Total
13458 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-5081 | 1 Realnetworks | 3 Realone Player, Realplayer, Realplayer Enterprise | 2025-04-09 | 9.3 HIGH | N/A |
|
Heap-based buffer overflow in RealNetworks RealPlayer 8, 10, 10.1, and possibly 10.5; RealOne Player 1 and 2; and RealPlayer Enterprise allows remote attackers to execute arbitrary code via a crafted RM file.
|
|||||
| CVE-2007-6426 | 1 Emc | 1 Replistor | 2025-04-09 | 7.8 HIGH | N/A |
|
Multiple heap-based buffer overflows in EMC RepliStor 6.2 SP2, and possibly earlier versions, allow remote attackers to execute arbitrary code via crafted compressed data.
|
|||||
| CVE-2007-6435 | 1 Novell | 1 Groupwise | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in Novell GroupWise before 6.5.7, when HTML preview of e-mail is enabled, allows user-assisted remote attackers to execute arbitrary code via a long SRC attribute in an IMG element when forwarding or replying to a crafted e-mail.
|
|||||
| CVE-2008-3642 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | 9.3 HIGH | N/A |
|
Buffer overflow in ColorSync in Mac OS X 10.4.11 and 10.5.5 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via an image with a crafted ICC profile.
|
|||||
| CVE-2007-3340 | 1 Bughunter | 1 Http Server | 2025-04-09 | 7.8 HIGH | N/A |
|
BugHunter HTTP SERVER (httpsv.exe) 1.6.2 allows remote attackers to cause a denial of service (application crash) via a large number of requests for nonexistent pages.
|
|||||
| CVE-2008-2693 | 1 Black Ice | 1 Barcode Sdk | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in the BITIFF.BITiffCtrl.1 ActiveX control in BITiff.ocx 10.9.3.0 in Black Ice Barcode SDK 5.01 allows remote attackers to execute arbitrary code via a long first argument to the SetByteOrder method.
|
|||||
| CVE-2009-3896 | 2 F5, Nginx | 2 Nginx, Nginx | 2025-04-09 | 5.0 MEDIUM | N/A |
|
src/http/ngx_http_parse.c in nginx (aka Engine X) 0.1.0 through 0.4.14, 0.5.x before 0.5.38, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.14 allows remote attackers to cause a denial of service (NULL pointer dereference and worker process crash) via a long URI.
|
|||||
| CVE-2009-3341 | 1 Linksys | 1 Wrt54gl | 2025-04-09 | 10.0 HIGH | N/A |
|
Buffer overflow on the Linksys WRT54GL wireless router allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.10 through 8.11. NOTE: as of 20090917, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.
|
|||||
| CVE-2007-6277 | 1 Flac | 1 Libflac | 2025-04-09 | 9.3 HIGH | N/A |
|
Multiple buffer overflows in Free Lossless Audio Codec (FLAC) libFLAC before 1.2.1 allow user-assisted remote attackers to execute arbitrary code via large (1) Metadata Block Size, (2) VORBIS Comment String Size, (3) Picture Metadata MIME-TYPE Size, (4) Picture Description Size, (5) Picture Data Length, (6) Padding Length, and (7) PICTURE Metadata width and height values in a .FLAC file, which result in a heap-based overflow; and large (8) VORBIS Comment String Size Length, (9) Picture MIME-Type ...
Show More |
|||||
| CVE-2007-6386 | 1 Trend Micro | 3 Trend Micro Antivirus Plus Antispyware, Trend Micro Internet Security Virus Bust, Trend Micro Internet Security Pro | 2025-04-09 | 7.2 HIGH | N/A |
|
Stack-based buffer overflow in PccScan.dll before build 1451 in Trend Micro AntiVirus plus AntiSpyware 2008, Internet Security 2008, and Internet Security Pro 2008 allows user-assisted remote attackers to cause a denial of service (SfCtlCom.exe crash), and allows local users to gain privileges, via a malformed .zip archive with a long name, as demonstrated by a .zip file created via format string specifiers in a crafted .uue file.
|
|||||
| CVE-2007-4677 | 2 Apple, Microsoft | 4 Mac Os X, Quicktime, Windows Vista and 1 more | 2025-04-09 | 9.3 HIGH | N/A |
|
Heap-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via an invalid color table size when parsing the color table atom (CTAB) in a movie file, related to the CTAB RGB values.
|
|||||
| CVE-2007-6357 | 1 Microsoft | 1 Access | 2025-04-09 | 5.8 MEDIUM | N/A |
|
Stack-based buffer overflow in Microsoft Office Access allows remote, user-assisted attackers to execute arbitrary code via a crafted Microsoft Access Database (.mdb) file. NOTE: due to the lack of details as of 20071210, it is not clear whether this issue is the same as CVE-2007-6026 or CVE-2005-0944.
