Filtered by vendor Microsoft
Subscriptions
Filtered by product Windows Nt
Subscriptions
Total
286 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-2073 | 1 Microsoft | 3 Site Server, Site Server Commerce, Windows Nt | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in the default ASP pages on Microsoft Site Server 3.0 on Windows NT 4.0 allows remote attackers to inject arbitrary web script or HTML via the (1) ctr parameter in Default.asp and (2) the query string to formslogin.asp. | ||||
| CVE-2002-2413 | 2 Deerfield, Microsoft | 3 Website Pro, Windows 9x, Windows Nt | 2025-04-03 | N/A |
| WebSite Pro 3.1.11.0 on Windows allows remote attackers to read script source code for files with extensions greater than 3 characters via a URL request that uses the equivalent 8.3 file name. | ||||
| CVE-1999-1157 | 1 Microsoft | 1 Windows Nt | 2025-04-03 | N/A |
| Tcpip.sys in Windows NT 4.0 before SP4 allows remote attackers to cause a denial of service via an ICMP Subnet Mask Address Request packet, when certain multiple IP addresses are bound to the same network interface. | ||||
| CVE-2000-0121 | 1 Microsoft | 1 Windows Nt | 2025-04-03 | N/A |
| The Recycle Bin utility in Windows NT and Windows 2000 allows local users to read or modify files by creating a subdirectory with the victim's SID in the recycler directory, aka the "Recycle Bin Creation" vulnerability. | ||||
| CVE-1999-1452 | 1 Microsoft | 1 Windows Nt | 2025-04-03 | N/A |
| GINA in Windows NT 4.0 allows attackers with physical access to display a portion of the clipboard of the user who has locked the workstation by pasting (CTRL-V) the contents into the username prompt. | ||||
| CVE-1999-0535 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2025-04-03 | N/A |
| A Windows NT account policy for passwords has inappropriate, security-critical settings, e.g. for password length, password age, or uniqueness. | ||||
| CVE-1999-0572 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2025-04-03 | N/A |
| .reg files are associated with the Windows NT registry editor (regedit), making the registry susceptible to Trojan Horse attacks. | ||||
| CVE-1999-0582 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2025-04-03 | N/A |
| A Windows NT account policy has inappropriate, security-critical settings for lockout, e.g. lockout duration, lockout after bad logon attempts, etc. | ||||
| CVE-1999-0590 | 3 Apple, Linux, Microsoft | 6 Macos, Linux Kernel, Windows 2000 and 3 more | 2025-04-03 | N/A |
| A system does not present an appropriate legal message or warning to a user who is accessing it. | ||||
| CVE-1999-0595 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2025-04-03 | N/A |
| A Windows NT system does not clear the system page file during shutdown, which might allow sensitive information to be recorded. | ||||
| CVE-1999-0715 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2025-04-03 | N/A |
| Buffer overflow in Remote Access Service (RAS) client allows an attacker to execute commands or cause a denial of service via a malformed phonebook entry. | ||||
| CVE-1999-0726 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2025-04-03 | N/A |
| An attacker can conduct a denial of service in Windows NT by executing a program with a malformed file image header. | ||||
| CVE-1999-0819 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2025-04-03 | N/A |
| NTMail does not disable the VRFY command, even if the administrator has explicitly disabled it. | ||||
| CVE-2000-0404 | 1 Microsoft | 5 Terminal Server, Windows 2000, Windows 95 and 2 more | 2025-04-03 | N/A |
| The CIFS Computer Browser service allows remote attackers to cause a denial of service by sending a ResetBrowser frame to the Master Browser, aka the "ResetBrowser Frame" vulnerability. | ||||
| CVE-2000-0673 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2025-04-03 | N/A |
| The NetBIOS Name Server (NBNS) protocol does not perform authentication, which allows remote attackers to cause a denial of service by sending a spoofed Name Conflict or Name Release datagram, aka the "NetBIOS Name Server Protocol Spoofing" vulnerability. | ||||
| CVE-2001-0543 | 1 Microsoft | 3 Exchange Server, Windows 2000, Windows Nt | 2025-04-03 | N/A |
| Memory leak in NNTP service in Windows NT 4.0 and Windows 2000 allows remote attackers to cause a denial of service (memory exhaustion) via a large number of malformed posts. | ||||
| CVE-2002-0391 | 5 Freebsd, Microsoft, Openbsd and 2 more | 9 Freebsd, Windows 2000, Windows Nt and 6 more | 2025-04-03 | 9.8 Critical |
| Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdr_array through RPC services such as rpc.cmsd and dmispd. | ||||
| CVE-2002-0862 | 2 Apple, Microsoft | 10 Macos, Internet Explorer, Office and 7 more | 2025-04-03 | N/A |
| The (1) CertGetCertificateChain, (2) CertVerifyCertificateChainPolicy, and (3) WinVerifyTrust APIs within the CryptoAPI for Microsoft products including Microsoft Windows 98 through XP, Office for Mac, Internet Explorer for Mac, and Outlook Express for Mac, do not properly verify the Basic Constraints of intermediate CA-signed X.509 certificates, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack for SSL sessions, as originally reported for Internet Explorer and IIS. | ||||
| CVE-2002-1325 | 1 Microsoft | 8 Windows 2000, Windows 2000 Terminal Services, Windows 95 and 5 more | 2025-04-03 | N/A |
| Microsoft Virtual Machine (VM) build 5.0.3805 and earlier allows remote attackers to determine a local user's username via a Java applet that accesses the user.dir system property, aka "User.dir Exposure Vulnerability." | ||||
| CVE-1999-1127 | 1 Microsoft | 1 Windows Nt | 2025-04-03 | 7.5 High |
| Windows NT 4.0 does not properly shut down invalid named pipe RPC connections, which allows remote attackers to cause a denial of service (resource exhaustion) via a series of connections containing malformed data, aka the "Named Pipes Over RPC" vulnerability. | ||||