Filtered by vendor Microsoft Subscriptions
Total 24964 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2000-0325 1 Microsoft 1 Jet 2026-04-16 N/A
The Microsoft Jet database engine allows an attacker to execute commands via a database query, aka the "VBA Shell" vulnerability.
CVE-2000-0330 1 Microsoft 2 Windows 95, Windows 98 2026-04-16 N/A
The networking software in Windows 95 and Windows 98 allows remote attackers to execute commands via a long file name string, aka the "File Access URL" vulnerability.
CVE-2000-0347 1 Microsoft 2 Windows 95, Windows 98 2026-04-16 N/A
Windows 95 and Windows 98 allow a remote attacker to cause a denial of service via a NetBIOS session request packet with a NULL source name.
CVE-2000-0377 1 Microsoft 1 Windows Nt 2026-04-16 N/A
The Remote Registry server in Windows NT 4.0 allows local authenticated users to cause a denial of service via a malformed request, which causes the winlogon process to fail, aka the "Remote Registry Access Authentication" vulnerability.
CVE-2000-0256 1 Microsoft 3 Frontpage, Personal Web Server, Windows Nt 2026-04-16 N/A
Buffer overflows in htimage.exe and Imagemap.exe in FrontPage 97 and 98 Server Extensions allow a user to conduct activities that are not otherwise available through the web site, aka the "Server-Side Image Map Components" vulnerability.
CVE-2006-3472 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Microsoft Internet Explorer 6.0 and 6.0 SP1 allows remote attackers to cause a denial of service via an HTML page with an A tag containing a long title attribute. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2006-3427 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by declaring the sourceURL attribute on an uninitialized DirectAnimation.StructuredGraphicsControl ActiveX Object, which triggers a null dereference.
CVE-2000-0201 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
The window.showHelp() method in Internet Explorer 5.x does not restrict HTML help files (.chm) to be executed from the local host, which allows remote attackers to execute arbitrary commands via Microsoft Networking.
CVE-2001-1410 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Internet Explorer 6 and earlier allows remote attackers to create chromeless windows using the Javascript window.createPopup method, which could allow attackers to simulate a victim's display and conduct unauthorized activities or steal sensitive data via social engineering.
CVE-2002-0422 1 Microsoft 1 Internet Information Services 2026-04-16 N/A
IIS 5 and 5.1 supporting WebDAV methods allows remote attackers to determine the internal IP address of the system (which may be obscured by NAT) via (1) a PROPFIND HTTP request with a blank Host header, which leaks the address in an HREF property in a 207 Multi-Status response, or (2) via the WRITE or MKCOL method, which leaks the IP in the Location server header.
CVE-2006-3014 1 Microsoft 1 Excel 2026-04-16 N/A
Microsoft Excel allows user-assisted attackers to execute arbitrary javascript and redirect users to arbitrary sites via an Excel spreadsheet with an embedded Shockwave Flash Player ActiveX Object, which is automatically executed when the user opens the spreadsheet.
CVE-2000-0226 1 Microsoft 1 Internet Information Server 2026-04-16 N/A
IIS 4.0 allows attackers to cause a denial of service by requesting a large buffer in a POST or PUT command which consumes memory, aka the "Chunked Transfer Encoding Buffer Overflow Vulnerability."
CVE-1999-0258 1 Microsoft 2 Windows 95, Windows Nt 2026-04-16 N/A
Bonk variation of teardrop IP fragmentation denial of service.
CVE-1999-0331 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Buffer overflow in Internet Explorer 4.0(1).
CVE-2004-2091 1 Microsoft 1 Baseline Security Analyzer 2026-04-16 N/A
Microsoft Baseline Security Analyzer (MBSA) 1.2 does not correctly identify systems that have been patched but remain vulnerable to exploit until the system is rebooted, possibly giving the administrator a false sense of security.
CVE-2006-2312 2 Microsoft, Skype 2 Windows, Skype 2026-04-16 N/A
Argument injection vulnerability in the URI handler in Skype 2.0.*.104 and 2.5.*.0 through 2.5.*.78 for Windows allows remote authorized attackers to download arbitrary files via a URL that contains certain command-line switches.
CVE-2000-0162 1 Microsoft 3 Ie, Internet Explorer, Visual Studio 2026-04-16 N/A
The Microsoft virtual machine (VM) in Internet Explorer 4.x and 5.x allows a remote attacker to read files via a malicious Java applet that escapes the Java sandbox, aka the "VM File Reading" vulnerability.
CVE-2000-0168 1 Microsoft 3 Windows 95, Windows 98, Windows 98se 2026-04-16 N/A
Microsoft Windows 9x operating systems allow an attacker to cause a denial of service via a pathname that includes file device names, aka the "DOS Device in Path Name" vulnerability.
CVE-2000-0153 1 Microsoft 2 Frontpage, Personal Web Server 2026-04-16 N/A
FrontPage Personal Web Server (PWS) allows remote attackers to read files via a .... (dot dot) attack.
CVE-2000-0121 1 Microsoft 1 Windows Nt 2026-04-16 N/A
The Recycle Bin utility in Windows NT and Windows 2000 allows local users to read or modify files by creating a subdirectory with the victim's SID in the recycler directory, aka the "Recycle Bin Creation" vulnerability.