Total
13458 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-3684 | 1 Emc | 1 Documentum Applicationxtender | 2025-04-09 | 10.0 HIGH | N/A |
|
Heap-based buffer overflow in aws_tmxn.exe in the Admin Agent service in the server in EMC Documentum ApplicationXtender Workflow, possibly 5.40 SP1 and earlier, allows remote attackers to execute arbitrary code via crafted packet data to TCP port 2606.
|
|||||
| CVE-2009-2404 | 4 Aol, Gnome, Mozilla and 1 more | 7 Instant Messenger, Evolution, Firefox and 4 more | 2025-04-09 | 9.3 HIGH | N/A |
|
Heap-based buffer overflow in a regular-expression parser in Mozilla Network Security Services (NSS) before 3.12.3, as used in Firefox, Thunderbird, SeaMonkey, Evolution, Pidgin, and AOL Instant Messenger (AIM), allows remote SSL servers to cause a denial of service (application crash) or possibly execute arbitrary code via a long domain name in the subject's Common Name (CN) field of an X.509 certificate, related to the cert_TestHostName function.
|
|||||
| CVE-2007-5543 | 1 Miranda-im | 1 Miranda Im | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in Miranda IM 0.6.8 and 0.7.0 allows remote attackers to execute arbitrary code via a crafted Yahoo! Messenger packet. NOTE: this might overlap CVE-2007-5590.
|
|||||
| CVE-2008-0957 | 1 Photostockplus | 1 Photostockplus Uploader Tool | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Multiple stack-based buffer overflows in the PhotoStockPlus Uploader Tool ActiveX control (PSPUploader.ocx) allow remote attackers to execute arbitrary code via unspecified initialization parameters.
|
|||||
| CVE-2008-1096 | 1 Imagemagick | 2 Graphicsmagick, Imagemagick | 2025-04-09 | 6.8 MEDIUM | N/A |
|
The load_tile function in the XCF coder in coders/xcf.c in (1) ImageMagick 6.2.8-0 and (2) GraphicsMagick (aka gm) 1.1.7 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted .xcf file that triggers an out-of-bounds heap write, possibly related to the ScaleCharToQuantum function.
|
|||||
| CVE-2009-1182 | 4 Apple, Foolabs, Glyphandcog and 1 more | 4 Cups, Xpdf, Xpdfreader and 1 more | 2025-04-09 | 7.5 HIGH | N/A |
|
Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file.
|
|||||
| CVE-2009-0019 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | 7.5 HIGH | N/A |
|
Remote Apple Events in Apple Mac OS X 10.4.11 and 10.5.6 allows remote attackers to cause a denial of service (application termination) or obtain sensitive information via unspecified vectors that trigger an out-of-bounds memory access.
|
|||||
| CVE-2007-3928 | 1 Yahoo | 1 Messenger | 2025-04-09 | 7.6 HIGH | N/A |
|
Buffer overflow in Yahoo! Messenger 8.1 allows user-assisted remote authenticated users to execute arbitrary code via a long e-mail address in an address book entry. NOTE: this might overlap CVE-2007-3638.
|
|||||
| CVE-2009-2121 | 1 Google | 1 Chrome | 2025-04-09 | 9.3 HIGH | N/A |
|
Buffer overflow in the browser kernel in Google Chrome before 2.0.172.33 allows remote HTTP servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted response.
|
|||||
| CVE-2007-5450 | 1 Apple | 3 Iphone Os, Ipod Touch, Safari | 2025-04-09 | 9.3 HIGH | N/A |
|
Unspecified vulnerability in Safari on the Apple iPod touch (aka iTouch) and iPhone 1.1.1 allows user-assisted remote attackers to cause a denial of service (application crash), and enable filesystem browsing by the local user, via a certain TIFF file.
|
|||||
| CVE-2008-2050 | 1 Php | 1 Php | 2025-04-09 | 10.0 HIGH | N/A |
|
Stack-based buffer overflow in the FastCGI SAPI (fastcgi.c) in PHP before 5.2.6 has unknown impact and attack vectors.
|
|||||
| CVE-2009-0349 | 1 Ftpshell | 1 Ftpshell Server | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in FTPShell Server 4.3 allows user-assisted remote attackers to cause a denial of service (persistent daemon crash) and possibly execute arbitrary code via a long string in a licensing key (aka .key) file.
|
|||||
| CVE-2006-6685 | 1 Pedro Lineu Orso | 1 Chetcpasswd | 2025-04-09 | 7.2 HIGH | N/A |
|
Heap-based buffer overflow in Pedro Lineu Orso chetcpasswd 2.3.3 allows local users to cause a denial of service (application crash) and possibly execute arbitrary code via a long REMOTE_ADDR environment variable. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.
