Total
13458 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-1577 | 1 Cscope | 1 Cscope | 2025-04-09 | 9.3 HIGH | N/A |
|
Multiple stack-based buffer overflows in the putstring function in find.c in Cscope before 15.6 allow user-assisted remote attackers to execute arbitrary code via a long (1) function name or (2) symbol in a source-code file.
|
|||||
| CVE-2008-5754 | 1 Bpftp | 1 Bulletproof Ftp Client | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in BulletProof FTP Client allows user-assisted attackers to execute arbitrary code via a .bps file (aka Session-File) with a long second line, possibly a related issue to CVE-2008-5753.
|
|||||
| CVE-2008-5408 | 1 Symantec | 1 Backup Exec For Windows Server | 2025-04-09 | 9.0 HIGH | N/A |
|
Buffer overflow in the data management protocol in Symantec Backup Exec for Windows Servers 11.0 (aka 11d) builds 6235 and 7170, 12.0 build 1364, and 12.5 build 2213 allows remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via unknown vectors. NOTE: this can be exploited by unauthenticated remote attackers by leveraging CVE-2008-5407.
|
|||||
| CVE-2007-4792 | 1 Ibm | 1 Aix | 2025-04-09 | 7.2 HIGH | N/A |
|
Buffer overflow in ibstat in devices.common.IBM.ib.rte in IBM AIX 5.3 allows local users to gain privileges via unspecified vectors.
|
|||||
| CVE-2007-1580 | 1 Ftpdmin | 1 Ftpdmin | 2025-04-09 | 6.3 MEDIUM | N/A |
|
FTPDMIN 0.96 allows remote attackers to cause a denial of service (daemon crash) via a LIST command for a Windows drive letter, as demonstrated using "//A:". NOTE: this has been reported as a buffer overflow by some sources, but there is not a long argument.
|
|||||
| CVE-2009-2830 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Multiple buffer overflows in Christos Zoulas file before 5.03 in Apple Mac OS X 10.6.x before 10.6.2 allow user-assisted remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Common Document Format (CDF) file. NOTE: this might overlap CVE-2009-1515.
|
|||||
| CVE-2009-0888 | 1 Adobe | 2 Acrobat, Acrobat Reader | 2025-04-09 | 9.3 HIGH | N/A |
|
Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2009-0510, CVE-2009-0511, CVE-2009-0512, and CVE-2009-0889.
|
|||||
| CVE-2008-0509 | 1 Ibm | 1 Aix | 2025-04-09 | 4.4 MEDIUM | N/A |
|
Multiple buffer overflows in IBM AIX 4.3 allow remote attackers to cause a denial of service (crash) or possibly gain privileges via a long argument to (1) piox25, related to piox25.c; or (2) piox25remote, related to piox25remote.sh.
|
|||||
| CVE-2006-6500 | 3 Canonical, Debian, Mozilla | 5 Ubuntu Linux, Debian Linux, Firefox and 2 more | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Heap-based buffer overflow in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by setting the CSS cursor to certain images that cause an incorrect size calculation when converting to a Windows bitmap.
|
|||||
| CVE-2007-4137 | 6 Conectiva, Gentoo, Mandrakesoft and 3 more | 8 Linux, Linux, Mandrake Linux and 5 more | 2025-04-09 | 7.5 HIGH | N/A |
|
Off-by-one error in the QUtf8Decoder::toUnicode function in Trolltech Qt 3 allows context-dependent attackers to cause a denial of service (crash) via a crafted Unicode string that triggers a heap-based buffer overflow. NOTE: Qt 4 has the same error in the QUtf8Codec::convertToUnicode function, but it is not exploitable.
|
|||||
| CVE-2007-4343 | 1 Irfanview | 1 Irfanview | 2025-04-09 | 5.1 MEDIUM | N/A |
|
Stack-based buffer overflow in IrfanView 3.99 and 4.00 allows user-assisted remote attackers to execute arbitrary code via a crafted palette (.pal) file.
|
|||||
| CVE-2009-1627 | 1 Sdp Multimedia | 1 Streaming Download Project | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in Streaming Download Project (SDP) Downloader 2.3.0 allows remote attackers to execute arbitrary code via a long .asf URL in the HREF attribute of a REF element in a .asx file.
|
|||||
| CVE-2009-0196 | 1 Ghostscript | 1 Ghostscript | 2025-04-09 | 9.3 HIGH | N/A |
|
Heap-based buffer overflow in the big2_decode_symbol_dict function (jbig2_symbol_dict.c) in the JBIG2 decoding library (jbig2dec) in Ghostscript 8.64, and probably earlier versions, allows remote attackers to execute arbitrary code via a PDF file with a JBIG2 symbol dictionary segment with a large run length value.
|
|||||
| CVE-2009-1647 | 1 Ultrafunk | 1 Popcorn | 2025-04-09 | 9.3 HIGH | N/A |
|
Heap-based buffer overflow in popcorn.exe in Ultrafunk Popcorn 1.87 allows remote POP3 servers to cause a denial of service (application crash) via a long string in a +OK response. NOTE: some of these details are obtained from third party information.
|
|||||
| CVE-2009-1372 | 1 Clamav | 1 Clamav | 2025-04-09 | 10.0 HIGH | N/A |
|
Stack-based buffer overflow in the cli_url_canon function in libclamav/phishcheck.c in ClamAV before 0.95.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted URL.
