Windows Xp

windows_xp

Vendor: Microsoft • 739 CVEs

CVEs (739)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2002-0724 1Microsoft 3Windows 2000 Windows NtWindows Xp Apr 16, 2026 Sep 24, 2002 N/A· v4 N/A· v3 7.5 HIGH· v2 Buffer overflow in SMB (Server Message Block) protocol in Microsoft Windows NT, Windows 2000, and Windows XP allows attackers to cause a denial of service (crash) via a SMB_COM_TRANSACTION packet with a request for the (...Show more Buffer overflow in SMB (Server Message Block) protocol in Microsoft Windows NT, Windows 2000, and Windows XP allows attackers to cause a denial of service (crash) via a SMB_COM_TRANSACTION packet with a request for the (1) NetShareEnum, (2) NetServerEnum2, or (3) NetServerEnum3, aka "Unchecked Buffer in Network Share Provider Can Lead to Denial of Service".Show less
CVE-2002-0391 4Freebsd MicrosoftOpenbsd+1 more 7Freebsd OpenbsdSolaris+4 more Apr 16, 2026 Aug 12, 2002 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large num...Show more Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdr_array through RPC services such as rpc.cmsd and dmispd.Show less
CVE-2002-0366 1Microsoft 3Windows 2000 Windows NtWindows Xp Apr 16, 2026 Jul 3, 2002 N/A· v4 N/A· v3 7.2 HIGH· v2 Buffer overflow in Remote Access Service (RAS) phonebook for Windows NT 4.0, 2000, XP, and Routing and Remote Access Server (RRAS) allows local users to execute arbitrary code by modifying the rasphone.pbk file to use a...Show more Buffer overflow in Remote Access Service (RAS) phonebook for Windows NT 4.0, 2000, XP, and Routing and Remote Access Server (RRAS) allows local users to execute arbitrary code by modifying the rasphone.pbk file to use a long dial-up entry.Show less
CVE-2002-0283 1Microsoft 1Windows Xp Apr 16, 2026 May 31, 2002 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Windows XP with port 445 open allows remote attackers to cause a denial of service (CPU consumption) via a flood of TCP SYN packets containing possibly malformed data.
CVE-2002-0151 1Microsoft 3Windows 2000 Windows NtWindows Xp Apr 16, 2026 Apr 4, 2002 N/A· v4 N/A· v3 7.2 HIGH· v2 Buffer overflow in Multiple UNC Provider (MUP) in Microsoft Windows operating systems allows local users to cause a denial of service or possibly gain SYSTEM privileges via a long UNC request.
CVE-2002-0057 1Microsoft 4Internet Explorer Sql ServerWindows Xp+1 more Apr 16, 2026 Mar 8, 2002 N/A· v4 N/A· v3 5.0 MEDIUM· v2 XMLHTTP control in Microsoft XML Core Services 2.6 and later does not properly handle IE Security Zone settings, which allows remote attackers to read arbitrary files by specifying a local file as an XML Data Source.
CVE-2002-0055 1Microsoft 3Exchange Server Windows 2000Windows Xp Apr 16, 2026 Mar 8, 2002 N/A· v4 N/A· v3 5.0 MEDIUM· v2 SMTP service in Microsoft Windows 2000, Windows XP Professional, and Exchange 2000 allows remote attackers to cause a denial of service via a command with a malformed data transfer (BDAT) request.
CVE-2002-0053 1Microsoft 6Windows 2000 Windows 95Windows 98+3 more Apr 16, 2026 Mar 8, 2002 N/A· v4 N/A· v3 7.5 HIGH· v2 Buffer overflow in SNMP agent service in Windows 95/98/98SE, Windows NT 4.0, Windows 2000, and Windows XP allows remote attackers to cause a denial of service or execute arbitrary code via a malformed management request....Show more Buffer overflow in SNMP agent service in Windows 95/98/98SE, Windows NT 4.0, Windows 2000, and Windows XP allows remote attackers to cause a denial of service or execute arbitrary code via a malformed management request. NOTE: this candidate may be split or merged with other candidates. This and other PROTOS-related candidates, especially CVE-2002-0012 and CVE-2002-0013, will be updated when more accurate information is available.Show less
CVE-2001-1571 1Microsoft 1Windows Xp Apr 16, 2026 Dec 31, 2001 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The Remote Desktop client in Windows XP sends the most recent user account name in cleartext, which could allow remote attackers to obtain terminal server user account names via sniffing.
