ReportizFlow
Filtered by vendor Microsoft
Subscriptions
Total
23788 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2000-0302 | 1 Microsoft | 1 Index Server | 2026-04-16 | N/A |
| Microsoft Index Server allows remote attackers to view the source code of ASP files by appending a %20 to the filename in the CiWebHitsFile argument to the null.htw URL. | ||||
| CVE-2000-0325 | 1 Microsoft | 1 Jet | 2026-04-16 | N/A |
| The Microsoft Jet database engine allows an attacker to execute commands via a database query, aka the "VBA Shell" vulnerability. | ||||
| CVE-2000-0331 | 1 Microsoft | 3 Terminal Server, Windows 2000, Windows Nt | 2026-04-16 | N/A |
| Buffer overflow in Microsoft command processor (CMD.EXE) for Windows NT and Windows 2000 allows a local user to cause a denial of service via a long environment variable, aka the "Malformed Environment Variable" vulnerability. | ||||
| CVE-2000-0402 | 1 Microsoft | 1 Sql Server | 2026-04-16 | N/A |
| The Mixed Mode authentication capability in Microsoft SQL Server 7.0 stores the System Administrator (sa) account in plaintext in a log file which is readable by any user, aka the "SQL Server 7.0 Service Pack Password" vulnerability. | ||||
| CVE-2000-0403 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| The CIFS Computer Browser service on Windows NT 4.0 allows a remote attacker to cause a denial of service by sending a large number of host announcement requests to the master browse tables, aka the "HostAnnouncement Flooding" or "HostAnnouncement Frame" vulnerability. | ||||
| CVE-2000-0419 | 1 Microsoft | 10 Access, Excel, Frontpage and 7 more | 2026-04-16 | N/A |
| The Office 2000 UA ActiveX Control is marked as "safe for scripting," which allows remote attackers to conduct unauthorized activities via the "Show Me" function in Office Help, aka the "Office 2000 UA Control" vulnerability. | ||||
| CVE-2000-0457 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2026-04-16 | N/A |
| ISM.DLL in IIS 4.0 and 5.0 allows remote attackers to read file contents by requesting the file and appending a large number of encoded spaces (%20) and terminated with a .htr extension, aka the ".HTR File Fragment Reading" or "File Fragment Reading via .HTR" vulnerability. | ||||
| CVE-2000-0524 | 1 Microsoft | 2 Exchange Server, Outlook | 2026-04-16 | N/A |
| Microsoft Outlook and Outlook Express allow remote attackers to cause a denial of service by sending email messages with blank fields such as BCC, Reply-To, Return-Path, or From. | ||||
| CVE-1999-0917 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| The Preloader ActiveX control used by Internet Explorer allows remote attackers to read arbitrary files. | ||||
| CVE-1999-0980 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| Windows NT Service Control Manager (SCM) allows remote attackers to cause a denial of service via a malformed argument in a resource enumeration request. | ||||
| CVE-1999-0981 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Internet Explorer 5.01 and earlier allows a remote attacker to create a reference to a client window and use a server-side redirect to access local files via that window, aka "Server-side Page Reference Redirect." | ||||
| CVE-1999-0993 | 1 Microsoft | 1 Exchange Server | 2026-04-16 | N/A |
| Modifications to ACLs (Access Control Lists) in Microsoft Exchange 5.5 do not take effect until the directory store cache is refreshed. | ||||
| CVE-1999-1033 | 1 Microsoft | 1 Outlook Express | 2026-04-16 | N/A |
| Microsoft Outlook Express before 4.72.3612.1700 allows a malicious user to send a message that contains a .., which can inadvertently cause Outlook to re-enter POP3 command mode and cause the POP3 session to hang. | ||||
| CVE-1999-0910 | 1 Microsoft | 3 Commercial Internet System, Site Server, Site Server Commerce | 2026-04-16 | N/A |
| Microsoft Site Server and Commercial Internet System (MCIS) do not set an expiration for a cookie, which could then be cached by a proxy and inadvertently used by a different user. | ||||
| CVE-1999-0909 | 1 Microsoft | 4 Terminal Server, Windows 95, Windows 98se and 1 more | 2026-04-16 | N/A |
| Multihomed Windows systems allow a remote attacker to bypass IP source routing restrictions via a malformed packet with IP options, aka the "Spoofed Route Pointer" vulnerability. | ||||
| CVE-2002-0422 | 1 Microsoft | 1 Internet Information Services | 2026-04-16 | N/A |
| IIS 5 and 5.1 supporting WebDAV methods allows remote attackers to determine the internal IP address of the system (which may be obscured by NAT) via (1) a PROPFIND HTTP request with a blank Host header, which leaks the address in an HREF property in a 207 Multi-Status response, or (2) via the WRITE or MKCOL method, which leaks the IP in the Location server header. | ||||
| CVE-1999-0016 | 6 Cisco, Gnu, Hp and 3 more | 8 Ios, Inet, Hp-ux and 5 more | 2026-04-16 | N/A |
| Land IP denial of service. | ||||
| CVE-1999-0233 | 1 Microsoft | 1 Internet Information Services | 2026-04-16 | N/A |
| IIS 1.0 allows users to execute arbitrary commands using .bat or .cmd files. | ||||
| CVE-1999-0285 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| Denial of service in telnet from the Windows NT Resource Kit, by opening then immediately closing a connection. | ||||
| CVE-1999-0294 | 1 Microsoft | 1 Wins | 2026-04-16 | N/A |
| All records in a WINS database can be deleted through SNMP for a denial of service. | ||||