Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Microsoft Subscribe
Filtered by product Windows 2000
Total 632 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-4609 12 Bsd, Bsdi, Cisco and 9 more 22 Bsd, Bsd Os, Catalyst Blade Switch 3020 and 19 more 2022-12-14 7.1 HIGH N/A
The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress.
CVE-1999-0505 1 Microsoft 2 Windows 2000, Windows Nt 2022-08-17 7.2 HIGH N/A
A Windows NT domain user or administrator account has a guessable password.
CVE-1999-0582 1 Microsoft 2 Windows 2000, Windows Nt 2022-08-17 5.0 MEDIUM N/A
A Windows NT account policy has inappropriate, security-critical settings for lockout, e.g. lockout duration, lockout after bad logon attempts, etc.
CVE-1999-0534 1 Microsoft 2 Windows 2000, Windows Nt 2022-08-17 4.6 MEDIUM N/A
A Windows NT user has inappropriate rights or privileges, e.g. Act as System, Add Workstation, Backup, Change System Time, Create Pagefile, Create Permanent Object, Create Token Name, Debug, Generate Security Audit, Increase Priority, Increase Quota, Load Driver, Lock Memory, Profile Single Process, Remote Shutdown, Replace Process Token, Restore, System Environment, Take Ownership, or Unsolicited Input.
CVE-1999-0249 1 Microsoft 2 Windows 2000, Windows Nt 2022-08-17 7.2 HIGH N/A
Windows NT RSHSVC program allows remote users to execute arbitrary commands.
CVE-1999-0506 1 Microsoft 2 Windows 2000, Windows Nt 2022-08-17 7.2 HIGH N/A
A Windows NT domain user or administrator account has a default, null, blank, or missing password.
CVE-1999-0511 1 Microsoft 2 Windows 2000, Windows Nt 2022-08-17 7.5 HIGH N/A
IP forwarding is enabled on a machine which is not a router or firewall.
CVE-1999-0499 1 Microsoft 2 Windows 2000, Windows Nt 2022-08-17 7.5 HIGH N/A
NETBIOS share information may be published through SNMP registry keys in NT.
CVE-1999-0585 1 Microsoft 2 Windows 2000, Windows Nt 2022-08-17 2.1 LOW N/A
A Windows NT administrator account has the default name of Administrator.
CVE-1999-0612 2 Gnu, Microsoft 4 Finger Service, Fingerd, Windows 2000 and 1 more 2022-08-17 0.0 LOW N/A
A version of finger is running that exposes valid user information to any entity on the network.
CVE-1999-0535 1 Microsoft 2 Windows 2000, Windows Nt 2022-08-17 10.0 HIGH N/A
A Windows NT account policy for passwords has inappropriate, security-critical settings, e.g. for password length, password age, or uniqueness.
CVE-1999-0503 1 Microsoft 2 Windows 2000, Windows Nt 2022-08-17 7.2 HIGH N/A
A Windows NT local user or administrator account has a guessable password.
CVE-1999-0519 1 Microsoft 4 Outlook, Windows 2000, Windows 95 and 1 more 2022-08-17 7.5 HIGH N/A
A NETBIOS/SMB share password is the default, null, or missing.
CVE-1999-0504 1 Microsoft 2 Windows 2000, Windows Nt 2022-08-17 7.5 HIGH N/A
A Windows NT local user or administrator account has a default, null, blank, or missing password.
CVE-1999-0595 1 Microsoft 2 Windows 2000, Windows Nt 2022-08-16 2.1 LOW N/A
A Windows NT system does not clear the system page file during shutdown, which might allow sensitive information to be recorded.
CVE-1999-0391 1 Microsoft 3 Terminal Server, Windows 2000, Windows Nt 2022-08-16 7.5 HIGH N/A
The cryptographic challenge of SMB authentication in Windows 95 and Windows 98 can be reused, allowing an attacker to replay the response and impersonate a user.
CVE-1999-0572 1 Microsoft 2 Windows 2000, Windows Nt 2022-08-16 9.3 HIGH N/A
.reg files are associated with the Windows NT registry editor (regedit), making the registry susceptible to Trojan Horse attacks.
CVE-1999-0590 3 Apple, Linux, Microsoft 6 Macos, Linux Kernel, Windows 2000 and 3 more 2022-08-16 10.0 HIGH N/A
A system does not present an appropriate legal message or warning to a user who is accessing it.
CVE-2007-1751 1 Microsoft 5 Internet Explorer, Windows 2000, Windows 2003 Server and 2 more 2022-02-28 9.3 HIGH N/A
Microsoft Internet Explorer 5.01, 6, and 7 allows remote attackers to execute arbitrary code by causing Internet Explorer to access an uninitialized or deleted object, related to prototype variables and table cells, aka "Uninitialized Memory Corruption Vulnerability."
CVE-2008-4250 1 Microsoft 5 Windows 2000, Windows Server 2003, Windows Server 2008 and 2 more 2022-02-09 10.0 HIGH N/A
The Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, and 7 Pre-Beta allows remote attackers to execute arbitrary code via a crafted RPC request that triggers the overflow during path canonicalization, as exploited in the wild by Gimmiv.A in October 2008, aka "Server Service Vulnerability."