Total
13458 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-5169 | 1 Adobe | 1 Pagemaker | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in MAIPM6.dll in Adobe PageMaker 7.0.1 and 7.0.2 on Windows allows user-assisted remote attackers to execute arbitrary code via a long font name in a .PMD file.
|
|||||
| CVE-2008-1925 | 1 Inspircd | 1 Inspircd | 2025-04-09 | 5.0 MEDIUM | N/A |
|
Buffer overflow in InspIRCd before 1.1.18, when using the namesx and uhnames modules, allows remote attackers to cause a denial of service (daemon crash) via a large number of channel users with crafted nicknames, idents, and long hostnames.
|
|||||
| CVE-2007-5365 | 5 Debian, Openbsd, Redhat and 2 more | 7 Debian Linux, Openbsd, Enterprise Linux and 4 more | 2025-04-09 | 7.2 HIGH | N/A |
|
Stack-based buffer overflow in the cons_options function in options.c in dhcpd in OpenBSD 4.0 through 4.2, and some other dhcpd implementations based on ISC dhcp-2, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a DHCP request specifying a maximum message size smaller than the minimum IP MTU.
|
|||||
| CVE-2007-5263 | 1 Battlefront | 1 Dropteam | 2025-04-09 | 7.5 HIGH | N/A |
|
Multiple buffer overflows in Battlefront Dropteam 1.3.3 and earlier allow remote attackers to execute arbitrary code via (1) a crafted "0x5c" packet or (2) many 32-bit numbers in a "0x18" packet, or cause a denial of service (crash) via (3) a large "0x4b" packet.
|
|||||
| CVE-2009-0261 | 1 Effectmatrix | 1 Total Video Player | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in EffectMatrix Total Video Player 1.31 allows user-assisted attackers to execute arbitrary code via a Skins\DefaultSkin\DefaultSkin.ini file with a large ColumnHeaderSpan value.
|
|||||
| CVE-2007-0041 | 1 Microsoft | 5 .net Framework, Windows 2000, Windows 2003 Server and 2 more | 2025-04-09 | 9.3 HIGH | N/A |
|
The PE Loader service in Microsoft .NET Framework 1.0, 1.1, and 2.0 for Windows 2000, XP, Server 2003, and Vista allows remote attackers to execute arbitrary code via unspecified vectors involving an "unchecked buffer" and unvalidated message lengths, probably a buffer overflow.
|
|||||
| CVE-2007-6681 | 1 Videolan | 1 Vlc | 2025-04-09 | 7.5 HIGH | N/A |
|
Stack-based buffer overflow in modules/demux/subtitle.c in VideoLAN VLC 0.8.6d allows remote attackers to execute arbitrary code via a long subtitle in a (1) MicroDvd, (2) SSA, and (3) Vplayer file.
|
|||||
| CVE-2008-3338 | 1 Tibco | 4 Hawk, Iprocess Engine, Mainframe Service Tracker and 1 more | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple buffer overflows in TIBCO Hawk (1) AMI C library (libtibhawkami) and (2) Hawk HMA (tibhawkhma), as used in TIBCO Hawk before 4.8.1; Runtime Agent (TRA) before 5.6.0; iProcess Engine 10.3.0 through 10.6.2 and 11.0.0; and Mainframe Service Tracker before 1.1.0 might allow remote attackers to execute arbitrary code via a crafted message.
|
|||||
| CVE-2009-3483 | 1 Globalscape | 1 Cuteftp | 2025-04-09 | 9.3 HIGH | N/A |
|
Heap-based buffer overflow in the Create New Site feature in GlobalSCAPE CuteFTP Professional, Home, and Lite 8.3.3 and 8.3.3.0054 allows user-assisted remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a site list containing an entry with a long label.
|
|||||
| CVE-2008-4563 | 2 Ibm, Microsoft | 3 Tivoli Storage Manager, Tivoli Storage Manager Express, Windows | 2025-04-09 | 10.0 HIGH | N/A |
|
Heap-based buffer overflow in adsmdll.dll 5.3.7.7296, as used by the daemon (dsmsvc.exe) in the backup server in IBM Tivoli Storage Manager (TSM) Express 5.3.7.3 and earlier and TSM 5.2, 5.3 before 5.3.6.0, and 5.4.0.0 through 5.4.4.0, allows remote attackers to execute arbitrary code via a crafted length value.
|
|||||
| CVE-2007-5257 | 1 Edraw | 1 Office Viewer Component | 2025-04-09 | 10.0 HIGH | N/A |
|
Stack-based buffer overflow in the EDraw.OfficeViewer ActiveX control in officeviewer.ocx in EDraw Office Viewer Component 5.3.220.1 and earlier allows remote attackers to execute arbitrary code via long strings in the first and second arguments to the FtpDownloadFile method, a different vector than CVE-2007-4821 and CVE-2007-3169.
|
|||||
| CVE-2008-0056 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Stack-based buffer overflow in Foundation in Apple Mac OS X 10.4.11 allows context-dependent attackers to execute arbitrary code via a "long pathname with an unexpected structure" that triggers the overflow in NSFileManager.
