Microsoft : Security Vulnerabilities, CVEs, CVSS score between 7 and 7.99
Windows NT RSHSVC program allows remote users to execute arbitrary commands.
Max CVSS
7.2
EPSS Score
0.21%
Published
1997-01-01
Updated
2022-08-17
IIS 3.0 with the iis-fix hotfix installed allows remote intruders to read source code for ASP programs by using a %2e instead of a . (dot) in the URL.
Max CVSS
7.5
EPSS Score
1.42%
Published
1997-01-01
Updated
2022-08-17
CVE-1999-0256
Public exploit
Buffer overflow in War FTP allows remote execution of commands.
Max CVSS
7.5
EPSS Score
96.21%
Published
1998-02-01
Updated
2008-09-09
Remote command execution in Microsoft Internet Explorer using .lnk and .url files.
Max CVSS
7.5
EPSS Score
0.45%
Published
1997-04-01
Updated
2022-08-17
Denial of service to NT mail servers including Ipswitch, Mdaemon, and Exchange through a buffer overflow in the SMTP HELO command.
Max CVSS
7.5
EPSS Score
0.46%
Published
1998-01-01
Updated
2022-08-17
Buffer overflow in Internet Explorer 4.0(1).
Max CVSS
7.5
EPSS Score
0.35%
Published
1998-01-01
Updated
2022-08-17
Buffer overflow in NetMeeting allows denial of service and remote command execution.
Max CVSS
7.5
EPSS Score
1.14%
Published
1998-12-01
Updated
2018-08-13
NT users can gain debug-level access on a system process using the Sechole exploit.
Max CVSS
7.2
EPSS Score
0.05%
Published
1998-08-01
Updated
2018-10-12
A buffer overflow in the FTP list (ls) command in IIS allows remote attackers to conduct a denial of service and, in some cases, execute arbitrary commands.
Max CVSS
7.5
EPSS Score
0.65%
Published
1999-01-27
Updated
2018-10-12
Internet Explorer 4.x or 5.x with Word 97 allows arbitrary execution of Visual Basic programs to the IE client through the Word 97 template, which doesn't warn the user that the template contains executable content. Also applies to Outlook when the client views a malicious email message.
Max CVSS
7.5
EPSS Score
0.28%
Published
1999-11-01
Updated
2021-07-22
MS Site Server 2.0 with IIS 4 can allow users to upload content, including ASP, to the target web site, thus allowing them to execute commands remotely.
Max CVSS
7.2
EPSS Score
0.05%
Published
1999-01-30
Updated
2016-10-18
In some cases, Service Pack 4 for Windows NT 4.0 can allow access to network shares using a blank password, through a problem with a null NT hash value.
Max CVSS
7.5
EPSS Score
1.00%
Published
1999-02-08
Updated
2018-10-12
Microsoft Taskpads allows remote web sites to execute commands on the visiting user's machine via certain methods that are marked as Safe for Scripting.
Max CVSS
7.5
EPSS Score
0.77%
Published
1999-02-22
Updated
2018-10-12
The screen saver in Windows NT does not verify that its security context has been changed properly, allowing attackers to run programs with elevated privileges.
Max CVSS
7.2
EPSS Score
0.05%
Published
1999-03-12
Updated
2018-10-12
A legacy credential caching mechanism used in Windows 95 and Windows 98 systems allows attackers to read plaintext network passwords.
Max CVSS
7.8
EPSS Score
0.31%
Published
1999-11-29
Updated
2018-10-12
The cryptographic challenge of SMB authentication in Windows 95 and Windows 98 can be reused, allowing an attacker to replay the response and impersonate a user.
Max CVSS
7.5
EPSS Score
0.38%
Published
1999-01-05
Updated
2022-08-17
In IIS and other web servers, an attacker can attack commands as SYSTEM if the server is running as SYSTEM and loading an ISAPI extension.
Max CVSS
7.5
EPSS Score
0.23%
Published
1999-02-19
Updated
2020-11-23
The ExAir sample site in IIS 4 allows remote attackers to cause a denial of service (CPU consumption) via a direct request to the (1) advsearch.asp, (2) query.asp, or (3) search.asp scripts.
Max CVSS
7.8
EPSS Score
90.13%
Published
1999-01-26
Updated
2008-09-09
In IIS, an attacker could determine a real path using a request for a non-existent URL that would be interpreted by Perl (perl.exe).
Max CVSS
7.5
EPSS Score
0.47%
Published
1999-01-26
Updated
2020-11-23
Internet Explorer 4.0 and 5.0 allows a remote attacker to execute security scripts in a different security context using malicious URLs, a variant of the "cross frame" vulnerability.
Max CVSS
7.5
EPSS Score
1.17%
Published
1999-04-21
Updated
2021-07-22
MSHTML.DLL in Internet Explorer 5.0 allows a remote attacker to learn information about a local user's files via an IMG SRC tag.
Max CVSS
7.5
EPSS Score
0.99%
Published
1999-04-21
Updated
2021-07-22
A Windows NT 4.0 user can gain administrative rights by forcing NtOpenProcessToken to succeed regardless of the user's permissions, aka GetAdmin.
Max CVSS
7.2
EPSS Score
0.04%
Published
1997-01-01
Updated
2018-08-13
NETBIOS share information may be published through SNMP registry keys in NT.
Max CVSS
7.5
EPSS Score
0.35%
Published
1997-01-01
Updated
2022-08-17
A Windows NT local user or administrator account has a guessable password.
Max CVSS
7.2
EPSS Score
0.04%
Published
1997-01-01
Updated
2022-08-17
CVE-1999-0504
Public exploit
A Windows NT local user or administrator account has a default, null, blank, or missing password.
Max CVSS
7.5
EPSS Score
0.55%
Published
1997-01-01
Updated
2022-08-17
4213 vulnerabilities found
1
2
3
4
5
6 ......
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169