Export limit exceeded: 24978 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (24978 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-1999-0981 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Internet Explorer 5.01 and earlier allows a remote attacker to create a reference to a client window and use a server-side redirect to access local files via that window, aka "Server-side Page Reference Redirect."
CVE-1999-0987 1 Microsoft 1 Windows Nt 2026-04-16 N/A
Windows NT does not properly download a system policy if the domain user logs into the domain with a space at the end of the domain name.
CVE-1999-0989 1 Microsoft 1 Ie 2026-04-16 N/A
Buffer overflow in Internet Explorer 5 directshow filter (MSDXM.OCX) allows remote attackers to execute commands via the vnd.ms.radio protocol.
CVE-1999-0993 1 Microsoft 1 Exchange Server 2026-04-16 N/A
Modifications to ACLs (Access Control Lists) in Microsoft Exchange 5.5 do not take effect until the directory store cache is refreshed.
CVE-1999-0994 1 Microsoft 1 Windows Nt 2026-04-16 N/A
Windows NT with SYSKEY reuses the keystream that is used for encrypting SAM password hashes, allowing an attacker to crack passwords.
CVE-1999-0995 1 Microsoft 1 Windows Nt 2026-04-16 N/A
Windows NT Local Security Authority (LSA) allows remote attackers to cause a denial of service via malformed arguments to the LsaLookupSids function which looks up the SID, aka "Malformed Security Identifier Request."
CVE-1999-0999 1 Microsoft 1 Sql Server 2026-04-16 N/A
Microsoft SQL 7.0 server allows a remote attacker to cause a denial of service via a malformed TDS packet.
CVE-1999-1011 1 Microsoft 4 Data Access Components, Index Server, Internet Information Server and 1 more 2026-04-16 N/A
The Remote Data Service (RDS) DataFactory component of Microsoft Data Access Components (MDAC) in IIS 3.x and 4.x exposes unsafe methods, which allows remote attackers to execute arbitrary commands.
CVE-1999-1016 2 Microsoft, Qualcomm 4 Frontpage, Internet Explorer, Outlook Express and 1 more 2026-04-16 N/A
Microsoft HTML control as used in (1) Internet Explorer 5.0, (2) FrontPage Express, (3) Outlook Express 5, and (4) Eudora, and possibly others, allows remote malicious web site or HTML emails to cause a denial of service (100% CPU consumption) via large HTML form fields such as text inputs in a table cell.
CVE-1999-1033 1 Microsoft 1 Outlook Express 2026-04-16 N/A
Microsoft Outlook Express before 4.72.3612.1700 allows a malicious user to send a message that contains a .., which can inadvertently cause Outlook to re-enter POP3 command mode and cause the POP3 session to hang.
CVE-1999-1035 1 Microsoft 1 Internet Information Server 2026-04-16 N/A
IIS 3.0 and 4.0 on x86 and Alpha allows remote attackers to cause a denial of service (hang) via a malformed GET request, aka the IIS "GET" vulnerability.
CVE-1999-1043 1 Microsoft 1 Exchange Server 2026-04-16 N/A
Microsoft Exchange Server 5.5 and 5.0 does not properly handle (1) malformed NNTP data, or (2) malformed SMTP data, which allows remote attackers to cause a denial of service (application error).
CVE-1999-1052 1 Microsoft 1 Frontpage 2026-04-16 N/A
Microsoft FrontPage stores form results in a default location in /_private/form_results.txt, which is world-readable and accessible in the document root, which allows remote attackers to read possibly sensitive information submitted by other users.
CVE-1999-1055 1 Microsoft 1 Excel 2026-04-16 N/A
Microsoft Excel 97 does not warn the user before executing worksheet functions, which could allow attackers to execute arbitrary commands by using the CALL function to execute a malicious DLL, aka the Excel "CALL Vulnerability."
CVE-1999-1084 1 Microsoft 1 Windows Nt 2026-04-16 N/A
The "AEDebug" registry key is installed with insecure permissions, which allows local users to modify the key to specify a Trojan Horse debugger which is automatically executed on a system crash.
CVE-1999-1087 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Internet Explorer 4 treats a 32-bit number ("dotless IP address") in the a URL as the hostname instead of an IP address, which causes IE to apply Local Intranet Zone settings to the resulting web page, allowing remote malicious web servers to conduct unauthorized activities by using URLs that contain the dotless IP address for their server.
CVE-1999-1093 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Buffer overflow in the Window.External function in the JScript Scripting Engine in Internet Explorer 4.01 SP1 and earlier allows remote attackers to execute arbitrary commands via a malicious web page.
CVE-1999-1094 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Buffer overflow in Internet Explorer 4.01 and earlier allows remote attackers to execute arbitrary commands via a long URL with the "mk:" protocol, aka the "MK Overrun security issue."
CVE-1999-1097 1 Microsoft 1 Netmeeting 2026-04-16 N/A
Microsoft NetMeeting 2.1 allows one client to read the contents of another client's clipboard via a CTRL-C in the chat box when the box is empty.
CVE-1999-1104 1 Microsoft 1 Windows 95 2026-04-16 N/A
Windows 95 uses weak encryption for the password list (.pwl) file used when password caching is enabled, which allows local users to gain privileges by decrypting the passwords.