Every CVE whose affected-product data names Microsoft Windows 95, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (46)
CVE-2002-1257 — CVSS 10.0 (critical): Microsoft Virtual Machine (VM) up to and including build 5.0.3805 allows remote attackers to execute arbitrary code by including a Java…
CVE-2000-0305 — CVSS 7.8 (high): Windows 95, Windows 98, Windows 2000, Windows NT 4.0, and Terminal Server systems allow a remote attacker to cause a denial of service by…
CVE-1999-0387 — CVSS 7.8 (high): A legacy credential caching mechanism used in Windows 95 and Windows 98 systems allows attackers to read plaintext network passwords.
CVE-2000-0330 — CVSS 7.6 (high): The networking software in Windows 95 and Windows 98 allows remote attackers to execute commands via a long file name string, aka the "File…
CVE-1999-1593 — CVSS 7.6 (high): Windows Internet Naming Service (WINS) allows remote attackers to cause a denial of service (connectivity loss) or steal credentials via a…
CVE-1999-0875 — CVSS 7.5 (high): DHCP clients with ICMP Router Discovery Protocol (IRDP) enabled allow remote attackers to modify their default routes.
CVE-1999-0909 — CVSS 7.5 (high): Multihomed Windows systems allow a remote attacker to bypass IP source routing restrictions via a malformed packet with IP options, aka the…
CVE-2000-1079 — CVSS 7.5 (high): Interactions between the CIFS Browser Protocol and NetBIOS as implemented in Microsoft Windows 95, 98, NT, and 2000 allow remote attackers…
CVE-2001-0238 — CVSS 7.5 (high): Microsoft Data Access Component Internet Publishing Provider 8.103.2519.0 and earlier allows remote attackers to bypass Security Zone…
CVE-2002-0053 — CVSS 7.5 (high): Buffer overflow in SNMP agent service in Windows 95/98/98SE, Windows NT 4.0, Windows 2000, and Windows XP allows remote attackers to cause…
CVE-2002-1260 — CVSS 7.5 (high): The Java Database Connectivity (JDBC) APIs in Microsoft Virtual Machine (VM) 5.0.3805 and earlier allow remote attackers to bypass security…
CVE-2005-2388 — CVSS 7.2 (high): Buffer overflow in a certain USB driver, as used on Microsoft Windows, allows attackers to execute arbitrary code.
CVE-2000-0155 — CVSS 7.2 (high): Windows NT Autorun executes the autorun.inf file on non-removable media, which allows local attackers to specify an alternate program to…
CVE-2000-0979 — CVSS 6.4 (medium): File and Print Sharing service in Windows 95, Windows 98, and Windows Me does not properly check the password for a file share, which…
CVE-1999-1254 — CVSS 5.0 (medium): Windows 95, 98, and NT 4.0 allow remote attackers to cause a denial of service by spoofing ICMP redirect messages from a router, which…
CVE-1999-1291 — CVSS 5.0 (medium): TCP/IP implementation in Microsoft Windows 95, Windows NT 4.0, and possibly others, allows remote attackers to reset connections by forcing…
CVE-2002-1258 — CVSS 5.0 (medium): Two vulnerabilities in Microsoft Virtual Machine (VM) up to and including build 5.0.3805, as used in Internet Explorer and other…
CVE-1999-1105 — CVSS 5.0 (medium): Windows 95, when Remote Administration and File Sharing for NetWare Networks is enabled, creates a share (C$) when an administrator logs in…
CVE-1999-1201 — CVSS 5.0 (medium): Windows 95 and Windows 98 systems, when configured with multiple TCP/IP stacks bound to the same MAC address, allow remote attackers to…
CVE-2000-0980 — CVSS 5.0 (medium): NMPI (Name Management Protocol on IPX) listener in Microsoft NWLink does not properly filter packets from a broadcast address, which allows…
CVE-2000-1039 — CVSS 5.0 (medium): Various TCP/IP stacks and network applications allow remote attackers to cause a denial of service by flooding a target host with TCP…
CVE-2002-1325 — CVSS 5.0 (medium): Microsoft Virtual Machine (VM) build 5.0.3805 and earlier allows remote attackers to determine a local user's username via a Java applet…
CVE-1999-0444 — CVSS 5.0 (medium): Remote attackers can perform a denial of service in Windows machines using malicious ARP packets, forcing a message box display for each…
CVE-2000-0168 — CVSS 5.0 (medium): Microsoft Windows 9x operating systems allow an attacker to cause a denial of service via a pathname that includes file device names, aka…
CVE-2000-0347 — CVSS 5.0 (medium): Windows 95 and Windows 98 allow a remote attacker to cause a denial of service via a NetBIOS session request packet with a NULL source name.
CVE-2000-0404 — CVSS 5.0 (medium): The CIFS Computer Browser service allows remote attackers to cause a denial of service by sending a ResetBrowser frame to the Master…
CVE-2000-0612 — CVSS 5.0 (medium): Windows 95 and Windows 98 do not properly process spoofed ARP packets, which allows remote attackers to overwrite static entries in the…
CVE-2000-0742 — CVSS 5.0 (medium): The IPX protocol implementation in Microsoft Windows 95 and 98 allows remote attackers to cause a denial of service by sending a ping…
CVE-1999-1104 — CVSS 4.6 (medium): Windows 95 uses weak encryption for the password list (.pwl) file used when password caching is enabled, which allows local users to gain…
CVE-1999-0975 — CVSS 4.6 (medium): The Windows help system can allow a local user to execute commands as another user by editing a table of contents metafile with a .CNT…
CVE-2002-1692 — CVSS 3.6 (low): Buffer overflow in backup utility of Microsoft Windows 95 allows attackers to execute arbitrary code by causing a filename with a long…
CVE-2000-1003 — CVSS 2.6 (low): NETBIOS client in Windows 95 and Windows 98 allows a remote attacker to cause a denial of service by changing a file sharing service to…
CVE-1999-0749 — CVSS 2.6 (low): Buffer overflow in Microsoft Telnet client in Windows 95 and Windows 98 via a malformed Telnet argument.
CVE-2000-0129 — CVSS 2.1 (low): Buffer overflow in the SHGetPathFromIDList function of the Serv-U FTP server allows attackers to cause a denial of service by performing a…