Total
13458 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-3911 | 1 Bakbone | 1 Netvault Reporter | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple heap-based buffer overflows in (1) clsscheduler.exe (aka scheduler client) and (2) srvscheduler.exe (aka scheduler server) in BakBone NetVault Reporter 3.5 before Update4 allow remote attackers to execute arbitrary code via long filename arguments in HTTP requests.
|
|||||
| CVE-2009-0150 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | 4.4 MEDIUM | N/A |
|
Stack-based buffer overflow in Apple Mac OS X 10.5 before 10.5.7 allows local users to gain privileges or cause a denial of service (application crash) by attempting to mount a crafted sparse disk image.
|
|||||
| CVE-2007-6454 | 1 Peercast | 1 Peercast | 2025-04-09 | 10.0 HIGH | N/A |
|
Heap-based buffer overflow in the handshakeHTTP function in servhs.cpp in PeerCast 0.1217 and earlier, and SVN 344 and earlier, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long SOURCE request.
|
|||||
| CVE-2007-0080 | 1 Freeradius | 1 Freeradius | 2025-04-09 | 6.6 MEDIUM | N/A |
|
Buffer overflow in the SMB_Connect_Server function in FreeRadius 1.1.3 and earlier allows attackers to execute arbitrary code related to the server desthost field of an SMB_Handle_Type instance. NOTE: the impact of this issue has been disputed by a reliable third party and the vendor, who states that exploitation is limited "only to local administrators who have write access to the server configuration files." CVE concurs with the dispute
|
|||||
| CVE-2008-2437 | 1 Trend Micro | 2 Client-server-messaging Security, Officescan | 2025-04-09 | 10.0 HIGH | N/A |
|
Stack-based buffer overflow in cgiRecvFile.exe in Trend Micro OfficeScan 7.3 patch 4 build 1362 and other builds, OfficeScan 8.0 and 8.0 SP1, and Client Server Messaging Security 3.6 allows remote attackers to execute arbitrary code via an HTTP request containing a long ComputerName parameter.
|
|||||
| CVE-2009-1059 | 1 Powerzip | 1 Powerzip | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in Trident PowerZip 7.2 might allow remote attackers to execute arbitrary code via a crafted .zip file. NOTE: CVE has not investigated whether the specified file.zip file can be used for exploitation of this product.
|
|||||
| CVE-2008-1023 | 1 Apple | 1 Quicktime | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Heap-based buffer overflow in Clip opcode parsing in Apple QuickTime before 7.4.5 on Windows allows remote attackers to execute arbitrary code via a crafted PICT image file.
|
|||||
| CVE-2009-0663 | 2 Cmu, Perl | 2 Dbd\, Perl | 2025-04-09 | 7.5 HIGH | N/A |
|
Heap-based buffer overflow in the DBD::Pg (aka DBD-Pg or libdbd-pg-perl) module 1.49 for Perl might allow context-dependent attackers to execute arbitrary code via unspecified input to an application that uses the getline and pg_getline functions to read database rows.
|
|||||
| CVE-2007-6007 | 1 Acdsee | 3 Photo Editor, Photo Manager, Pro Photo Manager | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Integer overflow in the ID_PSP.apl plug-in for ACD ACDSee Photo Manager 9.0 build 108, Pro Photo Manager 8.1 build 99, and Photo Editor 4.0 build 195 allows user-assisted remote attackers to execute arbitrary code via a crafted PSP image that triggers a heap-based buffer overflow.
|
|||||
| CVE-2008-1102 | 1 Blender | 1 Blender | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Stack-based buffer overflow in the imb_loadhdr function in Blender 2.45 allows user-assisted remote attackers to execute arbitrary code via a .blend file that contains a crafted Radiance RGBE image.
