ReportizFlow
Filtered by vendor Microsoft
Subscriptions
Total
23788 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-1999-0360 | 1 Microsoft | 1 Site Server | 2026-04-16 | N/A |
| MS Site Server 2.0 with IIS 4 can allow users to upload content, including ASP, to the target web site, thus allowing them to execute commands remotely. | ||||
| CVE-1999-0384 | 1 Microsoft | 6 Office, Outlook, Project and 3 more | 2026-04-16 | N/A |
| The Forms 2.0 ActiveX control (included with Visual Basic for Applications 5.0) can be used to read text from a user's clipboard when the user accesses documents with ActiveX content. | ||||
| CVE-1999-0407 | 1 Microsoft | 1 Internet Information Server | 2026-04-16 | N/A |
| By default, IIS 4.0 has a virtual directory /IISADMPWD which contains files that can be used as proxies for brute force password attacks, or to identify valid users on the system. | ||||
| CVE-1999-0489 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| MSHTML.DLL in Internet Explorer 5.0 allows a remote attacker to paste a file name into the file upload intrinsic control, a variant of "untrusted scripted paste" as described in MS:MS98-013. | ||||
| CVE-1999-0503 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2026-04-16 | N/A |
| A Windows NT local user or administrator account has a guessable password. | ||||
| CVE-1999-0505 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2026-04-16 | N/A |
| A Windows NT domain user or administrator account has a guessable password. | ||||
| CVE-1999-0546 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| The Windows NT guest account is enabled. | ||||
| CVE-1999-0549 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| Windows NT automatically logs in an administrator upon rebooting. | ||||
| CVE-1999-0575 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| A Windows NT system's user audit policy does not log an event success or failure, e.g. for Logon and Logoff, File and Object Access, Use of User Rights, User and Group Management, Security Policy Changes, Restart, Shutdown, and System, and Process Tracking. | ||||
| CVE-1999-0579 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| A Windows NT system's registry audit policy does not log an event success or failure for non-critical registry keys. | ||||
| CVE-1999-0582 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2026-04-16 | N/A |
| A Windows NT account policy has inappropriate, security-critical settings for lockout, e.g. lockout duration, lockout after bad logon attempts, etc. | ||||
| CVE-1999-0593 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| The default setting for the Winlogon key entry ShutdownWithoutLogon in Windows NT allows users with physical access to shut down a Windows NT system without logging in. | ||||
| CVE-1999-0668 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| The scriptlet.typelib ActiveX control is marked as "safe for scripting" for Internet Explorer, which allows a remote attacker to execute arbitrary commands as demonstrated by Bubbleboy. | ||||
| CVE-1999-0715 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2026-04-16 | N/A |
| Buffer overflow in Remote Access Service (RAS) client allows an attacker to execute commands or cause a denial of service via a malformed phonebook entry. | ||||
| CVE-1999-0717 | 1 Microsoft | 5 Excel, Windows 2000, Windows 95 and 2 more | 2026-04-16 | N/A |
| A remote attacker can disable the virus warning mechanism in Microsoft Excel 97. | ||||
| CVE-1999-0739 | 1 Microsoft | 1 Internet Information Server | 2026-04-16 | N/A |
| The codebrws.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files. | ||||
| CVE-2003-1028 | 1 Microsoft | 2 Ie, Internet Explorer | 2026-04-16 | N/A |
| The download function of Internet Explorer 6 SP1 allows remote attackers to obtain the cache directory name via an HTTP response with an invalid ContentType and a .htm file, which could allow remote attackers to bypass security mechanisms that rely on random names, as demonstrated by threadid10008. | ||||
| CVE-1999-0819 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2026-04-16 | N/A |
| NTMail does not disable the VRFY command, even if the administrator has explicitly disabled it. | ||||
| CVE-1999-0839 | 1 Microsoft | 1 Ie | 2026-04-16 | N/A |
| Windows NT Task Scheduler installed with Internet Explorer 5 allows a user to gain privileges by modifying the job after it has been scheduled. | ||||
| CVE-1999-0858 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Internet Explorer 5 allows a remote attacker to modify the IE client's proxy configuration via a malicious Web Proxy Auto-Discovery (WPAD) server. | ||||