that involve "an unchecked buffer." | ||||
| CVE-2004-0200 | 1 Microsoft | 24 .net Framework, Digital Image Pro, Digital Image Suite and 21 more | 2025-04-03 | N/A |
| Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation. | ||||
| CVE-2004-0123 | 1 Microsoft | 7 Windows 2000, Windows 2003 Server, Windows 98 and 4 more | 2025-04-03 | N/A |
| Double free vulnerability in the ASN.1 library as used in Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service and possibly execute arbitrary code. | ||||