|
|||||
| CVE-2007-5381 | 1 Cisco | 1 Ios | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in the Line Printer Daemon (LPD) in Cisco IOS before 12.2(18)SXF11, 12.4(16a), and 12.4(2)T6 allow remote attackers to execute arbitrary code by setting a long hostname on the target system, then causing an error message to be printed, as demonstrated by a telnet session to the LPD from a source port other than 515.
|
|||||
| CVE-2008-3546 | 2 Git, Linux | 2 Git, Parduslinux | 2025-04-09 | 7.5 HIGH | N/A |
|
Stack-based buffer overflow in the (1) diff_addremove and (2) diff_change functions in GIT before 1.5.6.4 might allow local users to execute arbitrary code via a PATH whose length is larger than the system's PATH_MAX when running GIT utilities such as git-diff or git-grep.
|
|||||
| CVE-2008-2304 | 1 Apple | 1 Core Image Fun House | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Buffer overflow in Apple Core Image Fun House 2.0 and earlier in CoreImage Examples in Xcode tools before 3.1 allows user-assisted attackers to execute arbitrary code or cause a denial of service (application crash) via a .funhouse file with a string XML element that contains many characters.
|
|||||
| CVE-2008-1372 | 1 Bzip | 1 Bzip2 | 2025-04-09 | 4.3 MEDIUM | N/A |
|
bzlib.c in bzip2 before 1.0.5 allows user-assisted remote attackers to cause a denial of service (crash) via a crafted file that triggers a buffer over-read, as demonstrated by the PROTOS GENOME test suite for Archive Formats.
|
|||||
| CVE-2009-1154 | 1 Cisco | 1 Ios Xr | 2025-04-09 | 3.3 LOW | N/A |
|
Cisco IOS XR 3.8.1 and earlier allows remote attackers to cause a denial of service (process crash) via a long BGP UPDATE message, as demonstrated by a message with many AS numbers in the AS Path Attribute.
|
|||||
| CVE-2008-0630 | 1 Mplayer | 1 Mplayer | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Buffer overflow in url.c in MPlayer 1.0rc2 and SVN before r25823 allows remote attackers to execute arbitrary code via a crafted URL that prevents the IPv6 parsing code from setting a pointer to NULL, which causes the buffer to be reused by the unescape code.
|
|||||
| CVE-2009-0386 | 1 Gstreamer | 1 Good Plug-ins | 2025-04-09 | 9.3 HIGH | N/A |
|
Heap-based buffer overflow in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst-plugins-good) 0.10.9 through 0.10.11 might allow remote attackers to execute arbitrary code via crafted Composition Time To Sample (ctts) atom data in a malformed QuickTime media .mov file.
|
|||||
| CVE-2009-2188 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | 9.3 HIGH | N/A |
|
Buffer overflow in ImageIO in Apple Mac OS X 10.5 before 10.5.8, and Safari before 4.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image with crafted EXIF metadata.
|
|||||
| CVE-2009-4230 | 1 Ruven Pillay | 1 Iipimage Server | 2025-04-09 | 7.5 HIGH | N/A |
|
Multiple stack-based buffer overflows in src/Task.cc in the FastCGI program in IIPImage Server before 0.9.8 might allow remote attackers to execute arbitrary code via vectors associated with crafted arguments to the (1) RGN::run, (2) JTLS::run, or (3) SHD::run function. NOTE: some of these details are obtained from third party information.
|
|||||
| CVE-2008-2431 | 1 Novell | 1 Iprint | 2025-04-09 | 9.3 HIGH | N/A |
|
Multiple buffer overflows in Novell iPrint Client before 5.06 allow remote attackers to execute arbitrary code by calling the Novell iPrint ActiveX control (aka ienipp.ocx) with (1) a long third argument to the GetDriverFile method; a long first argument to the (2) GetPrinterURLList or (3) GetPrinterURLList2 method; (4) a long argument to the GetFileList method; a long argument to the (5) GetServerVersion, (6) GetResourceList, or (7) DeleteResource method, related to nipplib.dll; a long uploadPa ...
