Total
286 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-0663 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2025-04-03 | 5.0 MEDIUM | N/A |
| Terminal Server in Windows NT and Windows 2000 allows remote attackers to cause a denial of service via a sequence of invalid Remote Desktop Protocol (RDP) packets. | |||||
| CVE-1999-0372 | 1 Microsoft | 3 Backoffice, Windows 2000, Windows Nt | 2025-04-03 | 2.1 LOW | N/A |
| The installer for BackOffice Server includes account names and passwords in a setup file (reboot.ini) which is not deleted. | |||||
| CVE-1999-0016 | 6 Cisco, Gnu, Hp and 3 more | 8 Ios, Inet, Hp-ux and 5 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| Land IP denial of service. | |||||
| CVE-2003-0227 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2025-04-03 | 5.0 MEDIUM | N/A |
| The logging capability for unicast and multicast transmissions in the ISAPI extension for Microsoft Windows Media Services in Microsoft Windows NT 4.0 and 2000, nsiislog.dll, allows remote attackers to cause a denial of service in Internet Information Server (IIS) and execute arbitrary code via a certain network request. | |||||
| CVE-2006-0988 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Nt | 2025-04-03 | 7.8 HIGH | N/A |
| The default configuration of the DNS Server service on Windows Server 2003 and Windows 2000, and the Microsoft DNS Server service on Windows NT 4.0, allows recursive queries and provides additional delegation information to arbitrary IP addresses, which allows remote attackers to cause a denial of service (traffic amplification) via DNS queries with spoofed source IP addresses. | |||||
| CVE-2003-0818 | 1 Microsoft | 4 Windows 2000, Windows 2003 Server, Windows Nt and 1 more | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple integer overflows in Microsoft ASN.1 library (MSASN1.DLL), as used in LSASS.EXE, CRYPT32.DLL, and other Microsoft executables and libraries on Windows NT 4.0, 2000, and XP, allow remote attackers to execute arbitrary code via ASN.1 BER encodings with (1) very large length fields that cause arbitrary heap data to be overwritten, or (2) modified bit strings. | |||||
| CVE-2004-0568 | 1 Microsoft | 4 Windows 2000, Windows 2003 Server, Windows Nt and 1 more | 2025-04-03 | 10.0 HIGH | N/A |
| HyperTerminal application for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the length of a value that is saved in a session file, which allows remote attackers to execute arbitrary code via a malicious HyperTerminal session file (.ht), web site, or Telnet URL contained in an e-mail message, triggering a buffer overflow. | |||||
| CVE-2000-0070 | 1 Microsoft | 1 Windows Nt | 2025-04-03 | 7.2 HIGH | N/A |
| NtImpersonateClientOfPort local procedure call in Windows NT 4.0 allows local users to gain privileges, aka "Spoofed LPC Port Request." | |||||
| CVE-2003-0112 | 1 Microsoft | 4 Windows 2000, Windows 2000 Terminal Services, Windows Nt and 1 more | 2025-04-03 | 4.6 MEDIUM | N/A |
| Buffer overflow in Windows Kernel allows local users to gain privileges by causing certain error messages to be passed to a debugger. | |||||
| CVE-1999-0593 | 1 Microsoft | 1 Windows Nt | 2025-04-03 | 4.9 MEDIUM | N/A |
| The default setting for the Winlogon key entry ShutdownWithoutLogon in Windows NT allows users with physical access to shut down a Windows NT system without logging in. | |||||
| CVE-2004-0893 | 1 Microsoft | 4 Windows 2000, Windows 2003 Server, Windows Nt and 1 more | 2025-04-03 | 7.2 HIGH | N/A |
| The Local Procedure Call (LPC) interface of the Windows Kernel for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the lengths of messages sent to the LPC port, which allows local users to gain privileges, aka "Windows Kernel Vulnerability." | |||||
| CVE-1999-0506 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2025-04-03 | 7.2 HIGH | N/A |
| A Windows NT domain user or administrator account has a default, null, blank, or missing password. | |||||
| CVE-2002-0863 | 1 Microsoft | 5 .net Windows Server, Windows 2000, Windows 2000 Terminal Services and 2 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| Remote Data Protocol (RDP) version 5.0 in Microsoft Windows 2000 and RDP 5.1 in Windows XP does not encrypt the checksums of plaintext session data, which could allow a remote attacker to determine the contents of encrypted sessions via sniffing, aka "Weak Encryption in RDP Protocol." | |||||
| CVE-2000-0089 | 1 Microsoft | 1 Windows Nt | 2025-04-03 | 2.1 LOW | N/A |
| The rdisk utility in Microsoft Terminal Server Edition and Windows NT 4.0 stores registry hive information in a temporary file with permissions that allow local users to read it, aka the "RDISK Registry Enumeration File" vulnerability. | |||||
| CVE-2004-0900 | 1 Microsoft | 1 Windows Nt | 2025-04-03 | 10.0 HIGH | N/A |
| The DHCP Server service for Microsoft Windows NT 4.0 Server and Terminal Server Edition does not properly validate the length of certain messages, which allows remote attackers to execute arbitrary code via a malformed DHCP message, aka the "DHCP Request Vulnerability." | |||||
| CVE-2002-0862 | 2 Apple, Microsoft | 10 Macos, Internet Explorer, Office and 7 more | 2025-04-03 | 6.8 MEDIUM | N/A |
| The (1) CertGetCertificateChain, (2) CertVerifyCertificateChainPolicy, and (3) WinVerifyTrust APIs within the CryptoAPI for Microsoft products including Microsoft Windows 98 through XP, Office for Mac, Internet Explorer for Mac, and Outlook Express for Mac, do not properly verify the Basic Constraints of intermediate CA-signed X.509 certificates, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack for SSL sessions, as originally reported for Internet Explorer and IIS. | |||||
| CVE-2004-0571 | 1 Microsoft | 7 Windows 2000, Windows 2003 Server, Windows 98 and 4 more | 2025-04-03 | 10.0 HIGH | N/A |
| Microsoft Word for Windows 6.0 Converter does not properly validate certain data lengths, which allows remote attackers to execute arbitrary code via a .wri, .rtf, and .doc file sent by email or malicious web site, aka "Table Conversion Vulnerability," a different vulnerability than CVE-2004-0901. | |||||
| CVE-2003-1437 | 6 Bea, Hp, Ibm and 3 more | 8 Weblogic Server, Hp-ux, Aix and 5 more | 2025-04-03 | 2.1 LOW | N/A |
| BEA WebLogic Express and WebLogic Server 7.0 and 7.0.0.1, stores passwords in plaintext when a keystore is used to store a private key or trust certificate authorities, which allows local users to gain access. | |||||
| CVE-1999-0815 | 1 Microsoft | 1 Windows Nt | 2025-04-03 | 5.0 MEDIUM | N/A |
| Memory leak in SNMP agent in Windows NT 4.0 before SP5 allows remote attackers to conduct a denial of service (memory exhaustion) via a large number of queries. | |||||
| CVE-1999-0256 | 2 Jgaa, Microsoft | 3 Warftpd, Windows 95, Windows Nt | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in War FTP allows remote execution of commands. | |||||