Total
13458 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-2541 | 1 Ca | 1 Etrust Secure Content Manager | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple stack-based buffer overflows in the HTTP Gateway Service (icihttp.exe) in CA eTrust Secure Content Manager 8.0 allow remote attackers to execute arbitrary code or cause a denial of service via long FTP responses, related to (1) the file month field in a LIST command; (2) the PASV command; and (3) directories, files, and links in a LIST command.
|
|||||
| CVE-2008-0912 | 1 Sybase | 2 Mobilink, Sql Anywhere | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple heap-based buffer overflows in mlsrv10.exe in Sybase MobiLink 10.0.1.3629 and earlier, as used by SQL Anywhere Developer Edition 10.0.1.3415 and probably other products, allow remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a long (1) username, (2) version, or (3) remote ID. NOTE: some of these details are obtained from third party information.
|
|||||
| CVE-2007-6377 | 1 Badblue | 1 Badblue | 2025-04-09 | 7.5 HIGH | N/A |
|
Stack-based buffer overflow in the PassThru functionality in ext.dll in BadBlue 2.72b and earlier allows remote attackers to execute arbitrary code via a long query string.
|
|||||
| CVE-2007-2418 | 1 Cerulean Studios | 1 Trillian Pro | 2025-04-09 | 10.0 HIGH | N/A |
|
Heap-based buffer overflow in the Rendezvous / Extensible Messaging and Presence Protocol (XMPP) component (plugins\rendezvous.dll) for Cerulean Studios Trillian Pro before 3.1.5.1 allows remote attackers to execute arbitrary code via a message that triggers the overflow from expansion that occurs during encoding.
|
|||||
| CVE-2009-0410 | 1 Novell | 1 Groupwise | 2025-04-09 | 10.0 HIGH | N/A |
|
Off-by-one error in the SMTP daemon in GroupWise Internet Agent (GWIA) in Novell GroupWise 6.5x, 7.0, 7.01, 7.02, 7.03, 7.03HP1a, and 8.0 allows remote attackers to execute arbitrary code via a long e-mail address in a malformed RCPT command, leading to a buffer overflow.
|
|||||
| CVE-2008-0646 | 2 Deluge Team, Rasterbar Software | 2 Deluge, Libtorrent | 2025-04-09 | 7.8 HIGH | N/A |
|
The bdecode_recursive function in include/libtorrent/bencode.hpp in Rasterbar Software libtorrent before 0.12.1, as used in Deluge before 0.5.8.3 and other products, allows context-dependent attackers to cause a denial of service (stack exhaustion and crash) via a crafted bencoded message.
|
|||||
| CVE-2007-4812 | 1 Apple | 1 Safari | 2025-04-09 | 5.0 MEDIUM | N/A |
|
Buffer overflow in Apple Safari 3.0.3 522.15.5, and other versions before Beta Update 3.0.4, allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact by setting document.location.hash to a long string. NOTE: the crash might actually occur in the alert method.
|
|||||
| CVE-2009-3476 | 1 Internet2 | 3 Opensaml, Shibboleth-sp, Xmltooling | 2025-04-09 | 9.3 HIGH | N/A |
|
Buffer overflow in OpenSAML before 1.1.3 as used in Internet2 Shibboleth Service Provider software 1.3.x before 1.3.4, and XMLTooling before 1.2.2 as used in Internet2 Shibboleth Service Provider software 2.x before 2.2.1, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed encoded URL.
|
|||||
| CVE-2009-0176 | 1 Research In Motion Limited | 3 Blackberry Enterprise Server, Blackberry Professional Software, Blackberry Unite | 2025-04-09 | 9.3 HIGH | N/A |
|
Multiple heap-based buffer overflows in the PDF distiller in the Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) 4.1.3 through 4.1.6, BlackBerry Professional Software 4.1.4, and BlackBerry Unite! before 1.0.3 bundle 28 allow user-assisted remote attackers to execute arbitrary code via (1) a crafted stream in a .pdf file, related to "symWidths"; or (2) a crafted data stream in a .pdf file, related to "bitmaps."
|
|||||
| CVE-2009-4309 | 1 Microsoft | 4 Windows 2000, Windows 2003 Server, Windows Media Player and 1 more | 2025-04-09 | 9.3 HIGH | N/A |
|
Heap-based buffer overflow in the Intel Indeo41 codec for Windows Media Player in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via a large size value in a movi record in an IV41 stream in a media file, as demonstrated by an AVI file.
|
|||||
| CVE-2008-5048 | 1 Isecsoft | 1 Anti-trojan Elite | 2025-04-09 | 7.2 HIGH | N/A |
|
Buffer overflow in Atepmon.sys in ISecSoft Anti-Trojan Elite 4.2.1 and earlier, and possibly 4.2.2, allows local users to cause a denial of service (crash) and possibly execute arbitrary code via long inputs to the 0x00222494 IOCTL.