Show More |
|||||
| CVE-2008-2409 | 1 Cerulean Studios | 1 Trillian | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in Cerulean Studios Trillian before 3.1.10.0 allows remote attackers to execute arbitrary code via unspecified attributes in the X-MMS-IM-FORMAT header in an MSN message.
|
|||||
| CVE-2008-5078 | 1 Gnu | 1 Escript | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Multiple buffer overflows in the (1) recognize_eps_file function (src/psgen.c) and (2) tilde_subst function (src/util.c) in GNU enscript 1.6.1, and possibly earlier, might allow remote attackers to execute arbitrary code via an epsf escape sequence with a long filename.
|
|||||
| CVE-2007-6281 | 1 Stbernard | 1 Open File Manager | 2025-04-09 | 10.0 HIGH | N/A |
|
Heap-based buffer overflow in Open File Manager service (ofmnt.exe) in St. Bernard Open File Manager 9.5 allows remote attackers to execute arbitrary code via a long request.
|
|||||
| CVE-2008-5702 | 1 Linux | 1 Linux Kernel | 2025-04-09 | 7.2 HIGH | N/A |
|
Buffer underflow in the ibwdt_ioctl function in drivers/watchdog/ib700wdt.c in the Linux kernel before 2.6.28-rc1 might allow local users to have an unknown impact via a certain /dev/watchdog WDIOC_SETTIMEOUT IOCTL call.
|
|||||
| CVE-2007-0064 | 1 Microsoft | 6 Windows 2000, Windows 2003 Server, Windows Media Format Runtime and 3 more | 2025-04-09 | 9.3 HIGH | N/A |
|
Heap-based buffer overflow in Windows Media Format Runtime 7.1, 9, 9.5, 9.5 x64 Edition, 11, and Windows Media Services 9.1 for Microsoft Windows 2000, XP, Server 2003, and Vista allows user-assisted remote attackers to execute arbitrary code via a crafted Advanced Systems Format (ASF) file.
|
|||||
| CVE-2008-3645 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | 7.2 HIGH | N/A |
|
Heap-based buffer overflow in the local IPC component in the EAPOLController plugin for configd (Networking component) in Mac OS X 10.4.11 and 10.5.5 allows local users to execute arbitrary code via unknown vectors.
|
|||||
| CVE-2008-6186 | 1 Raidenftpd | 1 Raidenftpd | 2025-04-09 | 9.0 HIGH | N/A |
|
Stack-based buffer overflow in RaidenFTPD 2.4 build 3620 allows remote authenticated users to cause a denial of service (crash) or execute arbitrary code via long (1) CWD and (2) MLST commands.
|
|||||
| CVE-2008-5279 | 1 Zilab | 1 Zim Server | 2025-04-09 | 10.0 HIGH | N/A |
|
The Local ZIM Server (zcs.exe) in Zilab Chat and Instant Messaging (ZIM) Server 2.1 and earlier allow remote attackers to execute arbitrary code via (1) heap-based buffer overflows involving multiple vectors including a long room name and a long source account, and (2) a stack-based buffer overflow with a long username in an information request. NOTE: some of these details are obtained from third party information.
|
|||||
| CVE-2009-1441 | 1 Google | 1 Chrome | 2025-04-09 | 9.3 HIGH | N/A |
|
Heap-based buffer overflow in the ParamTraits<SkBitmap>::Read function in Google Chrome before 1.0.154.64 allows attackers to leverage renderer access to cause a denial of service (application crash) or possibly execute arbitrary code via vectors related to a large bitmap that arrives over the IPC channel.
|
|||||
| CVE-2009-2578 | 1 Google | 1 Chrome | 2025-04-09 | 5.0 MEDIUM | N/A |
|
Google Chrome 2.x through 2.0.172 allows remote attackers to cause a denial of service (application crash) via a long Unicode string argument to the write method, a related issue to CVE-2009-2479.
