Windows
by Microsoft
CVEs (2,396)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2005-2388 | 0.00 | — | 0.02 | Jul 27, 2005 | Buffer overflow in a certain USB driver, as used on Microsoft Windows, allows attackers to execute arbitrary code. | |||
| CVE-2005-0550 | 0.00 | — | 0.02 | May 2, 2005 | Buffer overflow in Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to cause a denial of service (i.e., system crash) via a malformed request, aka "Object Management Vulnerability". | |||
| CVE-2005-0060 | 0.00 | — | 0.02 | May 2, 2005 | Buffer overflow in the font processing component of Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to gain privileges via a specially-designed application. | |||
| CVE-2004-0208 | 0.00 | — | 0.02 | Nov 3, 2004 | The Virtual DOS Machine (VDM) subsystem of Microsoft Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to access kernel memory and gain privileges via a malicious program that modified some system structures in a way that is not properly… | |||
| CVE-2004-0207 | 0.00 | — | 0.02 | Nov 3, 2004 | "Shatter" style vulnerability in the Window Management application programming interface (API) for Microsoft Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to gain privileges by using certain API functions to change properties of… | |||
| CVE-2002-2028 | 0.00 | — | 0.02 | Dec 31, 2002 | The screensaver on Windows NT 4.0, 2000, XP, and 2002 does not verify if a domain account has already been locked when a valid password is provided, which makes it easier for users with physical access to conduct brute force password guessing. | |||
| CVE-2002-2401 | 0.00 | — | 0.02 | Dec 31, 2002 | NT Virtual DOS Machine (NTVDM.EXE) in Windows 2000, NT and XP does not verify user execution permissions for 16-bit executable files, which allows local users to bypass the loader and execute arbitrary programs. | |||
| CVE-2002-1692 | 0.00 | — | 0.02 | Dec 31, 2002 | Buffer overflow in backup utility of Microsoft Windows 95 allows attackers to execute arbitrary code by causing a filename with a long extension to be placed in a folder to be backed up. | |||
| CVE-2002-0151 | 0.00 | — | 0.04 | Apr 4, 2002 | Buffer overflow in Multiple UNC Provider (MUP) in Microsoft Windows operating systems allows local users to cause a denial of service or possibly gain SYSTEM privileges via a long UNC request. | |||
| CVE-1999-0590 | 0.00 | — | 0.06 | Jun 1, 2000 | A system does not present an appropriate legal message or warning to a user who is accessing it. | |||
| CVE-1999-1104 | 0.00 | — | 0.01 | Dec 31, 1999 | Windows 95 uses weak encryption for the password list (.pwl) file used when password caching is enabled, which allows local users to gain privileges by decrypting the passwords. | |||
| CVE-1999-0717 | 0.00 | — | 0.06 | May 7, 1999 | A remote attacker can disable the virus warning mechanism in Microsoft Excel 97. | |||
| CVE-1999-0258 | 0.00 | — | 0.06 | Feb 13, 1998 | Bonk variation of teardrop IP fragmentation denial of service. | |||
| CVE-1999-0179 | 0.00 | — | 0.06 | Jan 1, 1997 | Windows NT crashes or locks up when a Samba client executes a "cd .." command on a file share. | |||
| CVE-1999-0519 | 0.00 | — | 0.06 | Jan 1, 1997 | A NETBIOS/SMB share password is the default, null, or missing. | |||
| CVE-1999-0518 | 0.00 | — | 0.05 | Jan 1, 1997 | A NETBIOS/SMB share password is guessable. |
- CVE-2005-2388Jul 27, 2005risk 0.00cvss —epss 0.02
Buffer overflow in a certain USB driver, as used on Microsoft Windows, allows attackers to execute arbitrary code.
- CVE-2005-0550May 2, 2005risk 0.00cvss —epss 0.02
Buffer overflow in Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to cause a denial of service (i.e., system crash) via a malformed request, aka "Object Management Vulnerability".
- CVE-2005-0060May 2, 2005risk 0.00cvss —epss 0.02
Buffer overflow in the font processing component of Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to gain privileges via a specially-designed application.
- CVE-2004-0208Nov 3, 2004risk 0.00cvss —epss 0.02
The Virtual DOS Machine (VDM) subsystem of Microsoft Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to access kernel memory and gain privileges via a malicious program that modified some system structures in a way that is not properly…
- CVE-2004-0207Nov 3, 2004risk 0.00cvss —epss 0.02
"Shatter" style vulnerability in the Window Management application programming interface (API) for Microsoft Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to gain privileges by using certain API functions to change properties of…
- CVE-2002-2028Dec 31, 2002risk 0.00cvss —epss 0.02
The screensaver on Windows NT 4.0, 2000, XP, and 2002 does not verify if a domain account has already been locked when a valid password is provided, which makes it easier for users with physical access to conduct brute force password guessing.
- CVE-2002-2401Dec 31, 2002risk 0.00cvss —epss 0.02
NT Virtual DOS Machine (NTVDM.EXE) in Windows 2000, NT and XP does not verify user execution permissions for 16-bit executable files, which allows local users to bypass the loader and execute arbitrary programs.
- CVE-2002-1692Dec 31, 2002risk 0.00cvss —epss 0.02
Buffer overflow in backup utility of Microsoft Windows 95 allows attackers to execute arbitrary code by causing a filename with a long extension to be placed in a folder to be backed up.
- CVE-2002-0151Apr 4, 2002risk 0.00cvss —epss 0.04
Buffer overflow in Multiple UNC Provider (MUP) in Microsoft Windows operating systems allows local users to cause a denial of service or possibly gain SYSTEM privileges via a long UNC request.
- CVE-1999-0590Jun 1, 2000risk 0.00cvss —epss 0.06
A system does not present an appropriate legal message or warning to a user who is accessing it.
- CVE-1999-1104Dec 31, 1999risk 0.00cvss —epss 0.01
Windows 95 uses weak encryption for the password list (.pwl) file used when password caching is enabled, which allows local users to gain privileges by decrypting the passwords.
- CVE-1999-0717May 7, 1999risk 0.00cvss —epss 0.06
A remote attacker can disable the virus warning mechanism in Microsoft Excel 97.
- CVE-1999-0258Feb 13, 1998risk 0.00cvss —epss 0.06
Bonk variation of teardrop IP fragmentation denial of service.
- CVE-1999-0179Jan 1, 1997risk 0.00cvss —epss 0.06
Windows NT crashes or locks up when a Samba client executes a "cd .." command on a file share.
- CVE-1999-0519Jan 1, 1997risk 0.00cvss —epss 0.06
A NETBIOS/SMB share password is the default, null, or missing.
- CVE-1999-0518Jan 1, 1997risk 0.00cvss —epss 0.05
A NETBIOS/SMB share password is guessable.
Page 120 of 120