|
|||||
| CVE-2009-2193 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | 10.0 HIGH | N/A |
|
Buffer overflow in the kernel in Apple Mac OS X 10.5 before 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (system crash) via a crafted AppleTalk response packet.
|
|||||
| CVE-2008-6071 | 1 Graphicsmagick | 1 Graphicsmagick | 2025-04-09 | 10.0 HIGH | N/A |
|
Heap-based buffer overflow in the DecodeImage function in coders/pict.c in GraphicsMagick before 1.1.14, and 1.2.x before 1.2.3, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted PICT image. NOTE: some of these details are obtained from third party information.
|
|||||
| CVE-2006-7222 | 1 Guliverkli | 1 Media Player Classic | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Buffer overflow in the CFLICStream::_deltachunk function in FLICSource.cpp in Media Player Classic (MPC) 6.4.9.0 allows user-assisted remote attackers to execute arbitrary code via a crafted FLI file.
|
|||||
| CVE-2008-2363 | 1 Pan | 1 Pan | 2025-04-09 | 9.3 HIGH | N/A |
|
The PartsBatch class in Pan 0.132 and earlier does not properly manage the data structures for Parts batches, which allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted .nzb file that triggers a heap-based buffer overflow.
|
|||||
| CVE-2009-0185 | 1 Apple | 1 Quicktime | 2025-04-09 | 9.3 HIGH | N/A |
|
Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted MS ADPCM encoded audio data in an AVI movie file.
|
|||||
| CVE-2007-5929 | 1 Openbase International Ltd | 1 Openbase | 2025-04-09 | 9.0 HIGH | N/A |
|
Buffer overflow in OpenBase 10.0.5 and earlier might allow remote authenticated users to execute arbitrary code or cause a denial of service (daemon crash) by creating a stored procedure with a long name and invoking this procedure, which triggers heap corruption.
|
|||||
| CVE-2008-5406 | 1 Apple | 2 Itunes, Quicktime | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in Apple QuickTime Player 7.5.5 and iTunes 8.0.2.20 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a MOV file with "long arguments," related to an "off by one overflow."
|
|||||
| CVE-2007-6701 | 2 Microsoft, Novell | 2 Windows, Client | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple stack-based buffer overflows in the Spooler service (nwspool.dll) in Novell Client 4.91 SP4 for Windows allow remote attackers to execute arbitrary code via long arguments to multiple unspecified RPC functions, aka Novell bug 287919, a different vulnerability than CVE-2007-2954.
|
|||||
| CVE-2009-3853 | 1 Ibm | 1 Tivoli Storage Manager | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in the client acceptor daemon (CAD) scheduler in the client in IBM Tivoli Storage Manager (TSM) 5.3 before 5.3.6.7, 5.4 before 5.4.3, 5.5 before 5.5.2.2, and 6.1 before 6.1.0.2, and TSM Express 5.3.3.0 through 5.3.6.6, allows remote attackers to execute arbitrary code via crafted data in a TCP packet.
|
|||||
| CVE-2008-0625 | 1 Yahoo | 1 Music Jukebox | 2025-04-09 | 4.3 MEDIUM | N/A |
|
Buffer overflow in the MediaGrid ActiveX control (mediagrid.dll) in Yahoo! Music Jukebox 2.2.2.56 allows remote attackers to execute arbitrary code via a long argument to the AddBitmap method.
|
|||||
| CVE-2008-4572 | 1 Guildftpd | 1 Guildftpd | 2025-04-09 | 10.0 HIGH | N/A |
|
GuildFTPd 0.999.14, and possibly other versions, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long arguments to the CWD and LIST commands, which triggers heap corruption related to an improper free call, and possibly triggering a heap-based buffer overflow.
|
|||||
| CVE-2007-0074 | 1 Trend Micro | 1 Serverprotect | 2025-04-09 | 10.0 HIGH | N/A |
|
Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to a folder read operation over RPC.
|
|||||
| CVE-2009-3996 | 2 Nullsoft, Raphael Assenat | 2 Winamp, Libmikmod | 2025-04-09 | 9.3 HIGH | N/A |
|
Heap-based buffer overflow in IN_MOD.DLL (aka the Module Decoder Plug-in) in Winamp before 5.57, and libmikmod 3.1.12, might allow remote attackers to execute arbitrary code via an Ultratracker file.
|
|||||
| CVE-2008-0747 | 1 Cowon America | 1 Jetaudio Basic | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in COWON America jetAudio 7.0.5 and earlier allows user-assisted remote attackers to execute arbitrary code via a long URL in a .asx file, a different vulnerability than CVE-2007-5487.
|
|||||
| CVE-2007-1470 | 1 Netsw | 1 Libftp | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Multiple buffer overflows in LIBFtp 5.0 allow user-assisted remote attackers to execute arbitrary code via certain long arguments to the (1) FtpArchie, (2) FtpDebugDebug, (3) FtpOpenDir, (4) FtpSize, or (5) FtpChmod function.
