Filtered by vendor Microsoft
Subscribe
Total
23341 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-0578 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | 4.6 MEDIUM | N/A |
| A Windows NT system's registry audit policy does not log an event success or failure for security-critical registry keys. | |||||
| CVE-2000-1217 | 1 Microsoft | 1 Windows 2000 | 2026-04-16 | 4.6 MEDIUM | N/A |
| Microsoft Windows 2000 before Service Pack 2 (SP2), when running in a non-Windows 2000 domain and using NTLM authentication, and when credentials of an account are locally cached, allows local users to bypass account lockout policies and make an unlimited number of login attempts, aka the "Domain Account Lockout" vulnerability. | |||||
| CVE-2005-2118 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2026-04-16 | 5.1 MEDIUM | N/A |
| Windows Shell for Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 allows remote user-assisted attackers to execute arbitrary commands via a crafted shortcut (.lnk) file with long font properties that lead to a buffer overflow when the user views the file's properties using Windows Explorer, a different vulnerability than CVE-2005-2122. | |||||
| CVE-2003-1106 | 1 Microsoft | 1 Windows 2000 | 2026-04-16 | 5.0 MEDIUM | N/A |
| The SMTP service in Microsoft Windows 2000 before SP4 allows remote attackers to cause a denial of service (crash or hang) via an e-mail message with a malformed time stamp in the FILETIME attribute. | |||||
| CVE-1999-1452 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | 2.1 LOW | N/A |
| GINA in Windows NT 4.0 allows attackers with physical access to display a portion of the clipboard of the user who has locked the workstation by pasting (CTRL-V) the contents into the username prompt. | |||||
| CVE-2003-0666 | 1 Microsoft | 1 Wordperfect Converter | 2026-04-16 | 7.5 HIGH | N/A |
| Buffer overflow in Microsoft Wordperfect Converter allows remote attackers to execute arbitrary code via modified data offset and data size parameters in a Corel WordPerfect file. | |||||
| CVE-2000-1082 | 1 Microsoft | 2 Data Engine, Sql Server | 2026-04-16 | 4.6 MEDIUM | N/A |
| The xp_enumresultset function in SQL Server and Microsoft SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an attacker to cause a denial of service or execute arbitrary commands, aka the "Extended Stored Procedure Parameter Parsing" vulnerability. | |||||
| CVE-2001-0723 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | 6.4 MEDIUM | N/A |
| Internet Explorer 5.5 and 6.0 allows remote attackers to read and modify user cookies via Javascript, aka the "Second Cookie Handling Vulnerability." | |||||
| CVE-2002-2380 | 2 Arescom, Microsoft | 2 Netdsl, Network Firmware | 2026-04-16 | 6.4 MEDIUM | N/A |
| NetDSL ADSL Modem 800 with Microsoft Network firmware 5.5.11 allows remote attackers to gain access to configuration menus by sniffing undocumented usernames and passwords from network traffic. | |||||
| CVE-2006-0002 | 1 Microsoft | 3 Exchange Server, Office, Outlook | 2026-04-16 | 7.5 HIGH | N/A |
| Unspecified vulnerability in Microsoft Outlook 2000 through 2003, Exchange 5.0 Server SP2 and 5.5 SP4, Exchange 2000 SP3, and Office allows remote attackers to execute arbitrary code via an e-mail message with a crafted Transport Neutral Encapsulation Format (TNEF) MIME attachment, related to message length validation. | |||||
| CVE-1999-1367 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | 4.6 MEDIUM | N/A |
| Internet Explorer 5.0 does not properly reset the username/password cache for Web sites that do not use standard cache controls, which could allow users on the same system to access restricted web sites that were visited by other users. | |||||
| CVE-2005-0061 | 1 Microsoft | 6 Windows 2000, Windows 2003 Server, Windows 98 and 3 more | 2026-04-16 | 7.2 HIGH | N/A |
| The kernel of Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to gain privileges via certain access requests. | |||||
| CVE-2000-0153 | 1 Microsoft | 2 Frontpage, Personal Web Server | 2026-04-16 | 5.0 MEDIUM | N/A |
| FrontPage Personal Web Server (PWS) allows remote attackers to read files via a .... (dot dot) attack. | |||||
| CVE-2002-0020 | 1 Microsoft | 2 Interix, Windows 2000 | 2026-04-16 | 7.5 HIGH | N/A |
| Buffer overflow in telnet server in Windows 2000 and Interix 2.2 allows remote attackers to execute arbitrary code via malformed protocol options. | |||||
| CVE-1999-0537 | 2 Microsoft, Netscape | 2 Internet Explorer, Communicator | 2026-04-16 | 7.5 HIGH | N/A |
| A configuration in a web browser such as Internet Explorer or Netscape Navigator allows execution of active content such as ActiveX, Java, Javascript, etc. | |||||
| CVE-2006-3655 | 1 Microsoft | 1 Powerpoint | 2026-04-16 | 5.1 MEDIUM | N/A |
| Unspecified vulnerability in mso.dll in Microsoft PowerPoint 2003 allows user-assisted attackers to execute arbitrary code via a crafted PowerPoint file. NOTE: due to the lack of available details as of 20060717, it is unclear how this is related to CVE-2006-3656, CVE-2006-3660, and CVE-2006-3590, although it is possible that they are all different. | |||||
| CVE-1999-0281 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2026-04-16 | 5.0 MEDIUM | N/A |
| Denial of service in IIS using long URLs. | |||||
| CVE-2001-0237 | 1 Microsoft | 1 Windows 2000 | 2026-04-16 | 5.0 MEDIUM | N/A |
| Memory leak in Microsoft 2000 domain controller allows remote attackers to cause a denial of service by repeatedly connecting to the Kerberos service and then disconnecting without sending any data. | |||||
| CVE-2003-0113 | 1 Microsoft | 2 Ie, Internet Explorer | 2026-04-16 | 7.5 HIGH | N/A |
| Buffer overflow in URLMON.DLL in Microsoft Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute arbitrary code via an HTTP response containing long values in (1) Content-type and (2) Content-encoding fields. | |||||
| CVE-2003-0701 | 1 Microsoft | 2 Ie, Internet Explorer | 2026-04-16 | 7.5 HIGH | N/A |
| Buffer overflow in Internet Explorer 6 SP1 for certain languages that support double-byte encodings (e.g., Japanese) allows remote attackers to execute arbitrary code via the Type property of an Object tag, a variant of CVE-2003-0344. | |||||