|
|||||
| CVE-2007-0718 | 1 Apple | 1 Quicktime | 2025-04-09 | 5.8 MEDIUM | N/A |
|
Heap-based buffer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a QTIF file with a Video Sample Description containing a Color table ID of 0, which triggers memory corruption when QuickTime assumes that a color table exists.
|
|||||
| CVE-2008-2959 | 1 Microsoft | 1 Visual Basic Enterprise Edition | 2025-04-09 | 9.3 HIGH | N/A |
|
Buffer overflow in a certain ActiveX control (vb6skit.dll) in Microsoft Visual Basic Enterprise Edition 6.0 SP6 might allow remote attackers to execute arbitrary code via a long lpstrLinkPath argument to the fCreateShellLink function.
|
|||||
| CVE-2007-5941 | 1 Adobe | 1 Shockwave Player | 2025-04-09 | 10.0 HIGH | N/A |
|
Stack-based buffer overflow in the SWCtl.SWCtl ActiveX control in Adobe Shockwave allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long argument to the ShockwaveVersion method.
|
|||||
| CVE-2008-4193 | 1 Alt-n | 1 Securitygateway | 2025-04-09 | 10.0 HIGH | N/A |
|
Stack-based buffer overflow in SecurityGateway.dll in Alt-N Technologies SecurityGateway 1.0.1 allows remote attackers to execute arbitrary code via a long username parameter.
|
|||||
| CVE-2009-3428 | 1 Otbcode | 1 Easy Music Player | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in Easy Music Player 1.0.0.2 allows remote attackers to execute arbitrary code via a crafted .wav file.
|
|||||
| CVE-2009-2364 | 1 Mp3-nator | 1 Mp3-nator | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in Mp3-Nator 2.0 allows remote attackers to execute arbitrary code via (1) a long string in a .plf file and (2) a long string in the listdata.dat file, possibly related to a track entry.
|
|||||
| CVE-2007-5378 | 1 Tcl Tk | 1 Tk Toolkit | 2025-04-09 | 4.3 MEDIUM | N/A |
|
Buffer overflow in the FileReadGIF function in tkImgGIF.c for Tk Toolkit 8.4.12 and earlier, and 8.3.5 and earlier, allows user-assisted attackers to cause a denial of service (segmentation fault) via an animated GIF in which the first subimage is smaller than a subsequent subimage, which triggers the overflow in the ReadImage function, a different vulnerability than CVE-2007-5137.
|
|||||
| CVE-2009-4313 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2025-04-09 | 9.3 HIGH | N/A |
|
ir32_32.dll 3.24.15.3 in the Indeo32 codec in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to cause a denial of service (heap corruption) or execute arbitrary code via malformed data in a stream in a media file, as demonstrated by an AVI file.
|
|||||
| CVE-2009-0376 | 1 Realnetworks | 1 Realplayer | 2025-04-09 | 9.3 HIGH | N/A |
|
Heap-based buffer overflow in a DLL file in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to execute arbitrary code via a crafted Internet Video Recording (IVR) file with a modified field that controls an unspecified structure length and triggers heap corruption, related to use of RealPlayer through a Windows Exp ...
Show More |
|||||
| CVE-2009-4549 | 1 Cdmi | 1 A2 Media Player Pro | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in A2 Media Player Pro 2.51 allows remote attackers to execute arbitrary code via a long string in a (1) .m3u or (2) .m3l playlist file.
|
|||||
| CVE-2008-5401 | 2 Cerulean Studios, Ceruleanstudios | 4 Trillian, Trillian Pro, Trillian and 1 more | 2025-04-09 | 10.0 HIGH | N/A |
|
Stack-based buffer overflow in the image tooltip implementation in Trillian before 3.1.12.0 allows remote attackers to execute arbitrary code via a long image filename, related to "AIM IMG Tag Parsing."
|
|||||
| CVE-2009-0824 | 1 Slysoft | 4 Anydvd, Clonecd, Clonedvd and 1 more | 2025-04-09 | 4.9 MEDIUM | N/A |
|
Elaborate Bytes ElbyCDIO.sys 6.0.2.0 and earlier, as distributed in SlySoft AnyDVD before 6.5.2.6, Virtual CloneDrive 5.4.2.3 and earlier, CloneDVD 2.9.2.0 and earlier, and CloneCD 5.3.1.3 and earlier, uses the METHOD_NEITHER communication method for IOCTLs and does not properly validate a buffer associated with the Irp object, which allows local users to cause a denial of service (system crash) via a crafted IOCTL call.
|
|||||
| CVE-2008-4452 | 1 Cambridge Computer Corporation | 1 Vxftpsrv | 2025-04-09 | 9.0 HIGH | N/A |
|
Buffer overflow in Cambridge Computer Corporation vxFtpSrv 2.0.3 allows remote attackers to cause a denial of service (crash and hang) and possibly execute arbitrary code via a long CWD request.
|
|||||
| CVE-2007-3680 | 1 Ibm | 1 Aix | 2025-04-09 | 7.2 HIGH | N/A |
|
Stack-based buffer overflow in the odm_searchpath function in libodm in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary code via a long ODMPATH environment variable.
