Total
13458 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-0689 | 5 Freebsd, K-meleon Project, Mozilla and 2 more | 6 Freebsd, K-meleon, Firefox and 3 more | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4, K-Meleon 1.5.3, SeaMonkey 1.1.8, and other products, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large ...
Show More |
|||||
| CVE-2008-5662 | 1 Sun | 1 Java Wireless Toolkit For Cldc | 2025-04-09 | 9.3 HIGH | N/A |
|
Multiple buffer overflows in Sun Java Wireless Toolkit (WTK) for CLDC 2.5.2 and earlier allow downloaded programs to execute arbitrary code via unknown vectors.
|
|||||
| CVE-2008-0608 | 1 Ipswitch | 1 Ws Ftp | 2025-04-09 | 5.0 MEDIUM | N/A |
|
The Logging Server (ftplogsrv.exe) 7.9.14.0 and earlier in IPSwitch WS_FTP 6.1 allows remote attackers to cause a denial of service (loss of responsiveness) via a large number of large packets to port 5151/udp, which causes the listening socket to terminate and prevents log commands from being recorded, a different vulnerability than CVE-2007-3823.
|
|||||
| CVE-2009-3848 | 1 Hp | 1 Openview Network Node Manager | 2025-04-09 | 10.0 HIGH | N/A |
|
Stack-based buffer overflow in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long Template parameter, related to the vsprintf function.
|
|||||
| CVE-2007-3551 | 1 Bbs100 | 1 Bbs100 | 2025-04-09 | 6.1 MEDIUM | N/A |
|
Buffer overflow in bbs100 before 3.2 allows remote attackers to cause a denial of service (crash) by attempting to login as the Guest user when another Guest user is already logged in, possibly related to the state_login_prompt function in state_login.c.
|
|||||
| CVE-2007-5397 | 1 Activepdf | 1 Server | 2025-04-09 | 7.5 HIGH | N/A |
|
Heap-based buffer overflow in the activePDF Server service (aka APServer.exe) in activePDF Server 3.8.4 and 3.8.5.14, and possibly other versions before 3.8.6.16, allows remote attackers to execute arbitrary code via a packet with a size field that is less than the actual size of the data.
|
|||||
| CVE-2008-0766 | 2 Brooks Internet Software, Microsoft | 3 Rpm Remote Print Manager Elite, Rpm Remote Print Manager Select, Windows | 2025-04-09 | 10.0 HIGH | N/A |
|
Stack-based buffer overflow in RpmSrvc.exe in Brooks Remote Print Manager (RPM) 4.5.1.11 and earlier (Elite and Select) for Windows allows remote attackers to execute arbitrary code via a long filename in a "Receive data file" LPD command. NOTE: some of these details are obtained from third party information.
|
|||||
| CVE-2009-0350 | 1 Merak | 1 Media Player | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in Merak Media Player 3.2 allows remote attackers to execute arbitrary code via a long string in a .m3u playlist file, related to the status bar icon's tooltip. NOTE: some of these details are obtained from third party information.
|
|||||
| CVE-2009-2994 | 1 Adobe | 2 Acrobat, Acrobat Reader | 2025-04-09 | 9.3 HIGH | N/A |
|
Buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 might allow attackers to execute arbitrary code via unspecified vectors.
|
|||||
| CVE-2008-0337 | 1 Miniweb Http Server | 1 Miniweb Http Server | 2025-04-09 | 7.5 HIGH | N/A |
|
Heap-based buffer overflow in the _mwProcessReadSocket function in http.c in MiniWeb HTTP Server 0.8.19 allows remote attackers to execute arbitrary code via a long URI.
|
|||||
| CVE-2008-5711 | 1 Facebook | 1 Photouploader | 2025-04-09 | 9.3 HIGH | N/A |
|
Heap-based buffer overflow in the Facebook PhotoUploader ActiveX control 5.0.14.0 and earlier allows remote attackers to execute arbitrary code via a long FileMask property value.
|
|||||
| CVE-2007-0348 | 3 Interactual Technologies, Intervideo, Roxio | 3 Interactual Player, Windvd, Cineplayer | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in the IASystemInfo.dll ActiveX control in (1) InterActual Player 2.60.12.0717, (2) Roxio CinePlayer 3.2, (3) WinDVD 7.0.27.172, and possibly other products, allows remote attackers to execute arbitrary code via a long ApplicationType property.
|
|||||
| CVE-2007-6302 | 1 Novell | 1 Netmail | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Multiple heap-based buffer overflows in avirus.exe in Novell NetMail 3.5.2 before Messaging Architects M+NetMail 3.52f (aka 3.5.2F) allows remote attackers to execute arbitrary code via unspecified ASCII integers used as memory allocation arguments, aka "ZDI-CAN-162."
