Filtered by vendor Microsoft
Subscribe
Total
21808 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-0749 | 1 Microsoft | 2 Windows 95, Windows 98 | 2025-04-03 | 2.6 LOW | N/A |
| Buffer overflow in Microsoft Telnet client in Windows 95 and Windows 98 via a malformed Telnet argument. | |||||
| CVE-2001-0149 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | 5.0 MEDIUM | N/A |
| Windows Scripting Host in Internet Explorer 5.5 and earlier allows remote attackers to read arbitrary files via the GetObject Javascript function and the htmlfile ActiveX object. | |||||
| CVE-2006-3439 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in the Server Service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers, including anonymous users, to execute arbitrary code via a crafted RPC message, a different vulnerability than CVE-2006-1314. | |||||
| CVE-2004-0420 | 1 Microsoft | 2 Ie, Internet Explorer | 2025-04-03 | 10.0 HIGH | N/A |
| The Windows Shell application in Windows 98, Windows ME, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code by spoofing the type of a file via a CLSID specifier in the filename, as demonstrated using Internet Explorer 6.0.2800.1106 on Windows XP. | |||||
| CVE-2001-0151 | 1 Microsoft | 1 Internet Information Services | 2025-04-03 | 5.0 MEDIUM | N/A |
| IIS 5.0 allows remote attackers to cause a denial of service via a series of malformed WebDAV requests. | |||||
| CVE-2005-4089 | 1 Microsoft | 2 Ie, Internet Explorer | 2025-04-03 | 7.1 HIGH | N/A |
| Microsoft Internet Explorer allows remote attackers to bypass cross-domain security restrictions and obtain sensitive information by using the @import directive to download files from other domains that are not valid Cascading Style Sheets (CSS) files, as demonstrated using Google Desktop, aka "CSSXSS" and "CSS Cross-Domain Information Disclosure Vulnerability." | |||||
| CVE-2004-0848 | 1 Microsoft | 6 Office, Powerpoint, Project and 3 more | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in Microsoft Office XP allows remote attackers to execute arbitrary code via a link with a URL file location containing long inputs after (1) "%00 (null byte) in .doc filenames or (2) "%0a" (carriage return) in .rtf filenames. | |||||
| CVE-1999-0728 | 1 Microsoft | 1 Windows Nt | 2025-04-03 | 7.8 HIGH | N/A |
| A Windows NT user can disable the keyboard or mouse by directly calling the IOCTLs which control them. | |||||
| CVE-2004-0566 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | 7.5 HIGH | N/A |
| Integer overflow in imgbmp.cxx for Windows 2000 allows remote attackers to execute arbitrary code via a BMP image with a large bfOffBits value. | |||||
| CVE-2003-0011 | 1 Microsoft | 1 Isa Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in the DNS intrusion detection application filter for Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to cause a denial of service (blocked traffic to DNS servers) via a certain type of incoming DNS request that is not properly handled. | |||||
| CVE-1999-0560 | 1 Microsoft | 1 Windows Nt | 2025-04-03 | 10.0 HIGH | N/A |
| A system-critical Windows NT file or directory has inappropriate permissions. | |||||
| CVE-2002-1286 | 1 Microsoft | 1 Java Virtual Machine | 2025-04-03 | 7.5 HIGH | N/A |
| The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to steal cookies and execute script in a different security context via a URL that contains a colon in the domain portion, which is not properly parsed and loads an applet from a malicious site within the security context of the site that is being visited by the user. | |||||
| CVE-2001-0047 | 1 Microsoft | 1 Windows Nt | 2025-04-03 | 7.5 HIGH | N/A |
| The default permissions for the MTS Package Administration registry key in Windows NT 4.0 allows local users to install or modify arbitrary Microsoft Transaction Server (MTS) packages and gain privileges, aka one of the "Registry Permissions" vulnerabilities. | |||||
| CVE-2000-1061 | 1 Microsoft | 1 Ie | 2025-04-03 | 5.1 MEDIUM | N/A |
| Microsoft Virtual Machine (VM) in Internet Explorer 4.x and 5.x allows an unsigned applet to create and use ActiveX controls, which allows a remote attacker to bypass Internet Explorer's security settings and execute arbitrary commands via a malicious web page or email, aka the "Microsoft VM ActiveX Component" vulnerability. | |||||
| CVE-2006-1301 | 1 Microsoft | 2 Excel, Excel Viewer | 2025-04-03 | 9.3 HIGH | N/A |
| Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted SELECTION record that triggers memory corruption, a different vulnerability than CVE-2006-1302. | |||||
| CVE-2006-2378 | 1 Microsoft | 4 Ie, Internet Explorer, Windows 2003 Server and 1 more | 2025-04-03 | 6.8 MEDIUM | N/A |
| Buffer overflow in the ART Image Rendering component (jgdw400.dll) in Microsoft Windows XP SP1 and Sp2, Server 2003 SP1 and earlier, and Windows 98 and Me allows remote attackers to execute arbitrary code via a crafted ART image that causes heap corruption. | |||||
| CVE-2002-2311 | 2 Microsoft, Opera Software | 2 Internet Explorer, Opera Web Browser | 2025-04-03 | 6.4 MEDIUM | N/A |
| Microsoft Internet Explorer 6.0 and possibly others allows remote attackers to upload arbitrary file contents when users press a key corresponding to the JavaScript (1) event.ctrlKey or (2) event.shiftKey onkeydown event contained in a webpage. NOTE: it was reported that the vendor has disputed the severity of this issue. | |||||
| CVE-2002-0186 | 1 Microsoft | 1 Sql Server | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the SQLXML ISAPI extension of Microsoft SQL Server 2000 allows remote attackers to execute arbitrary code via data queries with a long content-type parameter, aka "Unchecked Buffer in SQLXML ISAPI Extension." | |||||
| CVE-1999-0280 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | 7.5 HIGH | N/A |
| Remote command execution in Microsoft Internet Explorer using .lnk and .url files. | |||||
| CVE-2002-0692 | 1 Microsoft | 3 Frontpage Server Extensions, Windows 2000, Windows Xp | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in SmartHTML Interpreter (shtml.dll) in Microsoft FrontPage Server Extensions (FPSE) 2000 and 2002 allows remote attackers to cause a denial of service (CPU consumption) or run arbitrary code, respectively, via a certain type of web file request. | |||||