|
|||||
| CVE-2008-3531 | 1 Freebsd | 1 Freebsd | 2025-04-09 | 6.9 MEDIUM | N/A |
|
Stack-based buffer overflow in sys/kern/vfs_mount.c in the kernel in FreeBSD 7.0 and 7.1, when vfs.usermount is enabled, allows local users to gain privileges via a crafted (1) mount or (2) nmount system call, related to copying of "user defined data" in "certain error conditions."
|
|||||
| CVE-2007-0460 | 1 Suse | 1 Suse Linux | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple buffer overflows in ulogd for SUSE Linux 9.3 up to 10.1, and possibly other distributions, have unknown impact and attack vectors related to "improper string length calculations."
|
|||||
| CVE-2008-4867 | 2 Ffmpeg, Mplayer | 2 Ffmpeg, Mplayer | 2025-04-09 | 10.0 HIGH | N/A |
|
Buffer overflow in libavcodec/dca.c in FFmpeg 0.4.9 before r14917, as used by MPlayer, allows context-dependent attackers to have an unknown impact via vectors related to an incorrect DCA_MAX_FRAME_SIZE value.
|
|||||
| CVE-2008-2922 | 1 T0pp8uzz | 1 Dana Irc Client | 2025-04-09 | 7.5 HIGH | N/A |
|
Stack-based buffer overflow in artegic Dana IRC client 1.3 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long IRC message.
|
|||||
| CVE-2009-2195 | 2 Apple, Microsoft | 5 Mac Os X, Mac Os X Server, Safari and 2 more | 2025-04-09 | 9.3 HIGH | N/A |
|
Buffer overflow in WebKit in Apple Safari before 4.0.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted floating-point numbers.
|
|||||
| CVE-2008-4038 | 1 Microsoft | 5 Windows 2000, Windows Server 2003, Windows Server 2008 and 2 more | 2025-04-09 | 10.0 HIGH | N/A |
|
Buffer underflow in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote attackers to execute arbitrary code via a Server Message Block (SMB) request that contains a filename with a crafted length, aka "SMB Buffer Underflow Vulnerability."
|
|||||
| CVE-2008-6444 | 1 Baidu | 1 Baidu Hi | 2025-04-09 | 10.0 HIGH | N/A |
|
Stack-based buffer overflow in CSTransfer.dll in Baidu Hi IM might allow remote attackers to execute arbitrary code via a crafted packet, probably related to an improper length value.
|
|||||
| CVE-2009-3221 | 1 Basicunivers.free.fr | 1 Audio Lib Player | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in Audio Lib Player (ALP) allows remote attackers to execute arbitrary code via a long URL in a .m3u playlist file.
|
|||||
| CVE-2009-4361 | 1 Ibm | 1 Aix | 2025-04-09 | 7.2 HIGH | N/A |
|
Multiple buffer overflows in qoslist in IBM AIX 6.1 allow local users to cause a denial of service (application crash) or possibly gain privileges via a long string argument. NOTE: some of these details are obtained from third party information.
|
|||||
| CVE-2009-2703 | 1 Pidgin | 2 Libpurple, Pidgin | 2025-04-09 | 5.0 MEDIUM | N/A |
|
libpurple/protocols/irc/msgs.c in the IRC protocol plugin in libpurple in Pidgin before 2.6.2 allows remote IRC servers to cause a denial of service (NULL pointer dereference and application crash) via a TOPIC message that lacks a topic string.
|
|||||
| CVE-2009-2026 | 1 Ca | 4 Advantage Data Transport, It Client Manager, Software Delivery and 1 more | 2025-04-09 | 10.0 HIGH | N/A |
|
Stack-based buffer overflow in a token searching function in the dtscore library in Data Transport Services in CA Software Delivery r11.2 C1, C2, C3, and SP4; Unicenter Software Delivery 4.0 C3; CA Advantage Data Transport 3.0 C1; and CA IT Client Manager r12 allows remote attackers to execute arbitrary code via crafted data.
|
|||||
| CVE-2007-2954 | 1 Novell | 1 Client | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple stack-based buffer overflows in the Spooler service (nwspool.dll) in Novell Client 4.91 SP2 through SP4 for Windows allow remote attackers to execute arbitrary code via certain long arguments to the (1) RpcAddPrinterDriver, (2) RpcGetPrinterDriverDirectory, and other unspecified RPC requests, aka Novell bug 300870, a different vulnerability than CVE-2006-5854.
|
|||||
| CVE-2007-5723 | 1 Nufw | 1 Nufw | 2025-04-09 | 5.0 MEDIUM | N/A |
|
Heap-based buffer overflow in the samp_send function in nuauth/sasl.c in NuFW before 2.2.7 allows remote attackers to cause a denial of service via unspecified input on which base64 encoding is performed. NOTE: some of these details are obtained from third party information.
|
|||||
| CVE-2008-2008 | 1 Cerulean Studios | 1 Trillian | 2025-04-09 | 9.3 HIGH | N/A |
|
Buffer overflow in the Display Names message feature in Cerulean Studios Trillian Basic and Pro 3.1.9.0 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long nickname in an MSN protocol message.
|
|||||