|
|||||
| CVE-2008-2932 | 1 Redhat | 1 Adminutil | 2025-04-09 | 7.5 HIGH | N/A |
|
Heap-based buffer overflow in Red Hat adminutil 1.1.6 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via % (percent) encoded HTTP input to unspecified CGI scripts in Fedora Directory Server. NOTE: this vulnerability exists because of an incorrect fix for CVE-2008-2929.
|
|||||
| CVE-2008-4391 | 1 Cisco | 1 Wvc54gc | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in the SetSource method in the NetCamPlayerWeb11gv2 ActiveX control in NetCamPlayerWeb11gv2.ocx on the Cisco Linksys WVC54GC wireless video camera before firmware 1.25 allows remote attackers to execute arbitrary code via long invalid arguments.
|
|||||
| CVE-2007-0034 | 1 Microsoft | 2 Office, Outlook | 2025-04-09 | 9.3 HIGH | N/A |
|
Buffer overflow in the Advanced Search (Finder.exe) feature of Microsoft Outlook 2000, 2002, and 2003 allows user-assisted remote attackers to execute arbitrary code via a crafted Outlook Saved Searches (OSS) file that triggers memory corruption, aka "Microsoft Outlook Advanced Find Vulnerability."
|
|||||
| CVE-2009-2363 | 1 Yukudr | 1 Audioplus | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in KUDRSOFT AudioPLUS 2.00.215 allows remote attackers to execute arbitrary code via a .pls playlist file with a playlist entry containing a long File1 argument.
|
|||||
| CVE-2009-0341 | 1 Microsoft | 2 Internet Explorer, Windows Xp | 2025-04-09 | 9.3 HIGH | N/A |
|
The shell32 module in Microsoft Internet Explorer 7.0 on Windows XP SP3 might allow remote attackers to execute arbitrary code via a long VALUE attribute in an INPUT element, possibly related to a stack consumption vulnerability.
|
|||||
| CVE-2009-4179 | 1 Hp | 1 Openview Network Node Manager | 2025-04-09 | 10.0 HIGH | N/A |
|
Stack-based buffer overflow in ovalarm.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long HTTP Accept-Language header in an OVABverbose action.
|
|||||
| CVE-2009-0181 | 1 Vuplayer | 1 Vuplayer | 2025-04-09 | 9.3 HIGH | N/A |
|
Buffer overflow in VUPlayer allows user-assisted attackers to have an unknown impact via a long file, as demonstrated by a file composed entirely of 'A' characters.
|
|||||
| CVE-2007-5464 | 1 Lfs | 1 Live For Speed | 2025-04-09 | 6.5 MEDIUM | N/A |
|
Stack-based buffer overflow in Live for Speed 0.5X10 and earlier allows remote authenticated users to cause a denial of service (client crash) and possibly execute arbitrary code via a long skin name.
|
|||||
| CVE-2006-5864 | 1 Gnu | 1 Gv | 2025-04-09 | 5.1 MEDIUM | N/A |
|
Stack-based buffer overflow in the ps_gettext function in ps.c for GNU gv 3.6.2, and possibly earlier versions, allows user-assisted attackers to execute arbitrary code via a PostScript (PS) file with certain headers that contain long comments, as demonstrated using the (1) DocumentMedia, (2) DocumentPaperSizes, and possibly (3) PageMedia and (4) PaperSize headers. NOTE: this issue can be exploited through other products that use gv such as evince.
|
|||||
| CVE-2009-1861 | 1 Adobe | 2 Acrobat, Acrobat Reader | 2025-04-09 | 9.3 HIGH | N/A |
|
Multiple heap-based buffer overflows in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF file with a JPX (aka JPEG2000) stream that triggers heap memory corruption.
|
|||||
| CVE-2008-5756 | 1 Bpsoft | 1 Hex Workshop | 2025-04-09 | 9.3 HIGH | N/A |
|
Buffer overflow in BreakPoint Software Hex Workshop 5.1.4 allows user-assisted attackers to cause a denial of service and possibly execute arbitrary code via a long mapping reference in a Color Mapping (.cmap) file.
|
|||||
| CVE-2008-0661 | 1 Illustrate | 1 Dbpoweramp Audio Player | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Buffer overflow in dBpowerAMP Audio Player Release 2 allows remote attackers to execute arbitrary code via a .M3U file with a long URI. NOTE: this might be the same issue as CVE-2004-1569.
|
|||||
| CVE-2008-3522 | 2 Jasper Project, Redhat | 2 Jasper, Enterprise Virtualization | 2025-04-09 | 10.0 HIGH | N/A |
|
Buffer overflow in the jas_stream_printf function in libjasper/base/jas_stream.c in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via vectors related to the mif_hdr_put function and use of vsprintf.
