Export limit exceeded: 29914 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29914 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-0044 | 1 Microsoft | 7 Exchange Server, Windows 2000, Windows 2003 Server and 4 more | 2026-04-16 | N/A |
| The OLE component in Windows 98, 2000, XP, and Server 2003, and Exchange Server 5.0 through 2003, does not properly validate the lengths of messages for certain OLE data, which allows remote attackers to execute arbitrary code, aka the "Input Validation Vulnerability." | ||||
| CVE-2005-0045 | 1 Microsoft | 4 Windows 2000, Windows 2003 Server, Windows Nt and 1 more | 2026-04-16 | N/A |
| The Server Message Block (SMB) implementation for Windows NT 4.0, 2000, XP, and Server 2003 does not properly validate certain SMB packets, which allows remote attackers to execute arbitrary code via Transaction responses containing (1) Trans or (2) Trans2 commands, aka the "Server Message Block Vulnerability," and as demonstrated using Trans2 FIND_FIRST2 responses with large file name length fields. | ||||
| CVE-2005-3171 | 1 Microsoft | 1 Windows 2000 | 2026-04-16 | N/A |
| Microsoft Windows 2000 before Update Rollup 1 for SP4 records Event ID 1704 to indicate that Group Policy security settings were successfully updated, even when the processing fails such as when Ntuser.pol cannot be accessed, which could cause system administrators to believe that the system is compliant with the specified settings. | ||||
| CVE-2002-0022 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Buffer overflow in the implementation of an HTML directive in mshtml.dll in Internet Explorer 5.5 and 6.0 allows remote attackers to execute arbitrary code via a web page that specifies embedded ActiveX controls in a way that causes 2 Unicode strings to be concatenated. | ||||
| CVE-2005-0047 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2026-04-16 | N/A |
| Windows 2000, XP, and Server 2003 does not properly "validate the use of memory regions" for COM structured storage files, which allows attackers to execute arbitrary code, aka the "COM Structured Storage Vulnerability." | ||||
| CVE-2005-3177 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2026-04-16 | N/A |
| CHKDSK in Microsoft Windows 2000 before Update Rollup 1 for SP4, Windows XP, and Windows Server 2003, when running in fix mode, does not properly handle security descriptors if the master file table contains a large number of files or if the descriptors do not satisfy certain NTFS conventions, which could cause ACLs for some files to be reverted to less secure defaults, or cause security descriptors to be removed. | ||||
| CVE-2002-0023 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to read arbitrary files via malformed requests to the GetObject function, which bypass some of GetObject's security checks. | ||||
| CVE-2005-0048 | 1 Microsoft | 2 Windows 2000, Windows Xp | 2026-04-16 | N/A |
| Microsoft Windows XP SP2 and earlier, 2000 SP3 and SP4, Server 2003, and older operating systems allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IP packets with malformed options, aka the "IP Validation Vulnerability." | ||||
| CVE-2002-0024 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| File Download box in Internet Explorer 5.01, 5.5 and 6.0 allows an attacker to use the Content-Disposition and Content-Type HTML header fields to modify how the name of the file is displayed, which could trick a user into believing that a file is safe to download. | ||||
| CVE-2002-0025 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Internet Explorer 5.01, 5.5 and 6.0 does not properly handle the Content-Type HTML header field, which allows remote attackers to modify which application is used to process a document. | ||||
| CVE-2002-0026 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Internet Explorer 5.5 and 6.0 allows remote attackers to bypass restrictions for executing scripts via an object that processes asynchronous events after the initial security checks have been made. | ||||
| CVE-2002-0027 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Internet Explorer 5.5 and 6.0 allows remote attackers to read certain files and spoof the URL in the address bar by using the Document.open function to pass information between two frames from different domains, a new variant of the "Frame Domain Verification" vulnerability described in MS:MS01-058/CAN-2001-0874. | ||||
| CVE-2002-0028 | 1 Mirabilis | 1 Icq | 2026-04-16 | N/A |
| Buffer overflow in ICQ before 2001B Beta v5.18 Build #3659 allows remote attackers to execute arbitrary code via a Voice Video & Games request. | ||||
| CVE-2002-0029 | 3 Astaro, Isc, Redhat | 3 Security Linux, Bind, Enterprise Linux | 2026-04-16 | N/A |
| Buffer overflows in the DNS stub resolver library in ISC BIND 4.9.2 through 4.9.10, and other derived libraries such as BSD libc and GNU glibc, allow remote attackers to execute arbitrary code via DNS server responses that trigger the overflow in the (1) getnetbyname, or (2) getnetbyaddr functions, aka "LIBRESOLV: buffer overrun" and a different vulnerability than CVE-2002-0684. | ||||
| CVE-2002-0064 | 2 Bindview, Funk Software | 2 Netrc, Funk Software Proxy | 2026-04-16 | N/A |
| Funk Software Proxy Host 3.x is installed with insecure permissions for the registry and the file system. | ||||
| CVE-2002-0065 | 2 Bindview, Funk Software | 2 Netrc, Funk Software Proxy | 2026-04-16 | N/A |
| Funk Software Proxy Host 3.x uses weak encryption for the Proxy Host password, which allows local users to gain privileges by recovering the passwords from the PHOST.INI file or the Windows registry. | ||||
| CVE-2005-0086 | 1 Redhat | 2 Enterprise Linux, Enterprise Linux Desktop | 2026-04-16 | N/A |
| Heap-based buffer overflow in less in Red Hat Enterprise Linux 3 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted file, as demonstrated using the UTF-8 locale. | ||||
| CVE-2002-0068 | 2 Redhat, Squid | 2 Linux, Squid | 2026-04-16 | N/A |
| Squid 2.4 STABLE3 and earlier allows remote attackers to cause a denial of service (core dump) and possibly execute arbitrary code with an ftp:// URL with a larger number of special characters, which exceed the buffer when Squid URL-escapes the characters. | ||||
| CVE-2005-0089 | 2 Python, Redhat | 2 Python, Enterprise Linux | 2026-04-16 | N/A |
| The SimpleXMLRPCServer library module in Python 2.2, 2.3 before 2.3.5, and 2.4, when used by XML-RPC servers that use the register_instance method to register an object without a _dispatch method, allows remote attackers to read or modify globals of the associated module, and possibly execute arbitrary code, via dotted attributes. | ||||
| CVE-2002-0072 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2026-04-16 | N/A |
| The w3svc.dll ISAPI filter in Front Page Server Extensions and ASP.NET for Internet Information Server (IIS) 4.0, 5.0, and 5.1 does not properly handle the error condition when a long URL is provided, which allows remote attackers to cause a denial of service (crash) when the URL parser accesses a null pointer. | ||||