|
|||||
| CVE-2008-4383 | 2 Alcatel, Alcatel-lucent | 2 Aos, Omniswitch | 2025-04-09 | 10.0 HIGH | N/A |
|
Stack-based buffer overflow in the Agranet-Emweb embedded management web server in Alcatel OmniSwitch OS7000, OS6600, OS6800, OS6850, and OS9000 Series devices with AoS 5.1 before 5.1.6.463.R02, 5.4 before 5.4.1.429.R01, 6.1.3 before 6.1.3.965.R01, 6.1.5 before 6.1.5.595.R01, and 6.3 before 6.3.1.966.R01 allows remote attackers to execute arbitrary code via a long Session cookie.
|
|||||
| CVE-2008-1207 | 1 Fujitsu | 8 Interstage Application Server Enterprise, Interstage Application Server Plus, Interstage Application Server Standard J and 5 more | 2025-04-09 | 5.0 MEDIUM | N/A |
|
Multiple unspecified vulnerabilities in Fujitsu Interstage Smart Repository, as used in multiple Fujitsu Interstage products, allow remote attackers to cause a denial of service (daemon crash) via (1) an invalid request or (2) a large amount of data sent to the registered attribute value.
|
|||||
| CVE-2009-0952 | 1 Apple | 1 Quicktime | 2025-04-09 | 9.3 HIGH | N/A |
|
Buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted compressed PSD image.
|
|||||
| CVE-2008-2097 | 1 Vmware | 2 Esx, Esxi | 2025-04-09 | 9.0 HIGH | N/A |
|
Buffer overflow in the openwsman management service in VMware ESXi 3.5 and ESX 3.5 allows remote authenticated users to gain privileges via an "invalid Content-Length."
|
|||||
| CVE-2007-4217 | 1 Ibm | 1 Aix | 2025-04-09 | 7.2 HIGH | N/A |
|
Stack-based buffer overflow in the domacro function in ftp in IBM AIX 5.2 and 5.3 allows local users to gain privileges via a long parameter to a macro, as demonstrated by executing a macro via the '$' command.
|
|||||
| CVE-2007-4517 | 1 Oracle | 1 Database Server | 2025-04-09 | 6.0 MEDIUM | N/A |
|
Buffer overflow in the XDB.XDB_PITRIG_PKG.PITRIG_DROPMETADATA procedure in Oracle 10g R2 allows remote authenticated users to execute arbitrary code via a long (1) OWNER or (2) NAME argument.
|
|||||
| CVE-2008-3626 | 1 Apple | 1 Quicktime | 2025-04-09 | 6.8 MEDIUM | N/A |
|
The CallComponentFunctionWithStorage function in Apple QuickTime before 7.5.5 does not properly handle a large entry in the sample_size_table in STSZ atoms, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file.
|
|||||
| CVE-2007-4681 | 1 Apple | 1 Mac Os X | 2025-04-09 | 6.9 MEDIUM | N/A |
|
Buffer overflow in CoreFoundation in Apple Mac OS X 10.3.9 and 10.4 through 10.4.10 allows local users to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted directory hierarchy.
|
|||||
| CVE-2008-4548 | 1 Rtssentry | 1 Rtssentry | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in the PTZCamPanelCtrl ActiveX control (CamPanel.dll) in RTS Sentry 2.1.0.2 allows remote attackers to execute arbitrary code via a long second argument to the ConnectServer method.
|
|||||
| CVE-2008-0997 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Stack-based buffer overflow in AppKit in Apple Mac OS X 10.4.11 allows user-assisted remote attackers to cause a denial of service (application termination) and execute arbitrary code via a crafted PostScript Printer Description (PPD) file that is not properly handled when querying a network printer.
|
|||||
| CVE-2008-1943 | 2 Redhat, Xensource | 4 Desktop, Enterprise Linux, Virtualization Server and 1 more | 2025-04-09 | 2.1 LOW | N/A |
|
Buffer overflow in the backend of XenSource Xen Para Virtualized Frame Buffer (PVFB) 3.0 through 3.1.2 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted description of a shared framebuffer.
|
|||||
| CVE-2008-5073 | 1 Novell | 1 Zenworks Desktop Management | 2025-04-09 | 9.3 HIGH | N/A |
|
Heap-based buffer overflow in an ActiveX control in Novell ZENworks Desktop Management 6.5 allows remote attackers to execute arbitrary code via a long argument to the CanUninstall method.
|
|||||
| CVE-2008-5868 | 1 Intellitamper | 1 Intellitamper | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in IntelliTamper 2.07 and 2.08 allows user-assisted attackers to execute arbitrary code via a long ProxyLogin value in a configuration (.cfg) file.
|
|||||
| CVE-2007-0062 | 1 Vmware | 5 Ace, Player, Server and 2 more | 2025-04-09 | 10.0 HIGH | N/A |
|
Integer overflow in the ISC dhcpd 3.0.x before 3.0.7 and 3.1.x before 3.1.1; and the DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528; allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code via a malformed DHCP packet with a large dhcp-max-m ...