|
|||||
| CVE-2008-1661 | 1 Hp | 1 Storageworks Storage Mirroring | 2025-04-09 | 10.0 HIGH | N/A |
|
Stack-based buffer overflow in DoubleTake.exe in HP StorageWorks Storage Mirroring (SWSM) before 4.5 SP2 allows remote attackers to execute arbitrary code via a crafted encoded authentication request.
|
|||||
| CVE-2008-0017 | 3 Canonical, Debian, Mozilla | 4 Ubuntu Linux, Debian Linux, Firefox and 1 more | 2025-04-09 | 9.3 HIGH | N/A |
|
The http-index-format MIME type parser (nsDirIndexParser) in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 does not check for an allocation failure, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an HTTP index response with a crafted 200 header, which triggers memory corruption and a buffer overflow.
|
|||||
| CVE-2008-0987 | 1 Apple | 4 Aperture, Iphoto, Mac Os X and 1 more | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Stack-based buffer overflow in Image Raw in Apple Mac OS X 10.5.2, and Digital Camera RAW Compatibility before Update 2.0 for Aperture 2 and iPhoto 7.1.2, allows remote attackers to execute arbitrary code via a crafted Adobe Digital Negative (DNG) image.
|
|||||
| CVE-2008-1019 | 1 Apple | 1 Quicktime | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Heap-based buffer overflow in quickTime.qts in Apple QuickTime before 7.4.5 allows remote attackers to execute arbitrary code via a crafted PICT image file, related to an improperly terminated memory copy loop.
|
|||||
| CVE-2009-2205 | 1 Apple | 5 Java 1.4, Java 1.5, Java 1.6 and 2 more | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Stack-based buffer overflow in the Java Web Start command launcher in Java for Mac OS X 10.5 before Update 5 allows attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.
|
|||||
| CVE-2008-0378 | 1 Nec | 1 Sockscap | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Stack-based buffer overflow in SocksCap 2.40-051231 and earlier, when "Resolve all names remotely" is enabled, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long hostname.
|
|||||
| CVE-2009-3338 | 1 Effectmatrix | 1 Magic Morph | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in EffectMatrix (E.M.) Magic Morph 1.95b allows remote attackers to execute arbitrary code via a long string in a .mor file.
|
|||||
| CVE-2008-1628 | 1 Linux | 1 Audit | 2025-04-09 | 4.1 MEDIUM | N/A |
|
Stack-based buffer overflow in the audit_log_user_command function in lib/audit_logging.c in Linux Audit before 1.7 might allow remote attackers to execute arbitrary code via a long command argument. NOTE: some of these details are obtained from third party information.
|
|||||
| CVE-2009-0565 | 1 Microsoft | 5 Office, Office Compatibility Pack For Word Excel Ppt 2007, Office Word and 2 more | 2025-04-09 | 9.3 HIGH | N/A |
|
Buffer overflow in Microsoft Office Word 2000 SP3, 2002 SP3, and 2007 SP1 and SP2; Microsoft Office for Mac 2004 and 2008; Open XML File Format Converter for Mac; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allows remote attackers to execute arbitrary code via a Word document with a malformed record that triggers memory corruption, aka "Word Buffer Overflow Vulnerability."
|
|||||
| CVE-2008-5091 | 1 Novell | 1 Edirectory | 2025-04-09 | 10.0 HIGH | N/A |
|
Buffer overflow in the LDAP Service in Novell eDirectory 8.7.3 before SP10a and 8.8 before SP3 allows attackers to cause a denial of service (application crash) via vectors involving an "invalid extensibleMatch filter."
|
|||||
| CVE-2007-2741 | 1 Littlecms | 1 Lcms | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in Little CMS (lcms) before 1.15 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ICC profile in a JPG file.
|
|||||
| CVE-2009-0491 | 1 Elecard | 1 Elecard Mpeg Player | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in Elecard MPEG Player 5.5 build 15884.081218 allows remote attackers to execute arbitrary code via a M3U file containing a long URL.
|
|||||
| CVE-2009-0583 | 2 Argyllcms, Ghostscript | 2 Argyllcms, Ghostscript | 2025-04-09 | 9.3 HIGH | N/A |
|
Multiple integer overflows in icc.c in the International Color Consortium (ICC) Format library (aka icclib), as used in Ghostscript 8.64 and earlier and Argyll Color Management System (CMS) 1.0.3 and earlier, allow context-dependent attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly execute arbitrary code by using a device file for a translation request that operates on a crafted image file and targets a certain "native color space," related to ...
Show More |
|||||
| CVE-2007-4665 | 1 Firebirdsql | 1 Firebird | 2025-04-09 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in the server in Firebird before 2.0.2 allows remote attackers to cause a denial of service (daemon crash) via an XNET session that makes multiple simultaneous requests to register events, aka CORE-1403.
|
|||||