Export limit exceeded: 23766 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (23766 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-1999-1359 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| When the Ntconfig.pol file is used on a server whose name is longer than 13 characters, Windows NT does not properly enforce policies for global groups, which could allow users to bypass restrictions that were intended by those policies. | ||||
| CVE-1999-0364 | 2 Fms Inc., Microsoft | 2 Total Vb Sourcebook, Access | 2026-04-16 | N/A |
| Microsoft Access 97 stores a database password as plaintext in a foreign mdb, allowing access to data. | ||||
| CVE-1999-0366 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| In some cases, Service Pack 4 for Windows NT 4.0 can allow access to network shares using a blank password, through a problem with a null NT hash value. | ||||
| CVE-1999-0372 | 1 Microsoft | 3 Backoffice, Windows 2000, Windows Nt | 2026-04-16 | N/A |
| The installer for BackOffice Server includes account names and passwords in a setup file (reboot.ini) which is not deleted. | ||||
| CVE-2000-0770 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2026-04-16 | N/A |
| IIS 4.0 and 5.0 does not properly restrict access to certain types of files when their parent folders have less restrictive permissions, which could allow remote attackers to bypass access restrictions to some files, aka the "File Permission Canonicalization" vulnerability. | ||||
| CVE-1999-0376 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| Local users in Windows NT can obtain administrator privileges by changing the KnownDLLs list to reference malicious programs. | ||||
| CVE-2000-0771 | 1 Microsoft | 1 Windows 2000 | 2026-04-16 | N/A |
| Microsoft Windows 2000 allows local users to cause a denial of service by corrupting the local security policy via malformed RPC traffic, aka the "Local Security Policy Corruption" vulnerability. | ||||
| CVE-1999-0379 | 1 Microsoft | 1 Backoffice Resource Kit | 2026-04-16 | N/A |
| Microsoft Taskpads allows remote web sites to execute commands on the visiting user's machine via certain methods that are marked as Safe for Scripting. | ||||
| CVE-2000-0071 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2026-04-16 | N/A |
| IIS 4.0 allows a remote attacker to obtain the real pathname of the document root by requesting non-existent files with .ida or .idq extensions. | ||||
| CVE-1999-0382 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| The screen saver in Windows NT does not verify that its security context has been changed properly, allowing attackers to run programs with elevated privileges. | ||||
| CVE-1999-1365 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| Windows NT searches a user's home directory (%systemroot% by default) before other directories to find critical programs such as NDDEAGNT.EXE, EXPLORER.EXE, USERINIT.EXE or TASKMGR.EXE, which could allow local users to bypass access restrictions or gain privileges by placing a Trojan horse program into the root directory, which is writable by default. | ||||
| CVE-1999-0384 | 1 Microsoft | 6 Office, Outlook, Project and 3 more | 2026-04-16 | N/A |
| The Forms 2.0 ActiveX control (included with Visual Basic for Applications 5.0) can be used to read text from a user's clipboard when the user accesses documents with ActiveX content. | ||||
| CVE-1999-0385 | 1 Microsoft | 1 Exchange Server | 2026-04-16 | N/A |
| The LDAP bind function in Exchange 5.5 has a buffer overflow that allows a remote attacker to conduct a denial of service or execute commands. | ||||
| CVE-1999-0391 | 1 Microsoft | 3 Terminal Server, Windows 2000, Windows Nt | 2026-04-16 | N/A |
| The cryptographic challenge of SMB authentication in Windows 95 and Windows 98 can be reused, allowing an attacker to replay the response and impersonate a user. | ||||
| CVE-2000-0777 | 1 Microsoft | 1 Money | 2026-04-16 | N/A |
| The password protection feature of Microsoft Money can store the password in plaintext, which allows attackers with physical access to the system to obtain the password, aka the "Money Password" vulnerability. | ||||
| CVE-2006-3351 | 1 Microsoft | 2 Windows 2003 Server, Windows Xp | 2026-04-16 | N/A |
| Buffer overflow in Windows Explorer (explorer.exe) on Windows XP and 2003 allows user-assisted attackers to cause a denial of service (repeated crash) and possibly execute arbitrary code via a .url file with an InternetShortcut tag containing a long URL and a large number of "file:" specifiers. | ||||
| CVE-2000-0778 | 1 Microsoft | 1 Internet Information Services | 2026-04-16 | N/A |
| IIS 5.0 allows remote attackers to obtain source code for .ASP files and other scripts via an HTTP GET request with a "Translate: f" header, aka the "Specialized Header" vulnerability. | ||||
| CVE-1999-1447 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Internet Explorer 4.0 allows remote attackers to cause a denial of service (crash) via HTML code that contains a long CLASSID parameter in an OBJECT tag. | ||||
| CVE-2000-0768 | 1 Microsoft | 2 Ie, Internet Explorer | 2026-04-16 | N/A |
| A function in Internet Explorer 4.x and 5.x does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files, aka a variant of the "Frame Domain Verification" vulnerability. | ||||
| CVE-2004-0717 | 3 Linux, Microsoft, Opera | 3 Linux Kernel, Windows, Opera Browser | 2026-04-16 | N/A |
| Opera 7.51 for Windows and 7.50 for Linux does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability. | ||||