Total
13458 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-4722 | 1 Move Networks Inc | 1 Move Media Player | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Multiple stack-based buffer overflows in the Quantum Streaming Internet Explorer Player ActiveX control in qsp2ie07051001.dll 1.0.0.1 in Move Media Player allow remote attackers to execute arbitrary code via a long string to the (1) Play and (2) Buzzer methods.
|
|||||
| CVE-2008-2069 | 1 Novell | 1 Groupwise | 2025-04-09 | 9.3 HIGH | N/A |
|
Buffer overflow in Novell GroupWise 7 allows remote attackers to cause a denial of service or execute arbitrary code via a long argument in a mailto: URI.
|
|||||
| CVE-2009-3859 | 1 Eeye | 2 Retina Network Security Scanner, Retina Wifi Scanner | 2025-04-09 | 9.3 HIGH | N/A |
|
Buffer overflow in eEye Retina WiFi Scanner 1.0.8.68, as used in Retina Network Security Scanner 5.10.14, allows user-assisted remote attackers to cause a denial of service (application crash) or execute arbitrary code via a .rws file with a long RWS010 entry.
|
|||||
| CVE-2008-5036 | 1 Videolan | 1 Vlc Media Player | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in VideoLAN VLC media player 0.9.x before 0.9.6 might allow user-assisted attackers to execute arbitrary code via an an invalid RealText (rt) subtitle file, related to the ParseRealText function in modules/demux/subtitle.c. NOTE: this issue was SPLIT from CVE-2008-5032 on 20081110.
|
|||||
| CVE-2009-3213 | 1 Broid | 1 Broid | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in broid 1.0 Beta 3a allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long string in a .mp3 file.
|
|||||
| CVE-2009-0266 | 1 Trilogic | 1 Media Player | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in Triologic Media Player 8.0.0.0 allows user-assisted remote attackers to execute arbitrary code via a long string in a .m3l playlist file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
|
|||||
| CVE-2008-2404 | 1 Sun | 1 Java Asp Server | 2025-04-09 | 10.0 HIGH | N/A |
|
Stack-based buffer overflow in the request handling implementation in Sun Java Active Server Pages (ASP) Server before 4.0.3 allows remote attackers to execute arbitrary code via an unspecified string field.
|
|||||
| CVE-2008-0401 | 1 Ibm | 1 Tivoli Provisioning Manager Os Deployment | 2025-04-09 | 10.0 HIGH | N/A |
|
Buffer overflow in the logging functionality of the HTTP server in IBM Tivoli Provisioning Manager for OS Deployment (TPMfOSD) before 5.1.0.3 Interim Fix 3 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via an HTTP request with a long method string to port 443/tcp.
|
|||||
| CVE-2009-1672 | 1 Sun | 1 Jre | 2025-04-09 | 9.3 HIGH | N/A |
|
The Deployment Toolkit ActiveX control in deploytk.dll 6.0.130.3 in Sun Java SE Runtime Environment (aka JRE) 6 Update 13 allows remote attackers to (1) execute arbitrary code via a .jnlp URL in the argument to the launch method, and might allow remote attackers to launch JRE installation processes via the (2) installLatestJRE or (3) installJRE method.
|
|||||
| CVE-2008-3916 | 1 Gnu | 1 Ed | 2025-04-09 | 9.3 HIGH | N/A |
|
Heap-based buffer overflow in the strip_escapes function in signal.c in GNU ed before 1.0 allows context-dependent or user-assisted attackers to execute arbitrary code via a long filename. NOTE: since ed itself does not typically run with special privileges, this issue only crosses privilege boundaries when ed is invoked as a third-party component.
|
|||||
| CVE-2007-5395 | 2 Abiword, Link Grammar | 2 Abiword Link Grammar, Link Grammar | 2025-04-09 | 10.0 HIGH | N/A |
|
Stack-based buffer overflow in the separate_word function in tokenize.c in Link Grammar 4.1b and possibly other versions, as used in AbiWord Link Grammar 4.2.4, allows remote attackers to execute arbitrary code via a long word, as reachable through the separate_sentence function.
|
|||||
| CVE-2008-0312 | 2 Microsoft, Symantec | 5 Windows, Norton 360, Norton Antivirus and 2 more | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in the AutoFix Support Tool ActiveX control 2.7.0.1 in SYMADATA.DLL in multiple Symantec Norton products, including Norton 360 1.0, AntiVirus 2006 through 2008, Internet Security 2006 through 2008, and System Works 2006 through 2008, allows remote attackers to execute arbitrary code via a long argument to the GetEventLogInfo method. NOTE: some of these details are obtained from third party information.
|
|||||
| CVE-2009-1568 | 1 Novell | 1 Iprint Client | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in ienipp.ocx in Novell iPrint Client 5.30, and possibly other versions before 5.32, allows remote attackers to execute arbitrary code via a long target-frame parameter.