|
|||||
| CVE-2008-1044 | 1 Move Networks Inc | 2 Move Media Player, Qunatum Streaming Player | 2025-04-09 | 7.5 HIGH | N/A |
|
Stack-based buffer overflow in the Quantum Streaming Player (Quantum Streaming IE Player) ActiveX control (aka QSP2IE.QSP2IE) in qsp2ie07076007.dll 7.7.6.7 and qsp2ie07074039.dll 7.7.4.39 in Move Media Player allows remote attackers to execute arbitrary code via a long argument to the UploadLogs method, a different vector than CVE-2007-4722. NOTE: some of these details are obtained from third party information.
|
|||||
| CVE-2009-1791 | 2 Mega-nerd, Nullsoft | 2 Libsndfile, Winamp | 2025-04-09 | 9.3 HIGH | N/A |
|
Heap-based buffer overflow in aiff_read_header in libsndfile 1.0.15 through 1.0.19, as used in Winamp 5.552 and possibly other media programs, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an AIFF file with an invalid header value.
|
|||||
| CVE-2007-5326 | 2 Broadcom, Ca | 6 Brightstor Arcserve Backup, Brightstor Enterprise Backup, Business Protection Suite and 3 more | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple buffer overflows in (1) RPC and (2) rpcx.dll in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allow remote attackers to execute arbitrary code via unspecified vectors.
|
|||||
| CVE-2009-0065 | 1 Linux | 1 Linux Kernel | 2025-04-09 | 10.0 HIGH | N/A |
|
Buffer overflow in net/sctp/sm_statefuns.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.28-git8 allows remote attackers to have an unknown impact via an FWD-TSN (aka FORWARD-TSN) chunk with a large stream ID.
|
|||||
| CVE-2009-3857 | 1 Softonic | 1 Scite | 2025-04-09 | 4.3 MEDIUM | N/A |
|
Buffer overflow in Softonic International SciTE 1.72 allows user-assisted remote attackers to cause a denial of service (application crash) via a Ruby (.rb) file containing a long string, which triggers the crash when a scroll bar is used.
|
|||||
| CVE-2007-6516 | 1 Ravware | 1 Flic Activex Control | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Buffer overflow in RavWare Software MAS Flic ActiveX Control (masflc.ocx) 1.0.0.1 allows remote attackers to execute arbitrary code via a long FileName property.
|
|||||
| CVE-2009-4097 | 1 Malsmith | 1 Serenity Audio Player | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in the MplayInputFile function in Serenity Audio Player 3.2.3 and earlier allows remote attackers to execute arbitrary code via a long URL in an M3U file. NOTE: some of these details are obtained from third party information.
|
|||||
| CVE-2007-5699 | 1 Eiqnetworks | 1 Enterprise Security Analyzer | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Stack-based buffer overflow in eIQNetworks Enterprise Security Analyzer (ESA) 2.5 allows remote attackers to execute arbitrary code via certain data on TCP port 10616 that results in a long argument to the SEARCHREPORT command, a different vector than CVE-2007-2059.
|
|||||
| CVE-2007-5064 | 1 Xunlei | 1 Web Thunder | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Buffer overflow in a certain ActiveX control in Xunlei Web Thunder 5.6.9.344, possibly the DapPlayer ActiveX control in DapPlayer_Now.dll, allows remote attackers to execute arbitrary code via a long first argument to the DownURL2 method. NOTE: some of these details are obtained from third party information.
|
|||||
| CVE-2009-1864 | 1 Adobe | 3 Air, Flash Player, Flex | 2025-04-09 | 9.3 HIGH | N/A |
|
Heap-based buffer overflow in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors.
|
|||||
| CVE-2009-4240 | 1 Ibm | 1 Infosphere Information Server | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple buffer overflows in unspecified setuid executables in the DataStage subsystem in IBM InfoSphere Information Server 8.1 before FP1 have unknown impact and attack vectors.
|
|||||
| CVE-2008-4750 | 1 Dbsoftlab | 1 Vimp X | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in the VImpX.VImpAX ActiveX control (VImpX.ocx) 4.8.8.0 in DB Software Laboratory VImp X, possibly 4.7.7, allows remote attackers to execute arbitrary code via a long LogFile property.
|
|||||
| CVE-2007-1864 | 4 Canonical, Debian, Php and 1 more | 5 Ubuntu Linux, Debian Linux, Php and 2 more | 2025-04-09 | 7.5 HIGH | N/A |
|
Buffer overflow in the bundled libxmlrpc library in PHP before 4.4.7, and 5.x before 5.2.2, has unknown impact and remote attack vectors.
|
|||||
| CVE-2008-3480 | 1 Anzio | 2 Print Wizard, Web Print Object | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in the Anzio Web Print Object (WePO) ActiveX control 3.2.19 and 3.2.24, as used in Anzio Print Wizard, allows remote attackers to execute arbitrary code via a long mainurl parameter.
|
|||||
| CVE-2008-6898 | 1 Saschart | 1 Sascam Webcam Server | 2025-04-09 | 9.3 HIGH | N/A |
|
Buffer overflow in the XHTTP Module 4.1.0.0 in the ActiveX control for SaschArt SasCam Webcam Server 2.6.5 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long argument to the Get method and other unspecified methods.