CVE-2001-1570 1Microsoft 1Windows Xp Apr 16, 2026 Dec 31, 2001 N/A· v4 N/A· v3 2.1 LOW· v2 Windows XP with fast user switching and account lockout enabled allows local users to deny user account access by setting the fast user switch to the same user (self) multiple times, which causes other accounts to be loc...Show more Windows XP with fast user switching and account lockout enabled allows local users to deny user account access by setting the fast user switch to the same user (self) multiple times, which causes other accounts to be locked out.Show less
CVE-2001-1560 1Microsoft 2Windows 2000 Windows Xp Apr 16, 2026 Dec 31, 2001 N/A· v4 N/A· v3 2.1 LOW· v2 Win32k.sys (aka Graphics Device Interface (GDI)) in Windows 2000 and XP allows local users to cause a denial of service (system crash) by calling the ShowWindow function after receiving a WM_NCCREATE message.
CVE-2001-0879 1Microsoft 4Sql Server Windows 2000Windows Nt+1 more Apr 16, 2026 Dec 20, 2001 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Format string vulnerability in the C runtime functions in SQL Server 7.0 and 2000 allows attackers to cause a denial of service.
CVE-2001-0877 1Microsoft 4Windows 98 Windows 98seWindows Me+1 more Apr 16, 2026 Dec 20, 2001 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Universal Plug and Play (UPnP) on Windows 98, 98SE, ME, and XP allows remote attackers to cause a denial of service via (1) a spoofed SSDP advertisement that causes the client to connect to a service on another machine t...Show more Universal Plug and Play (UPnP) on Windows 98, 98SE, ME, and XP allows remote attackers to cause a denial of service via (1) a spoofed SSDP advertisement that causes the client to connect to a service on another machine that generates a large amount of traffic (e.g., chargen), or (2) via a spoofed SSDP announcement to broadcast or multicast addresses, which could cause all UPnP clients to send traffic to a single target system.Show less
CVE-2001-0876 1Microsoft 4Windows 98 Windows 98seWindows Me+1 more Apr 16, 2026 Dec 20, 2001 N/A· v4 N/A· v3 7.5 HIGH· v2 Buffer overflow in Universal Plug and Play (UPnP) on Windows 98, 98SE, ME, and XP allows remote attackers to execute arbitrary code via a NOTIFY directive with a long Location URL.
CVE-2001-1200 1Microsoft 1Windows Xp Apr 16, 2026 Dec 17, 2001 N/A· v4 N/A· v3 7.2 HIGH· v2 Microsoft Windows XP allows local users to bypass a locked screen and run certain programs that are associated with Hot Keys.
CVE-2001-0860 1Microsoft 2Windows 2000 Windows Xp Apr 16, 2026 Dec 6, 2001 N/A· v4 N/A· v3 7.5 HIGH· v2 Terminal Services Manager MMC in Windows 2000 and XP trusts the Client Address (IP address) that is provided by the client instead of obtaining it from the packet headers, which allows clients to spoof their public IP ad...Show more Terminal Services Manager MMC in Windows 2000 and XP trusts the Client Address (IP address) that is provided by the client instead of obtaining it from the packet headers, which allows clients to spoof their public IP address, e.g. through a Network Address Translation (NAT).Show less
CVE-2001-0721 1Microsoft 4Windows 98 Windows 98seWindows Me+1 more Apr 16, 2026 Dec 6, 2001 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Universal Plug and Play (UPnP) in Windows 98, 98SE, ME, and XP allows remote attackers to cause a denial of service (memory consumption or crash) via a malformed UPnP request.
CVE-2001-0909 1Microsoft 1Windows Xp Apr 16, 2026 Nov 21, 2001 N/A· v4 N/A· v3 7.5 HIGH· v2 Buffer overflow in helpctr.exe program in Microsoft Help Center for Windows XP allows remote attackers to execute arbitrary code via a long hcp: URL.
CVE-2000-1218 1Microsoft 5Windows 2000 Windows 98Windows 98se+2 more Apr 16, 2026 Apr 14, 2000 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The default configuration for the domain name resolver for Microsoft Windows 98, NT 4.0, 2000, and XP sets the QueryIpMatching parameter to 0, which causes Windows to accept DNS updates from hosts that it did not query,...Show more The default configuration for the domain name resolver for Microsoft Windows 98, NT 4.0, 2000, and XP sets the QueryIpMatching parameter to 0, which causes Windows to accept DNS updates from hosts that it did not query, which allows remote attackers to poison the DNS cache.Show less

Previous 1...33 34 35 3637