U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): Windows
  • Search Type: Search All
  • CPE Name Search: false
There are 11,808 matching records.
Displaying matches 11,761 through 11,780.
Vuln ID Summary CVSS Severity
CVE-1999-0591

An event log in Windows NT has inappropriate access permissions.

Published: January 01, 1999; 12:00:00 AM -0500
V4.0:(not available)
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-1999-0592

The Logon box of a Windows NT system displays the name of the last user who logged in.

Published: January 01, 1999; 12:00:00 AM -0500
V4.0:(not available)
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-1999-0593

The default setting for the Winlogon key entry ShutdownWithoutLogon in Windows NT allows users with physical access to shut down a Windows NT system without logging in.

Published: January 01, 1999; 12:00:00 AM -0500
V4.0:(not available)
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-1999-0594

A Windows NT system does not restrict access to removable media drives such as a floppy disk drive or CDROM drive.

Published: January 01, 1999; 12:00:00 AM -0500
V4.0:(not available)
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-1999-0596

A Windows NT log file has an inappropriate maximum size or retention period.

Published: January 01, 1999; 12:00:00 AM -0500
V4.0:(not available)
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-1999-0597

A Windows NT account policy does not forcibly disconnect remote users from the server when their logon hours expire.

Published: January 01, 1999; 12:00:00 AM -0500
V4.0:(not available)
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-1999-0603

In Windows NT, an inappropriate user is a member of a group, e.g. Administrator, Backup Operators, Domain Admins, Domain Guests, Power Users, Print Operators, Replicators, System Operators, etc.

Published: January 01, 1999; 12:00:00 AM -0500
V4.0:(not available)
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-1999-0611

A system-critical Windows NT registry key has an inappropriate value.

Published: January 01, 1999; 12:00:00 AM -0500
V4.0:(not available)
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-1999-0664

An application-critical Windows NT registry key has inappropriate permissions.

Published: January 01, 1999; 12:00:00 AM -0500
V4.0:(not available)
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-1999-0665

An application-critical Windows NT registry key has an inappropriate value.

Published: January 01, 1999; 12:00:00 AM -0500
V4.0:(not available)
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-1999-1289

ICQ 98 beta on Windows NT leaks the internal IP address of a client in the TCP data segment of an ICQ packet instead of the public address (e.g. through NAT), which provides remote attackers with potentially sensitive information about the client or the internal network configuration.

Published: November 11, 1998; 12:00:00 AM -0500
V4.0:(not available)
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-1999-1291

TCP/IP implementation in Microsoft Windows 95, Windows NT 4.0, and possibly others, allows remote attackers to reset connections by forcing a reset (RST) via a PSH ACK or other means, obtaining the target's last sequence number from the resulting packet, then spoofing a reset to the target.

Published: October 05, 1998; 12:00:00 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-1999-0505

A Windows NT domain user or administrator account has a guessable password.

Published: October 01, 1998; 12:00:00 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-1999-0506

A Windows NT domain user or administrator account has a default, null, blank, or missing password.

Published: October 01, 1998; 12:00:00 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-1999-0546

The Windows NT guest account is enabled.

Published: October 01, 1998; 12:00:00 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 4.6 MEDIUM
CVE-1999-0969

The Windows NT RPC service allows remote attackers to conduct a denial of service using spoofed malformed RPC packets which generate an error message that is sent to the spoofed host, potentially setting up a loop, aka Snork.

Published: September 29, 1998; 12:00:00 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-1999-0158

Cisco PIX firewall manager (PFM) on Windows NT allows attackers to connect to port 8080 on the PFM server and retrieve any file whose name and location is known.

Published: August 31, 1998; 12:00:00 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-1999-0288

The WINS server in Microsoft Windows NT 4.0 before SP4 allows remote attackers to cause a denial of service (process termination) via invalid UDP frames to port 137 (NETBIOS Name Service), as demonstrated via a flood of random packets.

Published: August 01, 1998; 12:00:00 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-1999-1361

Windows NT 3.51 and 4.0 running WINS (Windows Internet Name Service) allows remote attackers to cause a denial of service (resource exhaustion) via a flood of malformed packets, which causes the server to slow down and fill the event logs with error messages.

Published: May 09, 1998; 12:00:00 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 6.4 MEDIUM
CVE-1999-0225

Windows NT 4.0 allows remote attackers to cause a denial of service via a malformed SMB logon request in which the actual data size does not match the specified size.

Published: February 14, 1998; 12:00:00 AM -0500
V4.0:(not available)
V3.x:(not available)
V2.0: 5.0 MEDIUM