|
|||||
| CVE-2008-5049 | 1 Isecsoft | 1 Anti-keylogger Elite | 2025-04-09 | 7.2 HIGH | N/A |
|
Buffer overflow in AKEProtect.sys 3.3.3.0 in ISecSoft Anti-Keylogger Elite 3.3.0 and earlier, and possibly other versions including 3.3.3, allows local users to gain privileges via long inputs to the (1) 0x002224A4, (2) 0x002224C0, and (3) 0x002224CC IOCTL.
|
|||||
| CVE-2009-1671 | 1 Sun | 1 Jre | 2025-04-09 | 9.3 HIGH | N/A |
|
Multiple buffer overflows in the Deployment Toolkit ActiveX control in deploytk.dll 6.0.130.3 in Sun Java SE Runtime Environment (aka JRE) 6 Update 13 allow remote attackers to execute arbitrary code via a long string argument to the (1) setInstallerType, (2) setAdditionalPackages, (3) compareVersion, (4) getStaticCLSID, or (5) launch method.
|
|||||
| CVE-2009-2837 | 1 Apple | 1 Mac Os X | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Heap-based buffer overflow in QuickDraw Manager in Apple Mac OS X before 10.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PICT image.
|
|||||
| CVE-2007-2666 | 2 Notepad\+\+, Scintilla | 2 Notepad\+\+, Scintilla | 2025-04-09 | 7.6 HIGH | N/A |
|
Stack-based buffer overflow in LexRuby.cxx (SciLexer.dll) in Scintilla 1.73, as used by notepad++ 4.1.1 and earlier, allows user-assisted remote attackers to execute arbitrary code via certain Ruby (.rb) files with long lines. NOTE: this was originally reported as a vulnerability in notepad++.
|
|||||
| CVE-2008-0053 | 1 Apple | 1 Cups | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple buffer overflows in the HP-GL/2-to-PostScript filter in CUPS before 1.3.6 might allow remote attackers to execute arbitrary code via a crafted HP-GL/2 file.
|
|||||
| CVE-2007-0038 | 1 Microsoft | 4 Windows 2000, Windows 2003 Server, Windows Vista and 1 more | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in the animated cursor code in Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or cause a denial of service (persistent reboot) via a large length value in the second (or later) anih block of a RIFF .ANI, cur, or .ico file, which results in memory corruption when processing cursors, animated cursors, and icons, a variant of CVE-2005-0416, as originally demonstrated using Internet Explorer 6 and 7. NOTE: this might be a duplic ...
Show More |
|||||
| CVE-2008-1358 | 1 Altn | 1 Mdaemon | 2025-04-09 | 6.5 MEDIUM | N/A |
|
Stack-based buffer overflow in the IMAP server in Alt-N Technologies MDaemon 9.6.4 allows remote authenticated users to execute arbitrary code via a FETCH command with a long BODY.
|
|||||
| CVE-2009-0836 | 1 Foxitsoftware | 1 Reader | 2025-04-09 | 10.0 HIGH | N/A |
|
Foxit Reader 2.3 before Build 3902 and 3.0 before Build 1506, including 1120 and 1301, does not require user confirmation before performing dangerous actions defined in a PDF file, which allows remote attackers to execute arbitrary programs and have unspecified other impact via a crafted file, as demonstrated by the "Open/Execute a file" action.
|
|||||
| CVE-2006-5815 | 1 Proftpd Project | 1 Proftpd | 2025-04-09 | 10.0 HIGH | N/A |
|
Stack-based buffer overflow in the sreplace function in ProFTPD 1.3.0 and earlier allows remote attackers, probably authenticated, to cause a denial of service and execute arbitrary code, as demonstrated by vd_proftpd.pm, a "ProFTPD remote exploit."
|
|||||
| CVE-2008-1031 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | 9.3 HIGH | N/A |
|
CoreGraphics in Apple Mac OS X before 10.5.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document, related to an uninitialized variable.
|
|||||