Export limit exceeded: 24978 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (24978 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2000-0767 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
The ActiveX control for invoking a scriptlet in Internet Explorer 4.x and 5.x renders arbitrary file types instead of HTML, which allows an attacker to read arbitrary files, aka the "Scriptlet Rendering" vulnerability.
CVE-2000-0768 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
A function in Internet Explorer 4.x and 5.x does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files, aka a variant of the "Frame Domain Verification" vulnerability.
CVE-2000-0771 1 Microsoft 1 Windows 2000 2026-04-16 N/A
Microsoft Windows 2000 allows local users to cause a denial of service by corrupting the local security policy via malformed RPC traffic, aka the "Local Security Policy Corruption" vulnerability.
CVE-2000-0777 1 Microsoft 1 Money 2026-04-16 N/A
The password protection feature of Microsoft Money can store the password in plaintext, which allows attackers with physical access to the system to obtain the password, aka the "Money Password" vulnerability.
CVE-2000-0788 1 Microsoft 2 Access, Word 2026-04-16 N/A
The Mail Merge tool in Microsoft Word does not prompt the user before executing Visual Basic (VBA) scripts in an Access database, which could allow an attacker to execute arbitrary commands.
CVE-2000-0790 1 Microsoft 3 Windows 2000, Windows 98, Windows 98se 2026-04-16 N/A
The web-based folder display capability in Microsoft Internet Explorer 5.5 on Windows 98 allows local users to insert Trojan horse programs by modifying the Folder.htt file and using the InvokeVerb method in the ShellDefView ActiveX control to specify a default execute option for the first file that is listed in the folder.
CVE-2000-0817 1 Microsoft 1 Network Monitor 2026-04-16 N/A
Buffer overflow in the HTTP protocol parser for Microsoft Network Monitor (Netmon) allows remote attackers to execute arbitrary commands via malformed data, aka the "Netmon Protocol Parsing" vulnerability.
CVE-2000-0830 1 Microsoft 1 Webtv 2026-04-16 N/A
annclist.exe in webTV for Windows allows remote attackers to cause a denial of service by via a large, malformed UDP packet to ports 22701 through 22705.
CVE-2000-0834 1 Microsoft 1 Windows 2000 2026-04-16 N/A
The Windows 2000 telnet client attempts to perform NTLM authentication by default, which allows remote attackers to capture and replay the NTLM challenge/response via a telnet:// URL that points to the malicious server, aka the "Windows 2000 Telnet Client NTLM Authentication" vulnerability.
CVE-2000-0849 1 Microsoft 1 Windows Media Services 2026-04-16 N/A
Race condition in Microsoft Windows Media server allows remote attackers to cause a denial of service in the Windows Media Unicast Service via a malformed request, aka the "Unicast Service Race Condition" vulnerability.
CVE-2000-0851 1 Microsoft 1 Windows 2000 2026-04-16 N/A
Buffer overflow in the Still Image Service in Windows 2000 allows local users to gain additional privileges via a long WM_USER message, aka the "Still Image Service Privilege Escalation" vulnerability.
CVE-2000-0854 1 Microsoft 1 Office 2026-04-16 N/A
When a Microsoft Office 2000 document is launched, the directory of that document is first used to locate DLL's such as riched20.dll and msi.dll, which could allow an attacker to execute arbitrary commands by inserting a Trojan Horse DLL into the same directory as the document.
CVE-2000-0858 1 Microsoft 2 Internet Information Server, Windows Nt 2026-04-16 N/A
Vulnerability in Microsoft Windows NT 4.0 allows remote attackers to cause a denial of service in IIS by sending it a series of malformed requests which cause INETINFO.EXE to fail, aka the "Invalid URL" vulnerability.
CVE-2000-0415 1 Microsoft 2 Outlook, Outlook Express 2026-04-16 N/A
Buffer overflow in Outlook Express 4.x allows attackers to cause a denial of service via a mail or news message that has a .jpg or .bmp attachment with a long file name.
CVE-2000-0416 1 Microsoft 1 Windows 2000 2026-04-16 N/A
NTMail 5.x allows network users to bypass the NTMail proxy restrictions by redirecting their requests to NTMail's web configuration server.
CVE-2000-0419 1 Microsoft 10 Access, Excel, Frontpage and 7 more 2026-04-16 N/A
The Office 2000 UA ActiveX Control is marked as "safe for scripting," which allows remote attackers to conduct unauthorized activities via the "Show Me" function in Office Help, aka the "Office 2000 UA Control" vulnerability.
CVE-2000-0420 1 Microsoft 1 Windows 2000 2026-04-16 N/A
The default configuration of SYSKEY in Windows 2000 stores the startup key in the registry, which could allow an attacker tor ecover it and use it to decrypt Encrypted File System (EFS) data.
CVE-2000-0439 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Internet Explorer 4.0 and 5.0 allows a malicious web site to obtain client cookies from another domain by including that domain name and escaped characters in a URL, aka the "Unauthorized Cookie Access" vulnerability.
CVE-2000-0464 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Internet Explorer 4.x and 5.x allows remote attackers to execute arbitrary commands via a buffer overflow in the ActiveX parameter parsing capability, aka the "Malformed Component Attribute" vulnerability.
CVE-2000-0475 1 Microsoft 1 Windows 2000 2026-04-16 N/A
Windows 2000 allows a local user process to access another user's desktop within the same windows station, aka the "Desktop Separation" vulnerability.