Total
13458 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-6583 | 1 Bsplayer | 1 Bs.player | 2025-04-09 | 9.3 HIGH | N/A |
|
Buffer overflow in BS.player 2.27 build 959 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in a .SRT file.
|
|||||
| CVE-2007-4903 | 1 Ultra Shareware | 1 Ultra Crypto Component | 2025-04-09 | 7.5 HIGH | N/A |
|
Multiple buffer overflows in a certain ActiveX control in CryptoX.dll 2.0 and earlier in the Ultra Crypto Component allow remote attackers to execute arbitrary code via (1) a long string in the first argument to the AcquireContext method or (2) an unspecified vector to the DeleteContext method.
|
|||||
| CVE-2008-0352 | 1 Linux | 1 Linux Kernel | 2025-04-09 | 7.8 HIGH | N/A |
|
The Linux kernel 2.6.20 through 2.6.21.1 allows remote attackers to cause a denial of service (panic) via a certain IPv6 packet, possibly involving the Jumbo Payload hop-by-hop option (jumbogram).
|
|||||
| CVE-2009-1129 | 1 Microsoft | 1 Office Powerpoint | 2025-04-09 | 9.3 HIGH | N/A |
|
Multiple stack-based buffer overflows in the PowerPoint 95 importer (PP7X32.DLL) in Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allow remote attackers to execute arbitrary code via an inconsistent record length in sound data in a file that uses a PowerPoint 95 (PPT95) native file format, aka "PP7 Memory Corruption Vulnerability," a different vulnerability than CVE-2009-1128.
|
|||||
| CVE-2009-1866 | 1 Adobe | 3 Air, Flash Player, Flex | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors.
|
|||||
| CVE-2009-1800 | 1 Chinagames | 1 Igame | 2025-04-09 | 7.5 HIGH | N/A |
|
Stack-based buffer overflow in the Chinagames CGAgent ActiveX control 1.x in CGAgent.dll, as distributed in Chinagames iGame 2009, allows remote attackers to execute arbitrary code via a long argument to the CreateChinagames method, as exploited in the wild in April and May 2009. NOTE: some of these details are obtained from third party information.
|
|||||
| CVE-2008-3795 | 1 Ipswitch | 1 Ws Ftp Home | 2025-04-09 | 10.0 HIGH | N/A |
|
Buffer overflow in Ipswitch WS_FTP Home client allows remote FTP servers to have an unknown impact via a long "message response."
|
|||||
| CVE-2007-6530 | 3 Groove, Hp, Persits | 3 Virtual Office, Loadrunner, Xupload | 2025-04-09 | 9.3 HIGH | N/A |
|
Buffer overflow in the XUpload.ocx ActiveX control in Persits Software XUpload 2.1.0.1, and probably other versions before 3.0, as used by HP Mercury LoadRunner and Groove Virtual Office, allows remote attackers to execute arbitrary code via a long argument to the AddFolder function.
|
|||||
| CVE-2007-2582 | 1 Ibm | 1 Db2 | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple buffer overflows in the DB2 JDBC Applet Server (DB2JDS) service in IBM DB2 9.x and earlier allow remote attackers to (1) execute arbitrary code via a crafted packet to the DB2JDS service on tcp/6789; and cause a denial of service via (2) an invalid LANG parameter or (2) a long packet that generates a "MemTree overflow."
|
|||||
| CVE-2009-1375 | 1 Pidgin | 1 Pidgin | 2025-04-09 | 5.0 MEDIUM | N/A |
|
The PurpleCircBuffer implementation in Pidgin (formerly Gaim) before 2.5.6 does not properly maintain a certain buffer, which allows remote attackers to cause a denial of service (memory corruption and application crash) via vectors involving the (1) XMPP or (2) Sametime protocol.
|
|||||
| CVE-2008-4556 | 1 Sun | 1 Solaris | 2025-04-09 | 10.0 HIGH | N/A |
|
Stack-based buffer overflow in the adm_build_path function in sadmind in Sun Solstice AdminSuite on Solaris 8 and 9 allows remote attackers to execute arbitrary code via a crafted request.
|
|||||
| CVE-2008-2908 | 1 Novell | 1 Iprint Client | 2025-04-09 | 9.3 HIGH | N/A |
|
Multiple stack-based buffer overflows in a certain ActiveX control in ienipp.ocx in Novell iPrint Client for Windows before 4.36 allow remote attackers to execute arbitrary code via a long value of the (1) operation, (2) printer-url, or (3) target-frame parameter. NOTE: some of these details are obtained from third party information.
|
|||||
| CVE-2008-1724 | 1 Tumbleweed | 2 Securetransport Server, Securetransport Server App | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in the IActiveXTransfer.FileTransfer method in the SecureTransport FileTransfer ActiveX control in vcst_en.dll 1.0.0.5 in Tumbleweed SecureTransport Server before 4.6.1 Hotfix 20 allows remote attackers to execute arbitrary code via a long remoteFile parameter.
