Export limit exceeded: 19402 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19402 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-1999-1365 1 Microsoft 1 Windows Nt 2026-04-16 N/A
Windows NT searches a user's home directory (%systemroot% by default) before other directories to find critical programs such as NDDEAGNT.EXE, EXPLORER.EXE, USERINIT.EXE or TASKMGR.EXE, which could allow local users to bypass access restrictions or gain privileges by placing a Trojan horse program into the root directory, which is writable by default.
CVE-1999-1364 1 Microsoft 1 Windows Nt 2026-04-16 N/A
Windows NT 4.0 allows local users to cause a denial of service (crash) via an illegal kernel mode address to the functions (1) GetThreadContext or (2) SetThreadContext.
CVE-1999-1363 1 Microsoft 1 Windows Nt 2026-04-16 N/A
Windows NT 3.51 and 4.0 allow local users to cause a denial of service (crash) by running a program that creates a large number of locks on a file, which exhausts the NonPagedPool.
CVE-1999-1361 1 Microsoft 1 Windows Nt 2026-04-16 N/A
Windows NT 3.51 and 4.0 running WINS (Windows Internet Name Service) allows remote attackers to cause a denial of service (resource exhaustion) via a flood of malformed packets, which causes the server to slow down and fill the event logs with error messages.
CVE-2005-2119 1 Microsoft 3 Windows 2000, Windows 2003 Server, Windows Xp 2026-04-16 N/A
The MIDL_user_allocate function in the Microsoft Distributed Transaction Coordinator (MSDTC) proxy (MSDTCPRX.DLL) allocates a 4K page of memory regardless of the required size, which allows attackers to overwrite arbitrary memory locations using an incorrect size value that is provided to the NdrAllocate function, which writes management data to memory outside of the allocated buffer.
CVE-2002-0863 1 Microsoft 5 .net Windows Server, Windows 2000, Windows 2000 Terminal Services and 2 more 2026-04-16 N/A
Remote Data Protocol (RDP) version 5.0 in Microsoft Windows 2000 and RDP 5.1 in Windows XP does not encrypt the checksums of plaintext session data, which could allow a remote attacker to determine the contents of encrypted sessions via sniffing, aka "Weak Encryption in RDP Protocol."
CVE-2005-3177 1 Microsoft 3 Windows 2000, Windows 2003 Server, Windows Xp 2026-04-16 N/A
CHKDSK in Microsoft Windows 2000 before Update Rollup 1 for SP4, Windows XP, and Windows Server 2003, when running in fix mode, does not properly handle security descriptors if the master file table contains a large number of files or if the descriptors do not satisfy certain NTFS conventions, which could cause ACLs for some files to be reverted to less secure defaults, or cause security descriptors to be removed.
CVE-1999-1222 1 Microsoft 1 Windows Nt 2026-04-16 N/A
Netbt.sys in Windows NT 4.0 allows remote malicious DNS servers to cause a denial of service (crash) by returning 0.0.0.0 as the IP address for a DNS host name lookup.
CVE-1999-1217 1 Microsoft 1 Windows Nt 2026-04-16 N/A
The PATH in Windows NT includes the current working directory (.), which could allow local users to gain privileges by placing Trojan horse programs with the same name as commonly used system programs into certain directories.
CVE-2002-0823 1 Microsoft 2 Windows 2000, Windows Help 2026-04-16 N/A
Buffer overflow in Winhlp32.exe allows remote attackers to execute arbitrary code via an HTML document that calls the HTML Help ActiveX control (HHCtrl.ocx) with a long pathname in the Item parameter.
CVE-1999-1201 1 Microsoft 2 Windows 95, Windows 98 2026-04-16 N/A
Windows 95 and Windows 98 systems, when configured with multiple TCP/IP stacks bound to the same MAC address, allow remote attackers to cause a denial of service (traffic amplification) via a certain ICMP echo (ping) packet, which causes all stacks to send a ping response, aka TCP Chorusing.
CVE-2001-1200 1 Microsoft 1 Windows Xp 2026-04-16 N/A
Microsoft Windows XP allows local users to bypass a locked screen and run certain programs that are associated with Hot Keys.
CVE-2002-0020 1 Microsoft 2 Interix, Windows 2000 2026-04-16 N/A
Buffer overflow in telnet server in Windows 2000 and Interix 2.2 allows remote attackers to execute arbitrary code via malformed protocol options.
CVE-1999-1157 1 Microsoft 1 Windows Nt 2026-04-16 N/A
Tcpip.sys in Windows NT 4.0 before SP4 allows remote attackers to cause a denial of service via an ICMP Subnet Mask Address Request packet, when certain multiple IP addresses are bound to the same network interface.
CVE-2004-0474 1 Microsoft 1 Windows Xp 2026-04-16 N/A
Help Center (HelpCtr.exe) may allow remote attackers to read or execute arbitrary files via an "http://" or "file://" argument to the topic parameter in an hcp:// URL. NOTE: since the initial report of this problem, several researchers have been unable to reproduce this issue.
CVE-1999-1084 1 Microsoft 1 Windows Nt 2026-04-16 N/A
The "AEDebug" registry key is installed with insecure permissions, which allows local users to modify the key to specify a Trojan Horse debugger which is automatically executed on a system crash.
CVE-2001-1451 1 Microsoft 1 Windows 2000 2026-04-16 N/A
Memory leak in the SNMP LAN Manager (LANMAN) MIB extension for Microsoft Windows 2000 before SP3, when the Print Spooler is not running, allows remote attackers to cause a denial of service (memory consumption) via a large number of GET or GETNEXT requests.
CVE-2002-0699 1 Microsoft 6 Windows 2000, Windows 98, Windows 98se and 3 more 2026-04-16 N/A
Unknown vulnerability in the Certificate Enrollment ActiveX Control in Microsoft Windows 98, Windows 98 Second Edition, Windows Millennium, Windows NT 4.0, Windows 2000, and Windows XP allow remote attackers to delete digital certificates on a user's system via HTML.
CVE-2001-1552 1 Microsoft 1 Windows Me 2026-04-16 N/A
ssdpsrv.exe in Windows ME allows remote attackers to cause a denial of service by sending multiple newlines in a Simple Service Discovery Protocol (SSDP) message. NOTE: multiple replies to the original post state that the problem could not be reproduced.
CVE-2005-0954 1 Microsoft 3 Internet Explorer, Windows Explorer, Windows Xp 2026-04-16 N/A
Windows Explorer and Internet Explorer in Windows 2000 SP1 allows remote attackers to cause a denial of service (CPU consumption) via a malformed Windows Metafile (WMF) file.