Filtered by vendor Microsoft
Subscribe
Total
23465 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-4219 | 1 Microsoft | 1 Ie | 2026-04-16 | 7.5 HIGH | N/A |
| The Terminal Services COM object (tsuserex.dll) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by instantiating it as an ActiveX object in Internet Explorer 6.0 SP1 on Microsoft Windows 2003 EE SP1 CN. | |||||
| CVE-2001-0501 | 1 Microsoft | 1 Word | 2026-04-16 | 4.6 MEDIUM | N/A |
| Microsoft Word 2002 and earlier allows attackers to automatically execute macros without warning the user by embedding the macros in a manner that escapes detection by the security scanner. | |||||
| CVE-2002-2028 | 1 Microsoft | 3 Windows 2000, Windows Nt, Windows Xp | 2026-04-16 | 2.1 LOW | N/A |
| The screensaver on Windows NT 4.0, 2000, XP, and 2002 does not verify if a domain account has already been locked when a valid password is provided, which makes it easier for users with physical access to conduct brute force password guessing. | |||||
| CVE-1999-0344 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | 7.2 HIGH | N/A |
| NT users can gain debug-level access on a system process using the Sechole exploit. | |||||
| CVE-2006-2378 | 1 Microsoft | 4 Ie, Internet Explorer, Windows 2003 Server and 1 more | 2026-04-16 | 6.8 MEDIUM | N/A |
| Buffer overflow in the ART Image Rendering component (jgdw400.dll) in Microsoft Windows XP SP1 and Sp2, Server 2003 SP1 and earlier, and Windows 98 and Me allows remote attackers to execute arbitrary code via a crafted ART image that causes heap corruption. | |||||
| CVE-2002-1188 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | 6.4 MEDIUM | N/A |
| Internet Explorer 5.01 through 6.0 allows remote attackers to identify the path to the Temporary Internet Files folder and obtain user information such as cookies via certain uses of the OBJECT tag, which are not subjected to the proper security checks, aka "Temporary Internet Files folders Name Reading." | |||||
| CVE-2000-0662 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | 5.0 MEDIUM | N/A |
| Internet Explorer 5.x and Microsoft Outlook allows remote attackers to read arbitrary files by redirecting the contents of an IFRAME using the DHTML Edit Control (DHTMLED). | |||||
| CVE-2005-1978 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2026-04-16 | 7.5 HIGH | N/A |
| COM+ in Microsoft Windows does not properly "create and use memory structures," which allows local users or remote attackers to execute arbitrary code. | |||||
| CVE-2005-0550 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2026-04-16 | 2.1 LOW | N/A |
| Buffer overflow in Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to cause a denial of service (i.e., system crash) via a malformed request, aka "Object Management Vulnerability". | |||||
| CVE-2003-1469 | 2 Macromedia, Microsoft | 5 Coldfusion, Coldfusion Professional, Windows 2000 and 2 more | 2026-04-16 | 5.0 MEDIUM | N/A |
| The default configuration of ColdFusion MX has the "Enable Robust Exception Information" option selected, which allows remote attackers to obtain the full path of the web server via a direct request to CFIDE/probe.cfm, which leaks the path in an error message. | |||||
| CVE-1999-0721 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2026-04-16 | 7.8 HIGH | N/A |
| Denial of service in Windows NT Local Security Authority (LSA) through a malformed LSA request. | |||||
| CVE-2001-0003 | 1 Microsoft | 4 Office, Windows 2000, Windows Me and 1 more | 2026-04-16 | 5.0 MEDIUM | N/A |
| Web Extender Client (WEC) in Microsoft Office 2000, Windows 2000, and Windows Me does not properly process Internet Explorer security settings for NTLM authentication, which allows attackers to obtain NTLM credentials and possibly obtain the password, aka the "Web Client NTLM Authentication" vulnerability. | |||||
| CVE-2006-3660 | 1 Microsoft | 1 Powerpoint | 2026-04-16 | 7.6 HIGH | N/A |
| Unspecified vulnerability in Microsoft PowerPoint 2003 has unknown impact and user-assisted attack vectors related to powerpnt.exe. NOTE: due to the lack of available details as of 20060717, it is unclear how this is related to CVE-2006-3655, CVE-2006-3656, and CVE-2006-3590, although it is possible that they are all different. | |||||
| CVE-1999-0874 | 1 Microsoft | 3 Internet Information Server, Windows 2000, Windows Nt | 2026-04-16 | 10.0 HIGH | N/A |
| Buffer overflow in IIS 4.0 allows remote attackers to cause a denial of service via a malformed request for files with .HTR, .IDC, or .STM extensions. | |||||
| CVE-2003-0496 | 1 Microsoft | 2 Windows 2000, Windows 2000 Terminal Services | 2026-04-16 | 7.2 HIGH | N/A |
| Microsoft SQL Server before Windows 2000 SP4 allows local users to gain privileges as the SQL Server user by calling the xp_fileexist extended stored procedure with a named pipe as an argument instead of a normal file. | |||||
| CVE-2004-2339 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2026-04-16 | 7.2 HIGH | 8.4 HIGH |
| Microsoft Windows 2000, XP, and possibly 2003 allows local users with the SeDebugPrivilege privilege to execute arbitrary code as kernel and read or write kernel memory via the NtSystemDebugControl function, which does not verify its pointer arguments. Note: this issue has been disputed, since Administrator privileges are typically required to exploit this issue, thus privilege boundaries are not crossed | |||||
| CVE-2005-0554 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | 7.5 HIGH | N/A |
| Buffer overflow in the URL processor of Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a URL with a long hostname, aka "URL Parsing Memory Corruption Vulnerability." | |||||
| CVE-1999-0469 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | 5.0 MEDIUM | N/A |
| Internet Explorer 5.0 allows window spoofing, allowing a remote attacker to spoof a legitimate web site and capture information from the client. | |||||
| CVE-2005-1984 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2026-04-16 | 7.5 HIGH | N/A |
| Buffer overflow in the Print Spooler service (Spoolsv.exe) for Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code via a malicious message. | |||||
| CVE-2006-2312 | 2 Microsoft, Skype | 2 Windows, Skype | 2026-04-16 | 2.6 LOW | N/A |
| Argument injection vulnerability in the URI handler in Skype 2.0.*.104 and 2.5.*.0 through 2.5.*.78 for Windows allows remote authorized attackers to download arbitrary files via a URL that contains certain command-line switches. | |||||