CVSS: 7.5EPSS: 16%CPEs: 3EXPL: 1CVE-2000-0168 – Microsoft Windows Server 2000/95/98/ME/NT 3.5.x/Enterprise Server 4.0/Terminal Server 4.0/Workstation 4.0 Microsoft DoS Device Name - Denial of Service
https://notcve.org/view.php?id=CVE-2000-0168
04 Mar 2000 — Microsoft Windows 9x operating systems allow an attacker to cause a denial of service via a pathname that includes file device names, aka the "DOS Device in Path Name" vulnerability. • https://www.exploit-db.com/exploits/19799 •
CVSS: 7.8EPSS: 1%CPEs: 3EXPL: 2CVE-2000-0155 – Microsoft Windows 95/98/NT 4.0 - 'autorun.inf' Code Execution
https://notcve.org/view.php?id=CVE-2000-0155
18 Feb 2000 — Windows NT Autorun executes the autorun.inf file on non-removable media, which allows local attackers to specify an alternate program to execute when other users access a drive. • https://www.exploit-db.com/exploits/19754 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 10.0EPSS: 10%CPEs: 11EXPL: 0CVE-1999-0590
https://notcve.org/view.php?id=CVE-1999-0590
04 Feb 2000 — A system does not present an appropriate legal message or warning to a user who is accessing it. • http://ciac.llnl.gov/ciac/bulletins/j-043.shtml •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 1CVE-2000-0129 – Cat Soft Serv-U FTP Server 2.5/a/b (Windows 95/98/2000/NT 4.0) - Shortcut
https://notcve.org/view.php?id=CVE-2000-0129
04 Feb 2000 — Buffer overflow in the SHGetPathFromIDList function of the Serv-U FTP server allows attackers to cause a denial of service by performing a LIST command on a malformed .lnk file. • https://www.exploit-db.com/exploits/19743 •
CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 0CVE-1999-1104
https://notcve.org/view.php?id=CVE-1999-1104
31 Dec 1999 — Windows 95 uses weak encryption for the password list (.pwl) file used when password caching is enabled, which allows local users to gain privileges by decrypting the passwords. • http://marc.info/?l=bugtraq&m=87602167418931&w=2 •
CVSS: 7.5EPSS: 36%CPEs: 1EXPL: 0CVE-1999-1105
https://notcve.org/view.php?id=CVE-1999-1105
31 Dec 1999 — Windows 95, when Remote Administration and File Sharing for NetWare Networks is enabled, creates a share (C$) when an administrator logs in remotely, which allows remote attackers to read arbitrary files by mapping the network drive. • http://www.iss.net/security_center/static/7231.php •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1CVE-1999-0975 – Microsoft Windows 95/98/NT 4.0 - Help File Backdoor
https://notcve.org/view.php?id=CVE-1999-0975
10 Dec 1999 — The Windows help system can allow a local user to execute commands as another user by editing a table of contents metafile with a .CNT extension and modifying the topic action to include the commands to be executed when the .hlp file is accessed. • https://www.exploit-db.com/exploits/19673 •
CVSS: 7.8EPSS: 24%CPEs: 2EXPL: 0CVE-1999-0387
https://notcve.org/view.php?id=CVE-1999-0387
29 Nov 1999 — A legacy credential caching mechanism used in Windows 95 and Windows 98 systems allows attackers to read plaintext network passwords. • http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ168115 • CWE-255: Credentials Management Errors •
CVSS: 9.8EPSS: 24%CPEs: 2EXPL: 2CVE-2000-0330 – Microsoft Windows 95/98 - UNC Buffer Overflow
https://notcve.org/view.php?id=CVE-2000-0330
12 Nov 1999 — The networking software in Windows 95 and Windows 98 allows remote attackers to execute commands via a long file name string, aka the "File Access URL" vulnerability. • https://www.exploit-db.com/exploits/19607 •
CVSS: 9.1EPSS: 5%CPEs: 10EXPL: 0CVE-1999-0909
https://notcve.org/view.php?id=CVE-1999-0909
20 Sep 1999 — Multihomed Windows systems allow a remote attacker to bypass IP source routing restrictions via a malformed packet with IP options, aka the "Spoofed Route Pointer" vulnerability. • http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ238453 • CWE-264: Permissions, Privileges, and Access Controls •