Search Results (24974 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-1999-0777 1 Microsoft 2 Commercial Internet System, Internet Information Server 2026-04-16 N/A
IIS FTP servers may allow a remote attacker to read or delete files on the server, even if they have "No Access" permissions.
CVE-1999-0793 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Internet Explorer allows remote attackers to read files by redirecting data to a Javascript applet.
CVE-1999-0391 1 Microsoft 3 Terminal Server, Windows 2000, Windows Nt 2026-04-16 N/A
The cryptographic challenge of SMB authentication in Windows 95 and Windows 98 can be reused, allowing an attacker to replay the response and impersonate a user.
CVE-1999-0179 1 Microsoft 2 Windows 95, Windows Nt 2026-04-16 N/A
Windows NT crashes or locks up when a Samba client executes a "cd .." command on a file share.
CVE-1999-0227 1 Microsoft 1 Windows Nt 2026-04-16 N/A
Access violation in LSASS.EXE (LSA/LSARPC) program in Windows NT allows a denial of service.
CVE-1999-0249 1 Microsoft 2 Windows 2000, Windows Nt 2026-04-16 N/A
Windows NT RSHSVC program allows remote users to execute arbitrary commands.
CVE-1999-0258 1 Microsoft 2 Windows 95, Windows Nt 2026-04-16 N/A
Bonk variation of teardrop IP fragmentation denial of service.
CVE-1999-0281 1 Microsoft 2 Internet Information Server, Internet Information Services 2026-04-16 N/A
Denial of service in IIS using long URLs.
CVE-1999-0288 1 Microsoft 1 Windows Nt 2026-04-16 N/A
The WINS server in Microsoft Windows NT 4.0 before SP4 allows remote attackers to cause a denial of service (process termination) via invalid UDP frames to port 137 (NETBIOS Name Service), as demonstrated via a flood of random packets.
CVE-1999-0344 1 Microsoft 1 Windows Nt 2026-04-16 N/A
NT users can gain debug-level access on a system process using the Sechole exploit.
CVE-1999-0347 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Internet Explorer 4.01 allows remote attackers to read local files and spoof web pages via a "%01" character in an "about:" Javascript URL, which causes Internet Explorer to use the domain specified after the character.
CVE-2003-0112 1 Microsoft 4 Windows 2000, Windows 2000 Terminal Services, Windows Nt and 1 more 2026-04-16 N/A
Buffer overflow in Windows Kernel allows local users to gain privileges by causing certain error messages to be passed to a debugger.
CVE-1999-0348 1 Microsoft 1 Internet Information Server 2026-04-16 N/A
IIS ASP caching problem releases sensitive information when two virtual servers share the same physical directory.
CVE-1999-0364 2 Fms Inc., Microsoft 2 Total Vb Sourcebook, Access 2026-04-16 N/A
Microsoft Access 97 stores a database password as plaintext in a foreign mdb, allowing access to data.
CVE-1999-0154 1 Microsoft 2 Internet Information Server, Internet Information Services 2026-04-16 N/A
IIS 2.0 and 3.0 allows remote attackers to read the source code for ASP pages by appending a . (dot) to the end of the URL.
CVE-1999-0077 1 Microsoft 1 Windows Nt 2026-04-16 N/A
Predictable TCP sequence numbers allow spoofing.
CVE-2003-0011 1 Microsoft 1 Isa Server 2026-04-16 N/A
Unknown vulnerability in the DNS intrusion detection application filter for Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to cause a denial of service (blocked traffic to DNS servers) via a certain type of incoming DNS request that is not properly handled.
CVE-2003-0010 1 Microsoft 7 Windows 2000, Windows 2000 Terminal Services, Windows 98 and 4 more 2026-04-16 N/A
Integer overflow in JsArrayFunctionHeapSort function used by Windows Script Engine for JScript (JScript.dll) on various Windows operating system allows remote attackers to execute arbitrary code via a malicious web page or HTML e-mail that uses a large array index value that enables a heap-based buffer overflow attack.
CVE-2004-0719 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Internet Explorer for Mac 5.2.3, Internet Explorer 6 on Windows XP, and possibly other versions, does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability.
CVE-2004-0728 1 Microsoft 1 Systems Management Server 2026-04-16 N/A
The Remote Control Client service in Microsoft's Systems Management Server (SMS) 2.50.2726.0 allows remote attackers to cause a denial of service (crash) via a data packet to TCP port 2702 that causes the server to read or write to an invalid memory address.