|
|||||
| CVE-2009-4420 | 1 F5 | 3 Big-ip Application Security Manager, Big-ip Protocol Security Manager, Big-ip Protocol Security Module | 2025-04-09 | 7.8 HIGH | N/A |
|
Buffer overflow in the bd daemon in F5 Networks BIG-IP Application Security Manager (ASM) 9.4.4 through 9.4.7 and 10.0.0 through 10.0.1, and Protocol Security Manager (PSM) 9.4.5 through 9.4.7 and 10.0.0 through 10.0.1, allows remote attackers to cause a denial of service (crash) via unknown vectors. NOTE: some of these details are obtained from third party information.
|
|||||
| CVE-2007-3655 | 1 Sun | 1 Jre | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Stack-based buffer overflow in javaws.exe in Sun Java Web Start in JRE 5.0 Update 11 and earlier, and 6.0 Update 1 and earlier, allows remote attackers to execute arbitrary code via a long codebase attribute in a JNLP file.
|
|||||
| CVE-2007-4758 | 1 Hitachi | 3 Ucosminexus Application Server Enterprise, Ucosminexus Application Server Standard, Ucosminexus Service Platform | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple buffer overflows in the image-processing APIs in Cosminexus Developer's Kit for Java in Cosminexus 4 through 7 allow remote attackers to cause a denial of service or execute arbitrary code via unspecified vectors.
|
|||||
| CVE-2007-3750 | 2 Apple, Microsoft | 4 Mac Os X, Quicktime, Windows Vista and 1 more | 2025-04-09 | 9.3 HIGH | N/A |
|
Heap-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via crafted Sample Table Sample Descriptor (STSD) atoms in a movie file.
|
|||||
| CVE-2008-0437 | 2 Hp, Microsoft | 2 Virtual Rooms, Activex | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple buffer overflows in the WebHPVCInstall.HPVirtualRooms14 ActiveX control in HPVirtualRooms14.dll 1.0.0.100, as used in the installation process for HP Virtual Rooms, allow remote attackers to execute arbitrary code via a long (1) AuthenticationURL, (2) PortalAPIURL, or (3) cabroot property value. NOTE: some of these details are obtained from third party information.
|
|||||
| CVE-2007-6041 | 1 Rigs Of Rogs | 1 Rigs Of Rogs | 2025-04-09 | 7.5 HIGH | N/A |
|
Buffer overflow in the Sequencer::queueMessage function in sequencer.cpp in the server in Rigs of Rods (RoR) before 0.33d SP1 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code by sending a nickname, then a vehicle name in a MSG2_USE_VEHICLE message, in which the combined length triggers the overflow.
|
|||||
| CVE-2007-1246 | 1 Mplayer | 1 Mplayer | 2025-04-09 | 7.6 HIGH | N/A |
|
The DMO_VideoDecoder_Open function in loader/dmo/DMO_VideoDecoder.c in MPlayer 1.0rc1 and earlier, as used in xine-lib, does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code, a different vulnerability than CVE-2007-1387.
|
|||||
| CVE-2007-3897 | 1 Microsoft | 2 Outlook Express, Windows Mail | 2025-04-09 | 9.3 HIGH | N/A |
|
Heap-based buffer overflow in Microsoft Outlook Express 6 and earlier, and Windows Mail for Vista, allows remote Network News Transfer Protocol (NNTP) servers to execute arbitrary code via long NNTP responses that trigger memory corruption.
|
|||||
| CVE-2009-2799 | 1 Apple | 1 Quicktime | 2025-04-09 | 9.3 HIGH | N/A |
|
Heap-based buffer overflow in Apple QuickTime before 7.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted H.264 movie file.
|
|||||
| CVE-2007-1256 | 1 Mozilla | 1 Firefox | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Mozilla Firefox 2.0.0.2 allows remote attackers to spoof the address bar, favicons, and document source, and perform updates in the context of arbitrary websites, by repeatedly setting document.location in the onunload attribute when linking to another website, a variant of CVE-2007-1092.
|
|||||
| CVE-2008-5231 | 1 Novell | 1 Iprint | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in the ExecuteRequest method in the Novell iPrint ActiveX control in ienipp.ocx in Novell iPrint Client 5.06 and earlier allows remote attackers to execute arbitrary code via a long target-frame option value, a different vulnerability than CVE-2008-2431.
|
|||||
| CVE-2007-6252 | 1 Learn2 | 1 Strunner | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Multiple stack-based buffer overflows in the Learn2 Corporation STRunner (aka Street Technologies) ActiveX control in iestm32.dll allow remote attackers to execute arbitrary code via unspecified vectors.
|
|||||
| CVE-2007-2846 | 2 Avas\!t, Avast\! | 2 Avast\! Antivirus, Avast\! Antivirus | 2025-04-09 | 9.3 HIGH | N/A |
|
Heap-based buffer overflow in the SIS unpacker in avast! Anti-Virus Managed Client before 4.7.700 allows user-assisted remote attackers to execute arbitrary code via a crafted SIS archive, resulting from an "integer cast around."
|
|||||