|
|||||
| CVE-2008-4052 | 1 Hp | 1 Openvms | 2025-04-09 | 7.2 HIGH | N/A |
|
Stack-based buffer overflow in SMGSHR.EXE in OpenVMS for Integrity Servers 8.2-1, 8.3, and 8.3-1H1 and OpenVMS ALPHA 7.3-2, 8.2, and 8.3 allows local users to cause a denial of service (crash) or gain privileges via unspecified vectors.
|
|||||
| CVE-2009-1130 | 1 Microsoft | 2 Office, Office Powerpoint | 2025-04-09 | 9.3 HIGH | N/A |
|
Heap-based buffer overflow in Microsoft Office PowerPoint 2002 SP3 and 2003 SP3, and PowerPoint in Microsoft Office 2004 for Mac, allows remote attackers to execute arbitrary code via a crafted structure in a Notes container in a PowerPoint file that causes PowerPoint to read more data than was allocated when creating a C++ object, leading to an overwrite of a function pointer, aka "Heap Corruption Vulnerability."
|
|||||
| CVE-2009-3135 | 1 Microsoft | 4 Office, Office Word, Office Word Viewer and 1 more | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in Microsoft Office Word 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, Open XML File Format Converter for Mac, Office Word Viewer 2003 SP3, and Office Word Viewer allow remote attackers to execute arbitrary code via a Word document with a malformed File Information Block (FIB) structure, aka "Microsoft Office Word File Information Memory Corruption Vulnerability."
|
|||||
| CVE-2009-3871 | 2 Microsoft, Sun | 6 Windows, Java Se, Jdk and 3 more | 2025-04-09 | 9.3 HIGH | N/A |
|
Heap-based buffer overflow in the setBytePixels function in the Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via crafted arguments, aka Bug Id 6872358.
|
|||||
| CVE-2008-0012 | 1 Trend Micro | 1 Serverprotect | 2025-04-09 | 10.0 HIGH | N/A |
|
Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to the product's configuration, a different vulnerability than CVE-2008-0013 and CVE-2008-0014.
|
|||||
| CVE-2009-1944 | 1 Aimp | 1 Aimp | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in AIMP 2.51 build 330 allows remote attackers to execute arbitrary code via an MP3 file with a long ID3 tag.
|
|||||
| CVE-2008-2040 | 1 Peercast | 1 Peercast | 2025-04-09 | 7.5 HIGH | N/A |
|
Stack-based buffer overflow in the HTTP::getAuthUserPass function (core/common/http.cpp) in Peercast 0.1218 and gnome-peercast allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Basic Authentication string with a long (1) username or (2) password.
|
|||||
| CVE-2009-0215 | 1 Ibm | 1 Access Support Activex Control | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in the GetXMLValue method in the IBM Access Support ActiveX control in IbmEgath.dll, as distributed on IBM and Lenovo computers, allows remote attackers to execute arbitrary code via unspecified vectors.
|
|||||
| CVE-2008-2851 | 1 Offsystem | 1 Offsystem | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple buffer overflows in OFF System before 0.19.14 allow remote attackers to have an unknown impact via unspecified vectors related to "parsing of http headers."
|
|||||
| CVE-2008-0027 | 1 Cisco | 2 Unified Callmanager, Unified Communications Manager | 2025-04-09 | 10.0 HIGH | N/A |
|
Heap-based buffer overflow in the Certificate Trust List (CTL) Provider service (CTLProvider.exe) in Cisco Unified Communications Manager (CUCM) 4.2 before 4.2(3)SR3 and 4.3 before 4.3(1)SR1, and CallManager 4.0 and 4.1 before 4.1(3)SR5c, allows remote attackers to cause a denial of service or execute arbitrary code via a long request.
|
|||||
| CVE-2007-6403 | 1 Winamp | 1 Nullsoft Winamp | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Stack-based buffer overflow in Nullsoft Winamp 5.32 allows user-assisted remote attackers to execute arbitrary code via crafted unicode in a .mp4 file, with crafted tags, contained in a certain .rar archive, a related issue to CVE-2007-2498. NOTE: for exploitation, the victim must select a certain menu option at the time of the attack.
|
|||||
| CVE-2007-6144 | 1 Xunlei | 1 Web Thunder | 2025-04-09 | 6.0 MEDIUM | N/A |
|
Heap-based buffer overflow in the PPlayer.XPPlayer.1 ActiveX control in pplayer.dll_1_work in Xunlei Thunder 5.7.4.401 allows remote attackers to execute arbitrary code via a long string in a FlvPlayerUrl property value. NOTE: some of these details are obtained from third party information.
