Search Results (18973 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2000-0328 1 Microsoft 1 Windows Nt 2026-04-16 N/A
Windows NT 4.0 generates predictable random TCP initial sequence numbers (ISN), which allows remote attackers to perform spoofing and session hijacking.
CVE-2000-0495 1 Microsoft 1 Windows Media Services 2026-04-16 N/A
Microsoft Windows Media Encoder allows remote attackers to cause a denial of service via a malformed request, aka the "Malformed Windows Media Encoder Request" vulnerability.
CVE-2005-3945 1 Microsoft 2 Windows 2000, Windows 2003 Server 2026-04-16 N/A
The SynAttackProtect protection in Microsoft Windows 2003 before SP1 and Windows 2000 before SP4 with Update Roll-up uses a hash of predictable data, which allows remote attackers to cause a denial of service (CPU consumption) via a flood of SYN packets that produce identical hash values, which slows down the hash table lookups.
CVE-2000-0849 1 Microsoft 1 Windows Media Services 2026-04-16 N/A
Race condition in Microsoft Windows Media server allows remote attackers to cause a denial of service in the Windows Media Unicast Service via a malformed request, aka the "Unicast Service Race Condition" vulnerability.
CVE-2004-1080 1 Microsoft 3 Windows 2000, Windows 2003 Server, Windows Nt 2026-04-16 N/A
The WINS service (wins.exe) on Microsoft Windows NT Server 4.0, Windows 2000 Server, and Windows Server 2003 allows remote attackers to write to arbitrary memory locations and possibly execute arbitrary code via a modified memory pointer in a WINS replication packet to TCP port 42, aka the "Association Context Vulnerability."
CVE-2004-0978 1 Microsoft 7 Internet Explorer, Windows 2000, Windows 98se and 4 more 2026-04-16 N/A
Heap-based buffer overflow in the Hrtbeat.ocx (Heartbeat) ActiveX control for Internet Explorer 5.01 through 6, when users who visit online gaming sites that are associated with MSN, allows remote attackers to execute arbitrary code via the SetupData parameter.
CVE-2002-0340 1 Microsoft 1 Windows Media Player 2026-04-16 N/A
Windows Media Player (WMP) 8.00.00.4477, and possibly other versions, automatically detects and executes .wmf and other content, even when the file's extension or content type does not specify .wmf, which could make it easier for attackers to conduct unauthorized activities via Trojan horse files containing .wmf content.
CVE-2004-0893 1 Microsoft 4 Windows 2000, Windows 2003 Server, Windows Nt and 1 more 2026-04-16 N/A
The Local Procedure Call (LPC) interface of the Windows Kernel for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the lengths of messages sent to the LPC port, which allows local users to gain privileges, aka "Windows Kernel Vulnerability."
CVE-2004-0839 3 Avaya, Microsoft, Nortel 18 Definity One Media Server, Ip600 Media Servers, Modular Messaging Message Storage Server and 15 more 2026-04-16 N/A
Internet Explorer in Windows XP SP2, and other versions including 5.01 and 5.5, allows remote attackers to install arbitrary programs via a web page that uses certain styles and the AnchorClick behavior, popup windows, and drag-and-drop capabilities to drop the program in the local startup folder, as demonstrated by "wottapoop.html".
CVE-2000-0737 1 Microsoft 1 Windows 2000 2026-04-16 N/A
The Service Control Manager (SCM) in Windows 2000 creates predictable named pipes, which allows a local user with console access to gain administrator privileges, aka the "Service Control Manager Named Pipe Impersonation" vulnerability.
CVE-2001-1571 1 Microsoft 1 Windows Xp 2026-04-16 N/A
The Remote Desktop client in Windows XP sends the most recent user account name in cleartext, which could allow remote attackers to obtain terminal server user account names via sniffing.
CVE-2001-1552 1 Microsoft 1 Windows Me 2026-04-16 N/A
ssdpsrv.exe in Windows ME allows remote attackers to cause a denial of service by sending multiple newlines in a Simple Service Discovery Protocol (SSDP) message. NOTE: multiple replies to the original post state that the problem could not be reproduced.
CVE-2001-1570 1 Microsoft 1 Windows Xp 2026-04-16 N/A
Windows XP with fast user switching and account lockout enabled allows local users to deny user account access by setting the fast user switch to the same user (self) multiple times, which causes other accounts to be locked out.
CVE-2006-3146 2 Microsoft, Toshiba 2 Windows, Bluetooth Stack 2026-04-16 N/A
The TOSRFBD.SYS driver for Toshiba Bluetooth Stack 4.00.29 and earlier on Windows allows remote attackers to cause a denial of service (reboot) via a L2CAP echo request that triggers an out-of-bounds memory access, similar to "Ping o' Death" and as demonstrated by BlueSmack. NOTE: this issue was originally reported for 4.00.23.
CVE-2002-1670 1 Microsoft 2 Internet Explorer, Windows Xp 2026-04-16 N/A
Microsoft Windows XP Professional upgrade edition overwrites previously installed patches for Internet Explorer 6.0, leaving Internet Explorer unpatched.
CVE-2002-0051 1 Microsoft 1 Windows 2000 2026-04-16 7.8 High
Windows 2000 allows local users to prevent the application of new group policy settings by opening Group Policy files with exclusive-read access.
CVE-2002-0034 1 Microsoft 2 Windows 2000, Windows Xp 2026-04-16 N/A
The Microsoft CONVERT.EXE program, when used on Windows 2000 and Windows XP systems, does not apply the default NTFS permissions when converting a FAT32 file system, which could cause the conversion to produce a file system with less secure permissions than expected.
CVE-2004-0209 1 Microsoft 3 Windows 2000, Windows 2003 Server, Windows Xp 2026-04-16 N/A
Unknown vulnerability in the Graphics Rendering Engine processes of Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code via (1) Windows Metafile (WMF) or (2) Enhanced Metafile (EMF) image formats that involve "an unchecked buffer."
CVE-2004-0208 1 Microsoft 4 Windows 2000, Windows 2003 Server, Windows Nt and 1 more 2026-04-16 N/A
The Virtual DOS Machine (VDM) subsystem of Microsoft Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to access kernel memory and gain privileges via a malicious program that modified some system structures in a way that is not properly validated by privileged operating system functions.
CVE-2003-0004 1 Microsoft 1 Windows Xp 2026-04-16 N/A
Buffer overflow in the Windows Redirector function in Microsoft Windows XP allows local users to execute arbitrary code via a long parameter.