Search Results (637 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-4868 1 Microsoft 5 Internet Explorer, Outlook, Windows 2000 and 2 more 2026-04-16 N/A
Stack-based buffer overflow in the Vector Graphics Rendering engine (vgx.dll), as used in Microsoft Outlook and Internet Explorer 6.0 on Windows XP SP2, and possibly other versions, allows remote attackers to execute arbitrary code via a Vector Markup Language (VML) file with a long fill parameter within a rect tag.
CVE-2000-0933 1 Microsoft 1 Windows 2000 2026-04-16 N/A
The Input Method Editor (IME) in the Simplified Chinese version of Windows 2000 does not disable access to privileged functionality that should normally be restricted, which allows local users to gain privileges, aka the "Simplified Chinese IME State Recognition" vulnerability.
CVE-2001-0951 1 Microsoft 1 Windows 2000 2026-04-16 N/A
Windows 2000 allows remote attackers to cause a denial of service (CPU consumption) by flooding Internet Key Exchange (IKE) UDP port 500 with packets that contain a large number of dot characters.
CVE-2000-1079 1 Microsoft 4 Windows 2000, Windows 95, Windows 98 and 1 more 2026-04-16 N/A
Interactions between the CIFS Browser Protocol and NetBIOS as implemented in Microsoft Windows 95, 98, NT, and 2000 allow remote attackers to modify dynamic NetBIOS name cache entries via a spoofed Browse Frame Request in a unicast or UDP broadcast datagram.
CVE-1999-0153 2 Microsoft, Sco 4 Windows 2000, Windows 95, Windows Nt and 1 more 2026-04-16 N/A
Windows 95/NT out of band (OOB) data denial of service through NETBIOS port, aka WinNuke.
CVE-2001-0003 1 Microsoft 4 Office, Windows 2000, Windows Me and 1 more 2026-04-16 N/A
Web Extender Client (WEC) in Microsoft Office 2000, Windows 2000, and Windows Me does not properly process Internet Explorer security settings for NTLM authentication, which allows attackers to obtain NTLM credentials and possibly obtain the password, aka the "Web Client NTLM Authentication" vulnerability.
CVE-2001-0014 1 Microsoft 1 Windows 2000 2026-04-16 N/A
Remote Data Protocol (RDP) in Windows 2000 Terminal Service does not properly handle certain malformed packets, which allows remote attackers to cause a denial of service, aka the "Invalid RDP Data" vulnerability.
CVE-2001-0015 1 Microsoft 1 Windows 2000 2026-04-16 N/A
Network Dynamic Data Exchange (DDE) in Windows 2000 allows local users to gain SYSTEM privileges via a "WM_COPYDATA" message to an invisible window that is running with the privileges of the WINLOGON process.
CVE-2001-0046 1 Microsoft 2 Windows 2000, Windows Nt 2026-04-16 N/A
The default permissions for the SNMP Parameters registry key in Windows NT 4.0 allows remote attackers to read and possibly modify the SNMP community strings to obtain sensitive information or modify network configuration, aka one of the "Registry Permissions" vulnerabilities.
CVE-1999-0384 1 Microsoft 6 Office, Outlook, Project and 3 more 2026-04-16 N/A
The Forms 2.0 ActiveX control (included with Visual Basic for Applications 5.0) can be used to read text from a user's clipboard when the user accesses documents with ActiveX content.
CVE-1999-0499 1 Microsoft 2 Windows 2000, Windows Nt 2026-04-16 N/A
NETBIOS share information may be published through SNMP registry keys in NT.
CVE-1999-0572 1 Microsoft 2 Windows 2000, Windows Nt 2026-04-16 N/A
.reg files are associated with the Windows NT registry editor (regedit), making the registry susceptible to Trojan Horse attacks.
CVE-1999-0612 2 Gnu, Microsoft 4 Finger Service, Fingerd, Windows 2000 and 1 more 2026-04-16 N/A
A version of finger is running that exposes valid user information to any entity on the network.
CVE-2001-0147 1 Microsoft 1 Windows 2000 2026-04-16 N/A
Buffer overflow in Windows 2000 event viewer snap-in allows attackers to execute arbitrary commands via a malformed field that is improperly handled during the detailed view of event records.
CVE-2001-0261 1 Microsoft 1 Windows 2000 2026-04-16 N/A
Microsoft Windows 2000 Encrypted File System does not properly destroy backups of files that are encrypted, which allows a local attacker to recover the text of encrypted files.
CVE-1999-0721 1 Microsoft 2 Windows 2000, Windows Nt 2026-04-16 N/A
Denial of service in Windows NT Local Security Authority (LSA) through a malformed LSA request.
CVE-1999-0726 1 Microsoft 2 Windows 2000, Windows Nt 2026-04-16 N/A
An attacker can conduct a denial of service in Windows NT by executing a program with a malformed file image header.
CVE-1999-0755 1 Microsoft 2 Windows 2000, Windows Nt 2026-04-16 N/A
Windows NT RRAS and RAS clients cache a user's password even if the user has not selected the "Save password" option.
CVE-1999-0819 1 Microsoft 2 Windows 2000, Windows Nt 2026-04-16 N/A
NTMail does not disable the VRFY command, even if the administrator has explicitly disabled it.
CVE-2001-1560 1 Microsoft 2 Windows 2000, Windows Xp 2026-04-16 N/A
Win32k.sys (aka Graphics Device Interface (GDI)) in Windows 2000 and XP allows local users to cause a denial of service (system crash) by calling the ShowWindow function after receiving a WM_NCCREATE message.