|
|||||
| CVE-2007-0043 | 1 Microsoft | 5 .net Framework, Windows 2000, Windows 2003 Server and 2 more | 2025-04-09 | 9.3 HIGH | N/A |
|
The Just In Time (JIT) Compiler service in Microsoft .NET Framework 1.0, 1.1, and 2.0 for Windows 2000, XP, Server 2003, and Vista allows user-assisted remote attackers to execute arbitrary code via unspecified vectors involving an "unchecked buffer," probably a buffer overflow, aka ".NET JIT Compiler Vulnerability".
|
|||||
| CVE-2008-5032 | 1 Videolan | 1 Vlc Media Player | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in VideoLAN VLC media player 0.5.0 through 0.9.5 might allow user-assisted attackers to execute arbitrary code via the header of an invalid CUE image file, related to modules/access/vcd/cdrom.c. NOTE: this identifier originally included an issue related to RealText, but that issue has been assigned a separate identifier, CVE-2008-5036.
|
|||||
| CVE-2008-0399 | 1 Toshiba | 1 Surveillix | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Multiple buffer overflows in Toshiba Surveillance (Surveillix) RecordSend ActiveX control (MeIpCamX.DLL 1.0.0.4) allow remote attackers to execute arbitrary code via long arguments to the (1) SetPort and (2) SetIpAddress methods.
|
|||||
| CVE-2009-0012 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | 10.0 HIGH | N/A |
|
Heap-based buffer overflow in CoreText in Apple Mac OS X 10.5.6 allows remote attackers to execute arbitrary code via a crafted Unicode string.
|
|||||
| CVE-2009-2375 | 1 Photo-dvd-maker | 1 Photo Dvd Maker | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in Photo DVD Maker 8.02, and possibly earlier versions, allows remote attackers to execute arbitrary code via a long File_Name parameter in a .pdm file. NOTE: some of these details are obtained from third party information.
|
|||||
| CVE-2006-6125 | 1 Netgear | 1 Wg311v1 | 2025-04-09 | 7.5 HIGH | N/A |
|
Heap-based buffer overflow in the wireless driver (WG311ND5.SYS) 2.3.1.10 for NetGear WG311v1 wireless adapter allows remote attackers to execute arbitrary code via an 802.11 management frame with a long SSID.
|
|||||
| CVE-2009-2807 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | 7.2 HIGH | N/A |
|
Heap-based buffer overflow in the USB backend in CUPS in Apple Mac OS X 10.5.8 allows local users to gain privileges via unspecified vectors.
|
|||||
| CVE-2009-1284 | 1 Bibtex | 1 Bibtex | 2025-04-09 | 5.0 MEDIUM | N/A |
|
Buffer overflow in BibTeX 0.99 allows context-dependent attackers to cause a denial of service (memory corruption and crash) via a long .bib bibliography file.
|
|||||
| CVE-2007-0016 | 1 Netfarer | 1 Movieplay | 2025-04-09 | 7.5 HIGH | N/A |
|
Stack-based buffer overflow in MoviePlay 4.76 allows remote attackers to execute arbitrary code via a long filename in a LST file.
|
|||||
| CVE-2008-1490 | 2 Aurigma, Piczo | 2 Image Uploader Activex Control, Imageuploader4 | 2025-04-09 | 9.3 HIGH | N/A |
|
Buffer overflow in a certain Aurigma ActiveX control in ImageUploader4.ocx 4.1.36.0, as used with Piczo (aka Pizco) and possibly other online services, allows remote attackers to execute arbitrary code via unspecified vectors, possibly involving a long Action property, a different CLSID than CVE-2008-0659.
|
|||||
| CVE-2009-0650 | 1 Tptest | 1 Tptest | 2025-04-09 | 10.0 HIGH | N/A |
|
Stack-based buffer overflow in the GetStatsFromLine function in TPTEST 3.1.7 and earlier, and possibly 5.02, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a STATS line with a long pwd field. NOTE: some of these details are obtained from third party information.
|
|||||
| CVE-2009-3709 | 1 Konae | 1 Alleycode Html Editor | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in the Meta Content Optimizer in Konae Technologies Alleycode HTML Editor 2.21 allows user-assisted remote attackers to execute arbitrary code via a long value in a TITLE tag.
|
|||||
| CVE-2008-2745 | 1 Black Ice | 1 Annotation Software | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in BiAnno ActiveX Control (BiAnno.ocx) in Black Ice Software Annotation Plugin 10.95 allows remote attackers to execute arbitrary code via a long parameter to the AnnoSaveToTiff method.
|
|||||
| CVE-2008-3547 | 1 Openttd | 1 Openttd | 2025-04-09 | 9.0 HIGH | N/A |
|
Buffer overflow in the server in OpenTTD 0.6.1 and earlier allows remote authenticated users to cause a denial of service (persistent game disruption) or possibly execute arbitrary code via vectors involving many long names for "companies and clients."
|
|||||
| CVE-2009-0002 | 2 Apple, Microsoft | 4 Mac Os X, Quicktime, Windows Vista and 1 more | 2025-04-09 | 9.3 HIGH | N/A |
|
Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a QTVR movie file with crafted THKD atoms.
|
|||||