|
|||||
| CVE-2008-5386 | 1 Ibm | 1 Aix | 2025-04-09 | 6.9 MEDIUM | N/A |
|
Buffer overflow in ndp in IBM AIX 6.1.0 through 6.1.2, when the netcd daemon is running, allows local users to gain privileges via unspecified vectors.
|
|||||
| CVE-2009-1868 | 1 Adobe | 3 Air, Flash Player, Flex | 2025-04-09 | 9.3 HIGH | N/A |
|
Heap-based buffer overflow in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors involving URL parsing.
|
|||||
| CVE-2007-4823 | 1 Google | 1 Picasa | 2025-04-09 | 7.5 HIGH | N/A |
|
Multiple buffer overflows in Google Picasa have unspecified attack vectors and impact. NOTE: this information is based upon a vague pre-advisory.
|
|||||
| CVE-2008-4539 | 4 Canonical, Debian, Kvm Qumranet and 1 more | 4 Ubuntu Linux, Debian Linux, Kvm and 1 more | 2025-04-09 | 7.2 HIGH | N/A |
|
Heap-based buffer overflow in the Cirrus VGA implementation in (1) KVM before kvm-82 and (2) QEMU on Debian GNU/Linux and Ubuntu might allow local users to gain privileges by using the VNC console for a connection, aka the LGD-54XX "bitblt" heap overflow. NOTE: this issue exists because of an incorrect fix for CVE-2007-1320.
|
|||||
| CVE-2007-3832 | 1 Cerulean Studios | 1 Trillian | 2025-04-09 | 9.3 HIGH | N/A |
|
Buffer overflow in the AOL Instant Messenger (AIM) protocol handler in AIM.DLL in Cerulean Studios Trillian allows remote attackers to execute arbitrary code via a malformed aim: URI, as demonstrated by a long URI beginning with the aim:///#1111111/ substring.
|
|||||
| CVE-2008-2573 | 1 Freesshd | 1 Freesshd | 2025-04-09 | 8.5 HIGH | N/A |
|
Stack-based buffer overflow in SFTP in freeSSHd 1.2.1 allows remote authenticated users to execute arbitrary code via a long directory name in an SSH_FXP_OPENDIR (aka opendir) command.
|
|||||
| CVE-2009-4376 | 1 Wireshark | 1 Wireshark | 2025-04-09 | 9.3 HIGH | N/A |
|
Buffer overflow in the daintree_sna_read function in the Daintree SNA file parser in Wireshark 1.2.0 through 1.2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet.
|
|||||
| CVE-2007-4033 | 2 Php, T1lib | 2 Php, T1lib | 2025-04-09 | 7.5 HIGH | N/A |
|
Buffer overflow in the intT1_EnvGetCompletePath function in lib/t1lib/t1env.c in t1lib 5.1.1 allows context-dependent attackers to execute arbitrary code via a long FileName parameter. NOTE: this issue was originally reported to be in the imagepsloadfont function in php_gd2.dll in the gd (PHP_GD2) extension in PHP 5.2.3.
|
|||||
| CVE-2009-0512 | 1 Adobe | 2 Acrobat, Acrobat Reader | 2025-04-09 | 9.3 HIGH | N/A |
|
Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2009-0510, CVE-2009-0511, CVE-2009-0888, and CVE-2009-0889.
|
|||||
| CVE-2009-1382 | 1 Forkosh | 1 Mimetex | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple stack-based buffer overflows in mimetex.cgi in mimeTeX, when downloaded before 20090713, allow remote attackers to execute arbitrary code via a TeX file with long (1) picture, (2) circle, or (3) input tags.
|
|||||
| CVE-2007-5137 | 1 Tcl Tk | 1 Tcl Tk | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Buffer overflow in the ReadImage function in generic/tkImgGIF.c in Tcl (Tcl/Tk) 8.4.13 through 8.4.15 allows remote attackers to execute arbitrary code via multi-frame interlaced GIF files in which later frames are smaller than the first. NOTE: this issue is due to an incorrect patch for CVE-2007-5378.
|
|||||
| CVE-2008-5354 | 1 Sun | 3 Jdk, Jre, Sdk | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows locally-launched and possibly remote untrusted Java applications to execute arbitrary code via a JAR file with a long Main-Class manifest entry.
|
|||||
| CVE-2009-0175 | 1 Heathcosoft | 1 Mp3 Trackmaker | 2025-04-09 | 9.3 HIGH | N/A |
|
Heap-based buffer overflow in Heathco Software MP3 TrackMaker 1.5 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long string in an invalid .mp3 file.
|
|||||
| CVE-2009-4251 | 1 Corel | 1 Paint Shop Pro | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in Jasc Paint Shop Pro 8.10 (aka Corel Paint Shop Pro) allows user-assisted remote attackers to execute arbitrary code via a crafted PNG file. NOTE: this might be the same issue as CVE-2007-2366.
|
|||||