|
|||||
| CVE-2008-3360 | 1 Intellitamper | 1 Intellitamper | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in the HTML parser in IntelliTamper 2.0.7 allows remote attackers to execute arbitrary code via a long URL in the HREF attribute of an A element, a different vulnerability than CVE-2006-2494.
|
|||||
| CVE-2008-5260 | 1 Axis | 1 Axis Camera Control | 2025-04-09 | 9.3 HIGH | N/A |
|
Heap-based buffer overflow in the CamImage.CamImage.1 ActiveX control in AxisCamControl.ocx in AXIS Camera Control 2.40.0.0 allows remote attackers to execute arbitrary code via a long image_pan_tilt property value.
|
|||||
| CVE-2009-1674 | 1 Microchip | 1 Mplab Ide | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in Microchip MPLAB IDE 8.30 allows user-assisted remote attackers to execute arbitrary code via a long .cof pathname in a [TOOL_SETTINGS] section in a .mcp file, possibly a related issue to CVE-2009-1608.
|
|||||
| CVE-2008-0959 | 4 Alivemedia, Online Media Technologies, Orion Studios and 1 more | 6 Alive Mp3 Wav Converter, Nctaudioeditor Activex Control, Nctaudiostudio Activex Control and 3 more | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Multiple stack-based buffer overflows in the Online Media Technologies NCTSoft NCTAudioInformation2 ActiveX control in NCTAudioInformation2.dll, as used in (1) Power Audio CD Grabber 1.0, (2) Power Audio CD Burner 1.02, (3) CinematicMP3 1.4.0.0, (4) Alive MP3 WAV Converter 3.9.3.2, and possibly other products, allow remote attackers to execute arbitrary code via unspecified vectors.
|
|||||
| CVE-2007-4992 | 1 Firebirdsql | 1 Firebird | 2025-04-09 | 10.0 HIGH | N/A |
|
Stack-based buffer overflow in the process_packet function in fbserver.exe in Firebird SQL 2.0.2 allows remote attackers to execute arbitrary code via a long request to TCP port 3050.
|
|||||
| CVE-2009-3994 | 1 Denton Woods | 1 Devil | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in the GetUID function in src-IL/src/il_dicom.c in DevIL 1.7.8 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted DICOM file.
|
|||||
| CVE-2008-0304 | 3 Linux, Microsoft, Mozilla | 4 Linux Kernel, Windows, Seamonkey and 1 more | 2025-04-09 | 7.5 HIGH | N/A |
|
Heap-based buffer overflow in Mozilla Thunderbird before 2.0.0.12 and SeaMonkey before 1.1.8 might allow remote attackers to execute arbitrary code via a crafted external-body MIME type in an e-mail message, related to an incorrect memory allocation during message preview.
|
|||||
| CVE-2006-4183 | 1 Microsoft | 1 Directx Sdk | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Heap-based buffer overflow in Microsoft DirectX SDK (February 2006) and probably earlier, including 9.0c End User Runtimes, allows context-dependent attackers to execute arbitrary code via a crafted Targa file with a run-length-encoding (RLE) compression that produces more data than expected when decoding.
|
|||||
| CVE-2007-1944 | 1 Ibm | 1 Websphere Application Server | 2025-04-09 | 5.0 MEDIUM | N/A |
|
The Java Message Service (JMS) in IBM WebSphere Application Server (WAS) before 6.1.0.7 allows attackers to cause a denial of service via unknown vectors involving the "double release [of] a bytebuffer input stream," possibly a double free vulnerability.
|
|||||
| CVE-2008-0064 | 1 Pierreegougelet | 3 Gfl Sdk, Nconvert, Xnview | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in Pierre-emmanuel Gougelet (1) XnView 1.91 and 1.92, (2) NConvert 4.85, and (3) libgfl280.dll in GFL SDK 2.870 for Windows allows user-assisted remote attackers to execute arbitrary code via a crafted Radiance RGBE (.hdr) file.
|
|||||
| CVE-2009-4107 | 1 Amplusnet | 1 Invisible Browsing | 2025-04-09 | 9.3 HIGH | N/A |
|
Buffer overflow in Invisible Browsing 5.0.52 allows user-assisted remote attackers to execute arbitrary code via a crafted .ibkey file containing a long string.
|
|||||
| CVE-2008-5755 | 1 Intellitamper | 1 Intellitamper | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in IntelliTamper 2.07 and 2.08 allows remote attackers to execute arbitrary code via a MAP file containing a long URL, possibly a related issue to CVE-2006-2494.
|
|||||
| CVE-2009-2377 | 1 Avax-software | 1 Avax Vector Activex | 2025-04-09 | 4.3 MEDIUM | N/A |
|
Buffer overflow in the Avax Vector ActiveX control in avPreview.ocx in AVAX-software Avax Vector ActiveX 1.3 allows remote attackers to cause a denial of service (application crash) via a long PrinterName property.
|
|||||
| CVE-2008-1021 | 1 Apple | 1 Quicktime | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Heap-based buffer overflow in Animation codec content handling in Apple QuickTime before 7.4.5 on Windows allows remote attackers to execute arbitrary code via a crafted movie with run length encoding.
