Export limit exceeded: 361692 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (18973 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-1302 1 Microsoft 1 Windows 2000 2026-04-16 N/A
The change password option in the Windows Security interface for Windows 2000 allows attackers to use the option to attempt to change passwords of other users on other systems or identify valid accounts by monitoring error messages, possibly due to a problem in the NetuserChangePassword function.
CVE-2004-2365 1 Microsoft 2 Windows 2003 Server, Windows Xp 2026-04-16 N/A
Memory leak in Microsoft Windows XP and Windows Server 2003 allows local users to cause a denial of service (memory exhaustion) by repeatedly creating and deleting directories using a non-standard tool such as smbmount.
CVE-2001-1244 7 Freebsd, Hp, Linux and 4 more 9 Freebsd, Hp-ux, Vvos and 6 more 2026-04-16 N/A
Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traffic and consume more server CPU to process.
CVE-2001-0502 1 Microsoft 1 Windows 2000 2026-04-16 N/A
Running Windows 2000 LDAP Server over SSL, a function does not properly check the permissions of a user request when the directory principal is a domain user and the data attribute is the domain password, which allows local users to modify the login password of other users.
CVE-2001-0373 1 Microsoft 2 Windows 2000, Windows Nt 2026-04-16 N/A
The default configuration of the Dr. Watson program in Windows NT and Windows 2000 generates user.dmp crash dump files with world-readable permissions, which could allow a local user to gain access to sensitive information.
CVE-2001-1515 1 Microsoft 1 Windows 2000 2026-04-16 7.5 High
Macintosh clients, when using NT file system volumes on Windows 2000 SP1, create subdirectories and automatically modify the inherited NTFS permissions, which may cause the directories to have less restrictive permissions than intended.
CVE-2005-0904 1 Microsoft 1 Windows Xp 2026-04-16 N/A
Remote Desktop in Windows XP SP1 does not verify the "Force shutdown from a remote system" setting, which allows remote attackers to shut down the system by executing TSShutdn.exe.
CVE-2001-0351 1 Microsoft 1 Windows 2000 2026-04-16 N/A
Microsoft Windows 2000 telnet service allows a local user to make a certain system call that allows the user to terminate a Telnet session and cause a denial of service.
CVE-1999-0382 1 Microsoft 1 Windows Nt 2026-04-16 N/A
The screen saver in Windows NT does not verify that its security context has been changed properly, allowing attackers to run programs with elevated privileges.
CVE-2001-0348 1 Microsoft 1 Windows 2000 2026-04-16 N/A
Microsoft Windows 2000 telnet service allows attackers to cause a denial of service (crash) via a long logon command that contains a backspace.
CVE-2001-0261 1 Microsoft 1 Windows 2000 2026-04-16 N/A
Microsoft Windows 2000 Encrypted File System does not properly destroy backups of files that are encrypted, which allows a local attacker to recover the text of encrypted files.
CVE-2001-0046 1 Microsoft 2 Windows 2000, Windows Nt 2026-04-16 N/A
The default permissions for the SNMP Parameters registry key in Windows NT 4.0 allows remote attackers to read and possibly modify the SNMP community strings to obtain sensitive information or modify network configuration, aka one of the "Registry Permissions" vulnerabilities.
CVE-2001-0003 1 Microsoft 4 Office, Windows 2000, Windows Me and 1 more 2026-04-16 N/A
Web Extender Client (WEC) in Microsoft Office 2000, Windows 2000, and Windows Me does not properly process Internet Explorer security settings for NTLM authentication, which allows attackers to obtain NTLM credentials and possibly obtain the password, aka the "Web Client NTLM Authentication" vulnerability.
CVE-2000-1111 1 Microsoft 1 Windows 2000 2026-04-16 N/A
Telnet Service for Windows 2000 Professional does not properly terminate incomplete connection attempts, which allows remote attackers to cause a denial of service by connecting to the server and not providing any input.
CVE-2000-1089 1 Microsoft 2 Windows 2000, Windows Nt 2026-04-16 N/A
Buffer overflow in Microsoft Phone Book Service allows local users to execute arbitrary commands, aka the "Phone Book Service Buffer Overflow" vulnerability.
CVE-2000-1079 1 Microsoft 4 Windows 2000, Windows 95, Windows 98 and 1 more 2026-04-16 N/A
Interactions between the CIFS Browser Protocol and NetBIOS as implemented in Microsoft Windows 95, 98, NT, and 2000 allow remote attackers to modify dynamic NetBIOS name cache entries via a spoofed Browse Frame Request in a unicast or UDP broadcast datagram.
CVE-2000-1034 1 Microsoft 1 Windows 2000 2026-04-16 N/A
Buffer overflow in the System Monitor ActiveX control in Windows 2000 allows remote attackers to execute arbitrary commands via a long LogFileName parameter in HTML source code, aka the "ActiveX Parameter Validation" vulnerability.
CVE-2000-0673 1 Microsoft 2 Windows 2000, Windows Nt 2026-04-16 N/A
The NetBIOS Name Server (NBNS) protocol does not perform authentication, which allows remote attackers to cause a denial of service by sending a spoofed Name Conflict or Name Release datagram, aka the "NetBIOS Name Server Protocol Spoofing" vulnerability.
CVE-2000-0475 1 Microsoft 1 Windows 2000 2026-04-16 N/A
Windows 2000 allows a local user process to access another user's desktop within the same windows station, aka the "Desktop Separation" vulnerability.
CVE-2002-0823 1 Microsoft 2 Windows 2000, Windows Help 2026-04-16 N/A
Buffer overflow in Winhlp32.exe allows remote attackers to execute arbitrary code via an HTML document that calls the HTML Help ActiveX control (HHCtrl.ocx) with a long pathname in the Item parameter.