Filtered by vendor Microsoft Subscriptions
Total 24964 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-1999-0489 1 Microsoft 1 Windows Nt 2026-04-16 N/A
MSHTML.DLL in Internet Explorer 5.0 allows a remote attacker to paste a file name into the file upload intrinsic control, a variant of "untrusted scripted paste" as described in MS:MS98-013.
CVE-1999-0549 1 Microsoft 1 Windows Nt 2026-04-16 N/A
Windows NT automatically logs in an administrator upon rebooting.
CVE-1999-0575 1 Microsoft 1 Windows Nt 2026-04-16 N/A
A Windows NT system's user audit policy does not log an event success or failure, e.g. for Logon and Logoff, File and Object Access, Use of User Rights, User and Group Management, Security Policy Changes, Restart, Shutdown, and System, and Process Tracking.
CVE-1999-0576 1 Microsoft 1 Windows Nt 2026-04-16 N/A
A Windows NT system's file audit policy does not log an event success or failure for security-critical files or directories.
CVE-2002-0364 1 Microsoft 2 Internet Information Server, Internet Information Services 2026-04-16 N/A
Buffer overflow in the chunked encoding transfer mechanism in IIS 4.0 and 5.0 allows attackers to execute arbitrary code via the processing of HTR request sessions, aka "Heap Overrun in HTR Chunked Encoding Could Enable Web Server Compromise."
CVE-2002-0034 1 Microsoft 2 Windows 2000, Windows Xp 2026-04-16 N/A
The Microsoft CONVERT.EXE program, when used on Windows 2000 and Windows XP systems, does not apply the default NTFS permissions when converting a FAT32 file system, which could cause the conversion to produce a file system with less secure permissions than expected.
CVE-1999-0233 1 Microsoft 1 Internet Information Services 2026-04-16 N/A
IIS 1.0 allows users to execute arbitrary commands using .bat or .cmd files.
CVE-2001-0341 1 Microsoft 3 Frontpage Server Extensions, Windows 2000, Windows Nt 2026-04-16 N/A
Buffer overflow in Microsoft Visual Studio RAD Support sub-component of FrontPage Server Extensions allows remote attackers to execute arbitrary commands via a long registration request (URL) to fp30reg.dll.
CVE-2006-1475 1 Microsoft 1 Windows Xp 2026-04-16 N/A
Windows Firewall in Microsoft Windows XP SP2 does not produce application alerts when an application is executed using the NTFS Alternate Data Streams (ADS) filename:stream syntax, which might allow local users to launch a Trojan horse attack in which the victim does not obtain the alert that Windows Firewall would have produced for a non-ADS file.
CVE-1999-0281 1 Microsoft 2 Internet Information Server, Internet Information Services 2026-04-16 N/A
Denial of service in IIS using long URLs.
CVE-1999-0348 1 Microsoft 1 Internet Information Server 2026-04-16 N/A
IIS ASP caching problem releases sensitive information when two virtual servers share the same physical directory.
CVE-1999-0503 1 Microsoft 2 Windows 2000, Windows Nt 2026-04-16 N/A
A Windows NT local user or administrator account has a guessable password.
CVE-1999-0518 1 Microsoft 1 Windows 95 2026-04-16 N/A
A NETBIOS/SMB share password is guessable.
CVE-1999-0535 1 Microsoft 2 Windows 2000, Windows Nt 2026-04-16 N/A
A Windows NT account policy for passwords has inappropriate, security-critical settings, e.g. for password length, password age, or uniqueness.
CVE-1999-0546 1 Microsoft 1 Windows Nt 2026-04-16 N/A
The Windows NT guest account is enabled.
CVE-1999-0578 1 Microsoft 1 Windows Nt 2026-04-16 N/A
A Windows NT system's registry audit policy does not log an event success or failure for security-critical registry keys.
CVE-1999-0590 3 Apple, Linux, Microsoft 6 Macos, Linux Kernel, Windows 2000 and 3 more 2026-04-16 N/A
A system does not present an appropriate legal message or warning to a user who is accessing it.
CVE-1999-0793 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Internet Explorer allows remote attackers to read files by redirecting data to a Javascript applet.
CVE-1999-0899 1 Microsoft 1 Windows Nt 2026-04-16 N/A
The Windows NT 4.0 print spooler allows a local user to execute arbitrary commands due to inappropriate permissions that allow the user to specify an alternate print provider.
CVE-1999-1127 1 Microsoft 1 Windows Nt 2026-04-16 7.5 High
Windows NT 4.0 does not properly shut down invalid named pipe RPC connections, which allows remote attackers to cause a denial of service (resource exhaustion) via a series of connections containing malformed data, aka the "Named Pipes Over RPC" vulnerability.