Show More |
|||||
| CVE-2008-5246 | 1 Xine | 1 Xine-lib | 2025-04-09 | 9.3 HIGH | N/A |
|
Multiple heap-based buffer overflows in xine-lib before 1.1.15 allow remote attackers to execute arbitrary code via vectors that send ID3 data to the (1) id3v22_interp_frame and (2) id3v24_interp_frame functions in src/demuxers/id3.c. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
|
|||||
| CVE-2009-3058 | 1 Aksoft | 1 Akplayer | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in akPlayer 1.9.0 allows remote attackers to execute arbitrary code via a long string in a .plt playlist file.
|
|||||
| CVE-2009-1132 | 1 Microsoft | 2 Windows Server 2008, Windows Vista | 2025-04-09 | 9.3 HIGH | N/A |
|
Heap-based buffer overflow in the Wireless LAN AutoConfig Service (aka Wlansvc) in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a malformed wireless frame, aka "Wireless Frame Parsing Remote Code Execution Vulnerability."
|
|||||
| CVE-2008-1610 | 1 Tallsoft Quick | 1 Tftp Server Pro | 2025-04-09 | 7.5 HIGH | N/A |
|
Stack-based buffer overflow in TallSoft Quick TFTP Server Pro 2.1 allows remote attackers to cause a denial of service or execute arbitrary code via a long mode field in a read or write request.
|
|||||
| CVE-2009-0001 | 2 Apple, Microsoft | 4 Mac Os X, Quicktime, Windows Vista and 1 more | 2025-04-09 | 9.3 HIGH | N/A |
|
Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a crafted RTSP URL.
|
|||||
| CVE-2007-2510 | 1 Php | 1 Php | 2025-04-09 | 5.1 MEDIUM | N/A |
|
Buffer overflow in the make_http_soap_request function in PHP before 5.2.2 has unknown impact and remote attack vectors, possibly related to "/" (slash) characters.
|
|||||
| CVE-2009-2719 | 1 Sun | 1 Java Se | 2025-04-09 | 5.0 MEDIUM | N/A |
|
The Java Web Start implementation in Sun Java SE 6 before Update 15 allows context-dependent attackers to cause a denial of service (NullPointerException) via a crafted .jnlp file, as demonstrated by the jnlp_file/appletDesc/index.html#misc test in the Technology Compatibility Kit (TCK) for the Java Network Launching Protocol (JNLP).
|
|||||
| CVE-2007-0447 | 1 Symantec | 13 Antivirus Scan Engine, Brightmail Antispam, Client Security and 10 more | 2025-04-09 | 9.3 HIGH | N/A |
|
Heap-based buffer overflow in the Decomposer component in multiple Symantec products allows remote attackers to execute arbitrary code via multiple crafted CAB archives.
|
|||||
| CVE-2008-4631 | 1 Myer Sound Laboratories | 1 Muscle | 2025-04-09 | 10.0 HIGH | N/A |
|
Stack-based buffer overflow in the Message::AddToString function in message/Message.cpp in MUSCLE before 4.40 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted message. NOTE: some of these details are obtained from third party information.
|
|||||
| CVE-2008-0467 | 1 Firebirdsql | 1 Firebird | 2025-04-09 | 10.0 HIGH | N/A |
|
Stack-based buffer overflow in Firebird before 2.0.4, and 2.1.x before 2.1.0 RC1, might allow remote attackers to execute arbitrary code via a long username.
|
|||||
| CVE-2007-5399 | 2 Autonomy, Ibm | 2 Keyview, Lotus Notes | 2025-04-09 | 9.3 HIGH | N/A |
|
Multiple heap-based buffer overflows in emlsr.dll in the EML reader in Autonomy (formerly Verity) KeyView 10.3.0.0, as used by IBM Lotus Notes, allow remote attackers to execute arbitrary code via a long (1) To, (2) Cc, (3) Bcc, (4) From, (5) Date, (6) Subject, (7) Priority, (8) Importance, or (9) X-MSMail-Priority header; (10) a long string at the beginning of an RFC2047 encoded-word in a header; (11) a long text string in an RFC2047 encoded-word in a header; or (12) a long Subject header, rela ...
Show More |
|||||
| CVE-2009-2865 | 1 Cisco | 2 Ios, Unified Communications Manager Express | 2025-04-09 | 7.6 HIGH | N/A |
|
Buffer overflow in the login implementation in the Extension Mobility feature in the Unified Communications Manager Express (CME) component in Cisco IOS 12.4XW, 12.4XY, 12.4XZ, and 12.4YA allows remote attackers to execute arbitrary code or cause a denial of service via crafted HTTP requests, aka Bug ID CSCsq58779.
|
|||||
| CVE-2009-0954 | 1 Apple | 1 Quicktime | 2025-04-09 | 9.3 HIGH | N/A |
|
Heap-based buffer overflow in Apple QuickTime before 7.6.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a movie file containing crafted Clipping Region (CRGN) atom types.
|
|||||