Filtered by vendor Microsoft
Subscriptions
Filtered by product Windows Nt
Subscriptions
Total
286 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2000-0663 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2026-04-16 | N/A |
| The registry entry for the Windows Shell executable (Explorer.exe) in Windows NT and Windows 2000 uses a relative path name, which allows local users to execute arbitrary commands by inserting a Trojan Horse named Explorer.exe into the %Systemdrive% directory, aka the "Relative Shell Path" vulnerability. | ||||
| CVE-2000-1089 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2026-04-16 | N/A |
| Buffer overflow in Microsoft Phone Book Service allows local users to execute arbitrary commands, aka the "Phone Book Service Buffer Overflow" vulnerability. | ||||
| CVE-2004-1080 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Nt | 2026-04-16 | N/A |
| The WINS service (wins.exe) on Microsoft Windows NT Server 4.0, Windows 2000 Server, and Windows Server 2003 allows remote attackers to write to arbitrary memory locations and possibly execute arbitrary code via a modified memory pointer in a WINS replication packet to TCP port 42, aka the "Association Context Vulnerability." | ||||
| CVE-2004-0124 | 1 Microsoft | 4 Windows 2000, Windows 2003 Server, Windows Nt and 1 more | 2026-04-16 | N/A |
| The DCOM RPC interface for Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attackers to cause network communications via an "alter context" call that contains additional data, aka the "Object Identity Vulnerability." | ||||
| CVE-2000-0328 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| Windows NT 4.0 generates predictable random TCP initial sequence numbers (ISN), which allows remote attackers to perform spoofing and session hijacking. | ||||
| CVE-2004-1049 | 1 Microsoft | 4 Windows 2000, Windows 2003 Server, Windows Nt and 1 more | 2026-04-16 | N/A |
| Integer overflow in the LoadImage API of the USER32 Lib for Microsoft Windows allows remote attackers to execute arbitrary code via a .bmp, .cur, .ico or .ani file with a large image size field, which leads to a buffer overflow, aka the "Cursor and Icon Format Handling Vulnerability." | ||||
| CVE-2004-0978 | 1 Microsoft | 7 Internet Explorer, Windows 2000, Windows 98se and 4 more | 2026-04-16 | N/A |
| Heap-based buffer overflow in the Hrtbeat.ocx (Heartbeat) ActiveX control for Internet Explorer 5.01 through 6, when users who visit online gaming sites that are associated with MSN, allows remote attackers to execute arbitrary code via the SetupData parameter. | ||||
| CVE-2003-1357 | 2 Microsoft, Replicom | 2 Windows Nt, Proxyview | 2026-04-16 | N/A |
| ProxyView has a default administrator password of Administrator for Embedded Windows NT, which allows remote attackers to gain access. | ||||
| CVE-2004-0901 | 1 Microsoft | 7 Windows 2000, Windows 2003 Server, Windows 98 and 4 more | 2026-04-16 | N/A |
| Microsoft Word for Windows 6.0 Converter (MSWRD632.WPC), as used in WordPad, does not properly validate certain data lengths, which allows remote attackers to execute arbitrary code via a .wri, .rtf, and .doc file sent by email or malicious web site, aka "Font Conversion Vulnerability," a different vulnerability than CVE-2004-0571. | ||||
| CVE-1999-0372 | 1 Microsoft | 3 Backoffice, Windows 2000, Windows Nt | 2026-04-16 | N/A |
| The installer for BackOffice Server includes account names and passwords in a setup file (reboot.ini) which is not deleted. | ||||
| CVE-2004-0899 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| The DHCP Server service for Microsoft Windows NT 4.0 Server and Terminal Server Edition, with DHCP logging enabled, does not properly validate the length of certain messages, which allows remote attackers to cause a denial of service (application crash) via a malformed DHCP message, aka "Logging Vulnerability." | ||||
| CVE-2001-0017 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| Memory leak in PPTP server in Windows NT 4.0 allows remote attackers to cause a denial of service via a malformed data packet, aka the "Malformed PPTP Packet Stream" vulnerability. | ||||
| CVE-1999-1364 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| Windows NT 4.0 allows local users to cause a denial of service (crash) via an illegal kernel mode address to the functions (1) GetThreadContext or (2) SetThreadContext. | ||||
| CVE-1999-0366 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| In some cases, Service Pack 4 for Windows NT 4.0 can allow access to network shares using a blank password, through a problem with a null NT hash value. | ||||
| CVE-2005-2150 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2026-04-16 | N/A |
| Windows NT 4.0 and Windows 2000 before URP1 for Windows 2000 SP4 does not properly prevent NULL sessions from accessing certain alternate named pipes, which allows remote attackers to (1) list Windows services via svcctl or (2) read eventlogs via eventlog. | ||||
| CVE-2003-1469 | 2 Macromedia, Microsoft | 5 Coldfusion, Coldfusion Professional, Windows 2000 and 2 more | 2026-04-16 | N/A |
| The default configuration of ColdFusion MX has the "Enable Robust Exception Information" option selected, which allows remote attackers to obtain the full path of the web server via a direct request to CFIDE/probe.cfm, which leaks the path in an error message. | ||||
| CVE-1999-0288 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| The WINS server in Microsoft Windows NT 4.0 before SP4 allows remote attackers to cause a denial of service (process termination) via invalid UDP frames to port 137 (NETBIOS Name Service), as demonstrated via a flood of random packets. | ||||
| CVE-1999-0285 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| Denial of service in telnet from the Windows NT Resource Kit, by opening then immediately closing a connection. | ||||
| CVE-2004-0571 | 1 Microsoft | 7 Windows 2000, Windows 2003 Server, Windows 98 and 4 more | 2026-04-16 | N/A |
| Microsoft Word for Windows 6.0 Converter does not properly validate certain data lengths, which allows remote attackers to execute arbitrary code via a .wri, .rtf, and .doc file sent by email or malicious web site, aka "Table Conversion Vulnerability," a different vulnerability than CVE-2004-0901. | ||||
| CVE-1999-0179 | 1 Microsoft | 2 Windows 95, Windows Nt | 2026-04-16 | N/A |
| Windows NT crashes or locks up when a Samba client executes a "cd .." command on a file share. | ||||