VYPR

Windows Nt

by Microsoft

CVEs (279)

  • CVE-1999-0723Jun 23, 1999
    risk 0.01cvss epss 0.08

    The Windows NT Client Server Runtime Subsystem (CSRSS) can be subjected to a denial of service when all worker threads are waiting for user input.

  • CVE-1999-0489May 17, 1999
    risk 0.01cvss epss 0.12

    MSHTML.DLL in Internet Explorer 5.0 allows a remote attacker to paste a file name into the file upload intrinsic control, a variant of "untrusted scripted paste" as described in MS:MS98-013.

  • CVE-1999-0444Apr 12, 1999
    risk 0.01cvss epss 0.16

    Remote attackers can perform a denial of service in Windows machines using malicious ARP packets, forcing a message box display for each packet or filling up log files.

  • CVE-1999-1254Mar 8, 1999
    risk 0.01cvss epss 0.13

    Windows 95, 98, and NT 4.0 allow remote attackers to cause a denial of service by spoofing ICMP redirect messages from a router, which causes Windows to change its routing tables.

  • CVE-1999-0285Jan 1, 1999
    risk 0.01cvss epss 0.07

    Denial of service in telnet from the Windows NT Resource Kit, by opening then immediately closing a connection.

  • CVE-1999-0581Jan 1, 1999
    risk 0.01cvss epss 0.07

    The HKEY_CLASSES_ROOT key in a Windows NT system has inappropriate, system-critical permissions.

  • CVE-1999-1291Oct 5, 1998
    risk 0.01cvss epss 0.13

    TCP/IP implementation in Microsoft Windows 95, Windows NT 4.0, and possibly others, allows remote attackers to reset connections by forcing a reset (RST) via a PSH ACK or other means, obtaining the target's last sequence number from the resulting packet, then spoofing a reset to…

  • CVE-1999-0969Sep 29, 1998
    risk 0.01cvss epss 0.13

    The Windows NT RPC service allows remote attackers to conduct a denial of service using spoofed malformed RPC packets which generate an error message that is sent to the spoofed host, potentially setting up a loop, aka Snork.

  • CVE-1999-1361May 9, 1998
    risk 0.01cvss epss 0.09

    Windows NT 3.51 and 4.0 running WINS (Windows Internet Name Service) allows remote attackers to cause a denial of service (resource exhaustion) via a flood of malformed packets, which causes the server to slow down and fill the event logs with error messages.

  • CVE-1999-0225Feb 14, 1998
    risk 0.01cvss epss 0.19

    Windows NT 4.0 allows remote attackers to cause a denial of service via a malformed SMB logon request in which the actual data size does not match the specified size.

  • CVE-1999-0104Dec 16, 1997
    risk 0.01cvss epss 0.09

    A later variation on the Teardrop IP denial of service attack, a.k.a. Teardrop-2.

  • CVE-1999-1463Jul 10, 1997
    risk 0.01cvss epss 0.16

    Windows NT 4.0 before SP3 allows remote attackers to bypass firewall restrictions or cause a denial of service (crash) by sending improperly fragmented IP packets without the first fragment, which the TCP/IP stack incorrectly reassembles into a valid session.

  • CVE-1999-0074Jul 1, 1997
    risk 0.01cvss epss 0.08

    Listening TCP ports are sequentially allocated, allowing spoofing attacks.

  • CVE-1999-0582Jan 1, 1997
    risk 0.01cvss epss 0.06

    A Windows NT account policy has inappropriate, security-critical settings for lockout, e.g. lockout duration, lockout after bad logon attempts, etc.

  • CVE-1999-0249Jan 1, 1997
    risk 0.01cvss epss 0.07

    Windows NT RSHSVC program allows remote users to execute arbitrary commands.

  • CVE-2026-20922Jan 13, 2026
    risk 0.00cvss epss 0.01

    Heap-based buffer overflow in Windows NTFS allows an authorized attacker to execute code locally.

  • CVE-2025-55335Oct 14, 2025
    risk 0.00cvss epss 0.00

    Use after free in Windows NTFS allows an unauthorized attacker to elevate privileges locally.

  • CVE-2025-50158Aug 12, 2025
    risk 0.00cvss epss 0.00

    Time-of-check time-of-use (toctou) race condition in Windows NTFS allows an unauthorized attacker to disclose information locally.

  • CVE-2025-21197Apr 8, 2025
    risk 0.00cvss epss 0.03

    Improper access control in Windows NTFS allows an authorized attacker to disclose file path information under a folder where the attacker doesn't have permission to list content.

  • CVE-2025-24992Mar 11, 2025
    risk 0.00cvss epss 0.01

    Buffer over-read in Windows NTFS allows an unauthorized attacker to disclose information locally.

Page 10 of 14