Filtered by vendor Microsoft
Subscriptions
Total
23442 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-1288 | 1 Microsoft | 1 Java Virtual Machine | 2025-04-03 | N/A |
| The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to determine the current directory of the Internet Explorer process via the getAbsolutePath() method in a File() call. | ||||
| CVE-2002-1293 | 1 Microsoft | 1 Java Virtual Machine | 2025-04-03 | N/A |
| The Microsoft Java implementation, as used in Internet Explorer, provides a public load0() method for the CabCracker class (com.ms.vm.loader.CabCracker), which allows remote attackers to bypass the security checks that are performed by the load() method. | ||||
| CVE-2001-0244 | 1 Microsoft | 1 Index Server | 2025-04-03 | N/A |
| Buffer overflow in Microsoft Index Server 2.0 allows remote attackers to execute arbitrary commands via a long search parameter. | ||||
| CVE-1999-0506 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2025-04-03 | N/A |
| A Windows NT domain user or administrator account has a default, null, blank, or missing password. | ||||
| CVE-2000-0403 | 1 Microsoft | 1 Windows Nt | 2025-04-03 | N/A |
| The CIFS Computer Browser service on Windows NT 4.0 allows a remote attacker to cause a denial of service by sending a large number of host announcement requests to the master browse tables, aka the "HostAnnouncement Flooding" or "HostAnnouncement Frame" vulnerability. | ||||
| CVE-1999-0518 | 1 Microsoft | 1 Windows 95 | 2025-04-03 | N/A |
| A NETBIOS/SMB share password is guessable. | ||||
| CVE-1999-0537 | 2 Microsoft, Netscape | 2 Internet Explorer, Communicator | 2025-04-03 | N/A |
| A configuration in a web browser such as Internet Explorer or Netscape Navigator allows execution of active content such as ActiveX, Java, Javascript, etc. | ||||
| CVE-1999-0891 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | N/A |
| The "download behavior" in Internet Explorer 5 allows remote attackers to read arbitrary files via a server-side redirect. | ||||
| CVE-2003-0117 | 1 Microsoft | 1 Biztalk Server | 2025-04-03 | N/A |
| Buffer overflow in the HTTP receiver function (BizTalkHTTPReceive.dll ISAPI) of Microsoft BizTalk Server 2002 allows attackers to execute arbitrary code via a certain request to the HTTP receiver. | ||||
| CVE-1999-1322 | 2 Broadcom, Microsoft | 3 Arcserve Backup, Inoculan, Exchange Server | 2025-04-03 | N/A |
| The installation of 1ArcServe Backup and Inoculan AV client modules for Exchange create a log file, exchverify.log, which contains usernames and passwords in plaintext. | ||||
| CVE-1999-0877 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | N/A |
| Internet Explorer 5 allows remote attackers to read files via an ExecCommand method called on an IFRAME. | ||||
| CVE-2001-0149 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | N/A |
| Windows Scripting Host in Internet Explorer 5.5 and earlier allows remote attackers to read arbitrary files via the GetObject Javascript function and the htmlfile ActiveX object. | ||||
| CVE-1999-1360 | 1 Microsoft | 1 Windows Nt | 2025-04-03 | N/A |
| Windows NT 4.0 allows local users to cause a denial of service via a user mode application that closes a handle that was opened in kernel mode, which causes a crash when the kernel attempts to close the handle. | ||||
| CVE-1999-1222 | 1 Microsoft | 1 Windows Nt | 2025-04-03 | N/A |
| Netbt.sys in Windows NT 4.0 allows remote malicious DNS servers to cause a denial of service (crash) by returning 0.0.0.0 as the IP address for a DNS host name lookup. | ||||
| CVE-1999-1363 | 1 Microsoft | 1 Windows Nt | 2025-04-03 | N/A |
| Windows NT 3.51 and 4.0 allow local users to cause a denial of service (crash) by running a program that creates a large number of locks on a file, which exhausts the NonPagedPool. | ||||
| CVE-1999-0874 | 1 Microsoft | 3 Internet Information Server, Windows 2000, Windows Nt | 2025-04-03 | N/A |
| Buffer overflow in IIS 4.0 allows remote attackers to cause a denial of service via a malformed request for files with .HTR, .IDC, or .STM extensions. | ||||
| CVE-2005-1982 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2025-04-03 | N/A |
| Unknown vulnerability in the PKINIT Protocol for Microsoft Windows 2000, Windows XP, and Windows Server 2003 could allow a local user to obtain information and spoof a server via a man-in-the-middle (MITM) attack between a client and a domain controller when PKINIT smart card authentication is being used. | ||||
| CVE-2005-1990 | 1 Microsoft | 2 Ie, Internet Explorer | 2025-04-03 | N/A |
| Internet Explorer 5.0, 5.5, and 6.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not ActiveX controls, including (1) devenum.dll, (2) diactfrm.dll, (3) wmm2filt.dll, (4) fsusd.dll, (5) dmdskmgr.dll, (6) browsewm.dll, (7) browseui.dll, (8) shell32.dll, (9) mshtml.dll, (10) inetcfg.dll, (11) infosoft.dll, (12) query.dll, (13) syncui.dll, (14) clbcatex.dll, (15) clbcatq.dll, (16) comsvcs.dll, and (17) msconf.dll, which causes memory corruption, aka "COM Object Instantiation Memory Corruption Vulnerability," a different vulnerability than CVE-2005-2087. | ||||
| CVE-1999-1472 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | N/A |
| Internet Explorer 4.0 allows remote attackers to read arbitrary text and HTML files on the user's machine via a small IFRAME that uses Dynamic HTML (DHTML) to send the data to the attacker, aka the Freiburg text-viewing issue. | ||||
| CVE-1999-1478 | 1 Microsoft | 1 Internet Information Server | 2025-04-03 | N/A |
| The Sun HotSpot Performance Engine VM allows a remote attacker to cause a denial of service on any server running HotSpot via a URL that includes the [ character. | ||||