Search Results (24978 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-0005 1 Microsoft 1 Powerpoint 2026-04-16 N/A
Buffer overflow in the parsing mechanism of the file loader in Microsoft PowerPoint 2000 allows attackers to execute arbitrary commands.
CVE-2001-0006 1 Microsoft 1 Windows Nt 2026-04-16 7.1 High
The Winsock2ProtocolCatalogMutex mutex in Windows NT 4.0 has inappropriate Everyone/Full Control permissions, which allows local users to modify the permissions to "No Access" and disable Winsock network connectivity to cause a denial of service, aka the "Winsock Mutex" vulnerability.
CVE-2001-0014 1 Microsoft 1 Windows 2000 2026-04-16 N/A
Remote Data Protocol (RDP) in Windows 2000 Terminal Service does not properly handle certain malformed packets, which allows remote attackers to cause a denial of service, aka the "Invalid RDP Data" vulnerability.
CVE-2001-0015 1 Microsoft 1 Windows 2000 2026-04-16 N/A
Network Dynamic Data Exchange (DDE) in Windows 2000 allows local users to gain SYSTEM privileges via a "WM_COPYDATA" message to an invisible window that is running with the privileges of the WINLOGON process.
CVE-2001-0016 1 Microsoft 1 Windows Nt 2026-04-16 N/A
NTLM Security Support Provider (NTLMSSP) service does not properly check the function number in an LPC request, which could allow local users to gain administrator level access.
CVE-2001-0017 1 Microsoft 1 Windows Nt 2026-04-16 N/A
Memory leak in PPTP server in Windows NT 4.0 allows remote attackers to cause a denial of service via a malformed data packet, aka the "Malformed PPTP Packet Stream" vulnerability.
CVE-2001-0018 1 Microsoft 1 Windows 2000 2026-04-16 N/A
Windows 2000 domain controller in Windows 2000 Server, Advanced Server, or Datacenter Server allows remote attackers to cause a denial of service via a flood of malformed service requests.
CVE-2001-0045 1 Microsoft 1 Windows Nt 2026-04-16 N/A
The default permissions for the RAS Administration key in Windows NT 4.0 allows local users to execute arbitrary commands by changing the value to point to a malicious DLL, aka one of the "Registry Permissions" vulnerabilities.
CVE-2001-0046 1 Microsoft 2 Windows 2000, Windows Nt 2026-04-16 N/A
The default permissions for the SNMP Parameters registry key in Windows NT 4.0 allows remote attackers to read and possibly modify the SNMP community strings to obtain sensitive information or modify network configuration, aka one of the "Registry Permissions" vulnerabilities.
CVE-2001-0047 1 Microsoft 1 Windows Nt 2026-04-16 N/A
The default permissions for the MTS Package Administration registry key in Windows NT 4.0 allows local users to install or modify arbitrary Microsoft Transaction Server (MTS) packages and gain privileges, aka one of the "Registry Permissions" vulnerabilities.
CVE-2001-0048 1 Microsoft 1 Windows 2000 2026-04-16 N/A
The "Configure Your Server" tool in Microsoft 2000 domain controllers installs a blank password for the Directory Service Restore Mode, which allows attackers with physical access to the controller to install malicious programs, aka the "Directory Service Restore Mode Password" vulnerability.
CVE-2000-0885 1 Microsoft 3 Systems Management Server, Windows 2000, Windows Nt 2026-04-16 N/A
Buffer overflows in Microsoft Network Monitor (Netmon) allow remote attackers to execute arbitrary commands via a long Browser Name in a CIFS Browse Frame, a long SNMP community name, or a long username or filename in an SMB session, aka the "Netmon Protocol Parsing" vulnerability. NOTE: It is highly likely that this candidate will be split into multiple candidates.
CVE-2000-0886 1 Microsoft 2 Internet Information Server, Internet Information Services 2026-04-16 N/A
IIS 5.0 allows remote attackers to execute arbitrary commands via a malformed request for an executable file whose name is appended with operating system commands, aka the "Web Server File Request Parsing" vulnerability.
CVE-2000-0929 1 Microsoft 1 Windows Media Player 2026-04-16 N/A
Microsoft Windows Media Player 7 allows attackers to cause a denial of service in RTF-enabled email clients via an embedded OCX control that is not closed properly, aka the "OCX Attachment" vulnerability.
CVE-2000-0933 1 Microsoft 1 Windows 2000 2026-04-16 N/A
The Input Method Editor (IME) in the Simplified Chinese version of Windows 2000 does not disable access to privileged functionality that should normally be restricted, which allows local users to gain privileges, aka the "Simplified Chinese IME State Recognition" vulnerability.
CVE-2000-0942 1 Microsoft 1 Indexing Service 2026-04-16 N/A
The CiWebHitsFile component in Microsoft Indexing Services for Windows 2000 allows remote attackers to conduct a cross site scripting (CSS) attack via a CiRestriction parameter in a .htw request, aka the "Indexing Services Cross Site Scripting" vulnerability.
CVE-2000-0951 1 Microsoft 1 Internet Information Services 2026-04-16 N/A
A misconfiguration in IIS 5.0 with Index Server enabled and the Index property set allows remote attackers to list directories in the web root via a Web Distributed Authoring and Versioning (WebDAV) search.
CVE-2000-0980 1 Microsoft 4 Windows 95, Windows 98, Windows 98se and 1 more 2026-04-16 N/A
NMPI (Name Management Protocol on IPX) listener in Microsoft NWLink does not properly filter packets from a broadcast address, which allows remote attackers to cause a broadcast storm and flood the network.
CVE-2000-0982 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Internet Explorer before 5.5 forwards cached user credentials for a secure web site to insecure pages on the same web site, which could allow remote attackers to obtain the credentials by monitoring connections to the web server, aka the "Cached Web Credentials" vulnerability.
CVE-2000-0983 1 Microsoft 1 Netmeeting 2026-04-16 N/A
Microsoft NetMeeting with Remote Desktop Sharing enabled allows remote attackers to cause a denial of service (CPU utilization) via a sequence of null bytes to the NetMeeting port, aka the "NetMeeting Desktop Sharing" vulnerability.