Filtered by vendor Microsoft
Subscribe
Total
23518 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-2123 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2026-04-16 | 7.5 HIGH | N/A |
| Multiple integer overflows in the Graphics Rendering Engine (GDI32.DLL) in Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allow remote attackers to execute arbitrary code via crafted Windows Metafile (WMF) and Enhanced Metafile (EMF) format images that lead to heap-based buffer overflows, as demonstrated using MRBP16::bCheckRecord. | |||||
| CVE-2004-2307 | 1 Microsoft | 2 Internet Explorer, Windows Xp | 2026-04-16 | 5.0 MEDIUM | N/A |
| Microsoft Internet Explorer 6.0.2600 on Windows XP allows remote attackers to cause a denial of service (browser crash) via a shell: URI with double backslashes (\\) in an HTML tag such as IFRAME or A. | |||||
| CVE-2002-2105 | 1 Microsoft | 1 Windows Xp | 2026-04-16 | 2.1 LOW | N/A |
| Microsoft Windows XP allows local users to prevent the system from booting via a corrupt explorer.exe.manifest file. | |||||
| CVE-2006-2371 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2026-04-16 | 7.5 HIGH | N/A |
| Buffer overflow in the Remote Access Connection Manager service (RASMAN) service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote unauthenticated or authenticated attackers to execute arbitrary code via certain crafted "RPC related requests," that lead to registry corruption and stack corruption, aka the "RASMAN Registry Corruption Vulnerability." | |||||
| CVE-2001-0659 | 1 Microsoft | 1 Windows 2000 | 2026-04-16 | 5.0 MEDIUM | N/A |
| Buffer overflow in IrDA driver providing infrared data exchange on Windows 2000 allows attackers who are physically close to the machine to cause a denial of service (reboot) via a malformed IrDA packet. | |||||
| CVE-2004-0206 | 1 Microsoft | 5 Windows 2000, Windows 2003 Server, Windows 98 and 2 more | 2026-04-16 | 7.5 HIGH | N/A |
| Network Dynamic Data Exchange (NetDDE) services for Microsoft Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows attackers to remotely execute arbitrary code or locally gain privileges via a malicious message or application that involves an "unchecked buffer," possibly a buffer overflow. | |||||
| CVE-2005-1983 | 1 Microsoft | 2 Windows 2000, Windows Xp | 2026-04-16 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application, as exploited by the Zotob (aka Mytob) worm. | |||||
| CVE-2006-1186 | 1 Microsoft | 2 Ie, Internet Explorer | 2026-04-16 | 10.0 HIGH | N/A |
| Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via by instantiating the (1) Mdt2gddr.dll, (2) Mdt2dd.dll, and (3) Mdt2gddo.dll COM objects as ActiveX controls, which leads to memory corruption. | |||||
| CVE-2005-2307 | 1 Microsoft | 2 Windows 2000, Windows Xp | 2026-04-16 | 5.0 MEDIUM | N/A |
| netman.dll in Microsoft Windows Connections Manager Library allows local users to cause a denial of service (Network Connections Service crash) via a large integer argument to a particular function, aka "Network Connection Manager Vulnerability." | |||||
| CVE-2001-0238 | 1 Microsoft | 6 Windows 2000, Windows 95, Windows 98 and 3 more | 2026-04-16 | 7.5 HIGH | N/A |
| Microsoft Data Access Component Internet Publishing Provider 8.103.2519.0 and earlier allows remote attackers to bypass Security Zone restrictions via WebDAV requests. | |||||
| CVE-2003-0344 | 1 Microsoft | 2 Ie, Internet Explorer | 2026-04-16 | 7.5 HIGH | N/A |
| Buffer overflow in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to execute arbitrary code via / (slash) characters in the Type property of an Object tag in a web page. | |||||
| CVE-1999-0562 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2026-04-16 | 7.5 HIGH | N/A |
| The registry in Windows NT can be accessed remotely by users who are not administrators. | |||||
| CVE-2003-1484 | 1 Microsoft | 1 Ie | 2026-04-16 | 4.3 MEDIUM | N/A |
| Microsoft Internet Explorer 6.0 SP1 allows remote attackers to cause a denial of service (crash) by creating a DHTML link that uses the AnchorClick "A" object with a blank href attribute. | |||||
| CVE-2006-3605 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | 5.0 MEDIUM | N/A |
| Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by setting the Transition property on an uninitialized DXImageTransform.Microsoft.RevealTrans.1 ActiveX Object, which triggers a null dereference. | |||||
| CVE-1999-0228 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | 5.0 MEDIUM | N/A |
| Denial of service in RPCSS.EXE program (RPC Locator) in Windows NT. | |||||
| CVE-2002-0369 | 1 Microsoft | 1 .net Framework | 2026-04-16 | 10.0 HIGH | N/A |
| Buffer overflow in ASP.NET Worker Process allows remote attackers to cause a denial of service (restart) and possibly execute arbitrary code via a routine that processes cookies while in StateServer mode. | |||||
| CVE-2000-0415 | 1 Microsoft | 2 Outlook, Outlook Express | 2026-04-16 | 5.0 MEDIUM | N/A |
| Buffer overflow in Outlook Express 4.x allows attackers to cause a denial of service via a mail or news message that has a .jpg or .bmp attachment with a long file name. | |||||
| CVE-2003-0530 | 1 Microsoft | 2 Ie, Internet Explorer | 2026-04-16 | 7.5 HIGH | N/A |
| Buffer overflow in the BR549.DLL ActiveX control for Internet Explorer 5.01 SP3 through 6.0 SP1 allows remote attackers to execute arbitrary code. | |||||
| CVE-2000-0126 | 1 Microsoft | 1 Internet Information Server | 2026-04-16 | 5.0 MEDIUM | N/A |
| Sample Internet Data Query (IDQ) scripts in IIS 3 and 4 allow remote attackers to read files via a .. (dot dot) attack. | |||||
| CVE-2006-0008 | 1 Microsoft | 3 Office, Windows 2003 Server, Windows Xp | 2026-04-16 | 7.2 HIGH | N/A |
| The ShellAbout API call in Korean Input Method Editor (IME) in Korean versions of Microsoft Windows XP SP1 and SP2, Windows Server 2003 up to SP1, and Office 2003, allows local users to gain privileges by launching the "shell about dialog box" and clicking the "End-User License Agreement" link, which executes Notepad with the privileges of the program that displays the about box. | |||||