|
|||||
| CVE-2007-5394 | 1 Adobe | 1 Pagemaker | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in AldFs32.dll in Adobe PageMaker 7.0.1 and 7.0.2 allows user-assisted remote attackers to execute arbitrary code via a .PMD file with a crafted font structure, a different vulnerability than CVE-2007-5169 and CVE-2007-6432.
|
|||||
| CVE-2007-4572 | 1 Samba | 1 Samba | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in nmbd in Samba 3.0.0 through 3.0.26a, when configured as a Primary or Backup Domain controller, allows remote attackers to have an unknown impact via crafted GETDC mailslot requests, related to handling of GETDC logon server requests.
|
|||||
| CVE-2007-3148 | 1 Yahoo | 1 Messenger | 2025-04-09 | 9.3 HIGH | N/A |
|
Buffer overflow in the Yahoo! Webcam Viewer ActiveX control in ywcvwr.dll 2.0.1.4 for Yahoo! Messenger 8.1.0.249 allows remote attackers to execute arbitrary code via a long server property value to the receive method.
|
|||||
| CVE-2008-3169 | 1 Empire Server | 1 Empire Server | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple heap-based buffer overflows in Empire Server before 4.3.15 allow remote attackers to cause a denial of service or possibly execute arbitrary code via unspecified vectors, related to a "coordinate normalization bug." NOTE: some of these details are obtained from third party information.
|
|||||
| CVE-2007-2983 | 1 Btglobalservices | 1 Bt Consumer Webhelper | 2025-04-09 | 9.3 HIGH | N/A |
|
Multiple buffer overflows in the British Telecommunications Consumer webhelper ActiveX control before 2.0.0.8 in btwebcontrol.dll allow remote attackers to execute arbitrary code via unspecified vectors.
|
|||||
| CVE-2009-3484 | 1 Coreftp | 1 Core Ftp | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in Core FTP 2.1 build 1612 allows user-assisted remote attackers to execute arbitrary code via a long hostname in an FTP server entry in a site backup file. NOTE: some of these details are obtained from third party information.
|
|||||
| CVE-2007-2831 | 1 Madwifi | 1 Madwifi | 2025-04-09 | 10.0 HIGH | N/A |
|
Array index error in the (1) ieee80211_ioctl_getwmmparams and (2) ieee80211_ioctl_setwmmparams functions in net80211/ieee80211_wireless.c in MadWifi before 0.9.3.1 allows local users to cause a denial of service (system crash), possibly obtain kernel memory contents, and possibly execute arbitrary code via a large negative array index value.
|
|||||
| CVE-2007-4582 | 1 Acti | 1 Network Video Recorder | 2025-04-09 | 7.5 HIGH | N/A |
|
Buffer overflow in the nvUnifiedControl.AUnifiedControl.1 ActiveX control in nvUnifiedControl.dll 1.1.45.0 in ACTi Network Video Recorder (NVR) SP2 2.0 allows remote attackers to execute arbitrary code via a long second argument to the SetText method.
|
|||||
| CVE-2008-2001 | 1 Apple | 1 Safari | 2025-04-09 | 4.3 MEDIUM | N/A |
|
Apple Safari 3.1.1 allows remote attackers to cause a denial of service (application crash) via a file:///%E2 link that triggers an out-of-bounds access, possibly due to a NULL pointer dereference.
|
|||||
| CVE-2008-1018 | 1 Apple | 1 Quicktime | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Heap-based buffer overflow in Apple QuickTime before 7.4.5 allows remote attackers to execute arbitrary code via an MP4A movie with a malformed Channel Compositor (aka chan) atom.
|
|||||
| CVE-2008-4726 | 1 Goodtechsystems | 1 Goodtech Ssh | 2025-04-09 | 9.0 HIGH | N/A |
|
Stack-based buffer overflow in the SFTP subsystem in GoodTech SSH 6.4 allows remote authenticated users to execute arbitrary code via a long string to the (1) open (aka SSH_FXP_OPEN), (2) unlink, (3) opendir, and other unspecified parameters.
|
|||||
| CVE-2008-2709 | 1 Ibm | 1 Os 400 | 2025-04-09 | 4.7 MEDIUM | N/A |
|
Buffer overflow in the BrSmRcvAndCheck function in the RCHMGR module on IBM OS/400 V5R4M0, V5R4M5, and V6R1M0 allows local users to cause a denial of service (task halt and main storage dump) via unspecified vectors involving the running of diagnostics on a modem port. NOTE: there might be limited attack scenarios.
|
|||||
| CVE-2008-5233 | 1 Xine | 1 Xine-lib | 2025-04-09 | 4.3 MEDIUM | N/A |
|
xine-lib 1.1.12, and other versions before 1.1.15, does not check for failure of malloc in circumstances including (1) the mymng_process_header function in demux_mng.c, (2) the open_mod_file function in demux_mod.c, and (3) frame_buffer allocation in the real_parse_audio_specific_data function in demux_real.c, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted media file.
|
|||||