Search Results (24974 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-0545 1 Microsoft 1 Internet Information Server 2026-04-16 N/A
IIS 4.0 with URL redirection enabled allows remote attackers to cause a denial of service (crash) via a malformed request that specifies a length that is different than the actual length.
CVE-2001-0547 1 Microsoft 1 Isa Server 2026-04-16 N/A
Memory leak in the proxy service in Microsoft Internet Security and Acceleration (ISA) Server 2000 allows local attackers to cause a denial of service (resource exhaustion).
CVE-2001-0659 1 Microsoft 1 Windows 2000 2026-04-16 N/A
Buffer overflow in IrDA driver providing infrared data exchange on Windows 2000 allows attackers who are physically close to the machine to cause a denial of service (reboot) via a malformed IrDA packet.
CVE-2001-0666 1 Microsoft 1 Exchange Server 2026-04-16 N/A
Outlook Web Access (OWA) in Microsoft Exchange 2000 allows an authenticated user to cause a denial of service (CPU consumption) via a malformed OWA request for a deeply nested folder within the user's mailbox.
CVE-2006-2919 1 Microsoft 1 Netmeeting 2026-04-16 N/A
Unspecified vulnerability in Microsoft NetMeeting 3.01 allows remote attackers to cause a denial of service (crash or CPU consumption) and possibly execute arbitrary code via crafted inputs that trigger memory corruption.
CVE-1999-0292 1 Microsoft 1 Windows Nt 2026-04-16 N/A
Denial of service through Winpopup using large user names.
CVE-1999-0499 1 Microsoft 2 Windows 2000, Windows Nt 2026-04-16 N/A
NETBIOS share information may be published through SNMP registry keys in NT.
CVE-1999-0534 1 Microsoft 2 Windows 2000, Windows Nt 2026-04-16 N/A
A Windows NT user has inappropriate rights or privileges, e.g. Act as System, Add Workstation, Backup, Change System Time, Create Pagefile, Create Permanent Object, Create Token Name, Debug, Generate Security Audit, Increase Priority, Increase Quota, Load Driver, Lock Memory, Profile Single Process, Remote Shutdown, Replace Process Token, Restore, System Environment, Take Ownership, or Unsolicited Input.
CVE-2004-0203 1 Microsoft 1 Exchange Server 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Outlook Web Access for Exchange Server 5.5 Service Pack 4 allows remote attackers to insert arbitrary script and spoof content in HTML email or web caches via an HTML redirect query.
CVE-2001-0643 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Internet Explorer 5.5 does not display the Class ID (CLSID) when it is at the end of the file name, which could allow attackers to trick the user into executing dangerous programs by making it appear that the document is of a safe file type.
CVE-2006-1364 1 Microsoft 1 Asp.net 2026-04-16 N/A
Microsoft w3wp (aka w3wp.exe) does not properly handle when the AspCompat directive is not used when referencing COM components in ASP.NET, which allows remote attackers to cause a denial of service (resource consumption or crash) by repeatedly requesting each of several documents that refer to COM components, or are restricted documents located under the ASP.NET application path.
CVE-2006-1476 1 Microsoft 1 Windows Xp 2026-04-16 N/A
Windows Firewall in Microsoft Windows XP SP2 produces incorrect application block alerts when the application filename is ".exe" (with no characters before the "."), which might allow local user-assisted users to trick a user into unblocking a Trojan horse program, as demonstrated by a malicious ".exe" program in a folder named "Internet Explorer," which triggers a question about whether to unblock the "Internet Explorer" program.
CVE-2006-1302 1 Microsoft 2 Excel, Excel Viewer 2026-04-16 N/A
Buffer overflow in Microsoft Excel 2000 through 2003 allows user-assisted attackers to execute arbitrary code via a .xls file with certain crafted fields in a SELECTION record, which triggers memory corruption, aka "Malformed SELECTION record Vulnerability."
CVE-2004-0723 1 Microsoft 1 Java Virtual Machine 2026-04-16 N/A
Microsoft Java virtual machine (VM) 5.0.0.3810 allows remote attackers to bypass sandbox restrictions to read or write certain data between applets from different domains via the "GET/Key" and "PUT/Key/Value" commands, aka "cross-site Java."
CVE-2004-0866 4 Kde, Microsoft, Mozilla and 1 more 5 Konqueror, Ie, Internet Explorer and 2 more 2026-04-16 N/A
Internet Explorer 6.0 allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk, and .sch.uk, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session.
CVE-2004-0899 1 Microsoft 1 Windows Nt 2026-04-16 N/A
The DHCP Server service for Microsoft Windows NT 4.0 Server and Terminal Server Edition, with DHCP logging enabled, does not properly validate the length of certain messages, which allows remote attackers to cause a denial of service (application crash) via a malformed DHCP message, aka "Logging Vulnerability."
CVE-2006-1185 2 Canon, Microsoft 3 Network Camera Server Vb101, Ie, Internet Explorer 2026-04-16 N/A
Unspecified vulnerability in Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via certain invalid HTML that causes memory corruption.
CVE-2006-1191 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Microsoft Internet Explorer 5.01 through 6 does not always correctly identify the domain that is associated with a browser window, which allows remote attackers to obtain sensitive cross-domain information and spoof sites by running script after the user has navigated to another site.
CVE-2006-2094 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Microsoft Internet Explorer before Windows XP Service Pack 2 and Windows Server 2003 Service Pack 1, when Prompt is configured in Security Settings, uses modal dialogs to verify that a user wishes to run an ActiveX control or perform other risky actions, which allows user-assisted remote attackers to construct a race condition that tricks a user into clicking an object or pressing keys that are actually applied to a "Yes" approval for executing the control.
CVE-1999-0680 1 Microsoft 1 Terminal Server 2026-04-16 N/A
Windows NT Terminal Server performs extra work when a client opens a new connection but before it is authenticated, allowing for a denial of service.