|
|||||
| CVE-2008-1461 | 1 Xnview | 1 Xnview | 2025-04-09 | 7.6 HIGH | N/A |
|
Buffer overflow in XnView 1.92.1 allows user-assisted remote attackers to execute arbitrary code via a long filename argument on the command line. NOTE: it is unclear whether there are common handler configurations in which this argument is controlled by an attacker.
|
|||||
| CVE-2008-4201 | 1 Audiocoding | 1 Faad2 | 2025-04-09 | 9.3 HIGH | N/A |
|
Heap-based buffer overflow in the decodeMP4file function (frontend/main.c) in FAAD2 2.6.1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted MPEG-4 (MP4) file.
|
|||||
| CVE-2008-4402 | 1 Trend Micro | 1 Officescan | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple buffer overflows in CGI modules in the server in Trend Micro OfficeScan 8.0 SP1 before build 2439 and 8.0 SP1 Patch 1 before build 3087 allow remote attackers to execute arbitrary code via unspecified vectors.
|
|||||
| CVE-2008-2426 | 1 Carsten Haitzler | 1 Imlib2 | 2025-04-09 | 9.3 HIGH | N/A |
|
Multiple stack-based buffer overflows in Imlib 2 (aka imlib2) 1.4.0 allow user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via (1) a PNM image with a crafted header, related to the load function in src/modules/loaders/loader_pnm.c; or (2) a crafted XPM image, related to the load function in src/modules/loader_xpm.c.
|
|||||
| CVE-2007-2867 | 1 Mozilla | 3 Firefox, Seamonkey, Thunderbird | 2025-04-09 | 9.3 HIGH | N/A |
|
Multiple vulnerabilities in the layout engine for Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, Thunderbird 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2 allow remote attackers to cause a denial of service (crash) via vectors related to dangling pointers, heap corruption, signed/unsigned, and other issues.
|
|||||
| CVE-2007-4066 | 1 Xiph.org | 1 Libvorbis | 2025-04-09 | 4.3 MEDIUM | N/A |
|
Multiple buffer overflows in Xiph.Org libvorbis before 1.2.0 allow context-dependent attackers to cause a denial of service or have other unspecified impact via a crafted OGG file, aka trac Changesets 13162, 13168, 13169, 13170, 13172, 13211, and 13215, as demonstrated by an overflow in oggenc.exe related to the _psy_noiseguards_8 array.
|
|||||
| CVE-2009-1029 | 1 Poppeeper | 1 Pop Peeper | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in POP Peeper 3.4.0.0 and earlier allows remote POP3 servers to execute arbitrary code via a long Date header, related to Imap.dll.
|
|||||
| CVE-2007-5279 | 1 Conexware | 1 Powerarchiver | 2025-04-09 | 9.3 HIGH | N/A |
|
Heap-based buffer overflow in ConeXware PowerArchiver before 10.20.21 might allow remote attackers to execute arbitrary code via a long filename in a BlackHole archive.
|
|||||
| CVE-2008-6070 | 1 Graphicsmagick | 1 Graphicsmagick | 2025-04-09 | 9.3 HIGH | N/A |
|
Multiple heap-based buffer underflows in the ReadPALMImage function in coders/palm.c in GraphicsMagick before 1.2.3 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted PALM image, a different vulnerability than CVE-2007-0770. NOTE: some of these details are obtained from third party information.
|
|||||
| CVE-2008-6363 | 1 Capilano | 1 Designworks | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in DesignWorks Professional 4.3.1 and 5.0.7 allows remote attackers to execute arbitrary code via a crafted .cct file. NOTE: some of these details are obtained from third party information.
|
|||||
| CVE-2008-4827 | 3 Componentone, Sap, Servantix | 4 Sizerone, Sap Gui, Tabone and 1 more | 2025-04-09 | 9.3 HIGH | N/A |
|
Multiple heap-based buffer overflows in the AddTab method in the (1) Tab and (2) CTab ActiveX controls in c1sizer.ocx and the (3) TabOne ActiveX control in sizerone.ocx in ComponentOne SizerOne 8.0.20081.140, as used in ComponentOne Studio for ActiveX 2008, TSC2 Help Desk 4.1.8, SAP GUI 6.40 Patch 29 and 7.10, and possibly other products, allow remote attackers to execute arbitrary code by adding many tabs, or adding tabs with long tab captions.
|
|||||
| CVE-2009-1071 | 1 Randomsoftware | 1 Icarus | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in Icarus 2.0 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted Portable Game Notation (.pgn) file.
|
|||||
| CVE-2007-4734 | 1 Ots Labs | 1 Otsturntables | 2025-04-09 | 4.3 MEDIUM | N/A |
|
Buffer overflow in Ots Labs OTSTurntables 1.00 allows user-assisted remote attackers to execute arbitrary code via a long file path in an m3u file.
|
|||||
| CVE-2009-2798 | 1 Apple | 1 Quicktime | 2025-04-09 | 9.3 HIGH | N/A |
|
Heap-based buffer overflow in Apple QuickTime before 7.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FlashPix file.
|
|||||
| CVE-2008-1109 | 1 Gnome | 1 Evolution | 2025-04-09 | 9.3 HIGH | N/A |
|
Heap-based buffer overflow in Evolution 2.22.1 allows user-assisted remote attackers to execute arbitrary code via a long DESCRIPTION property in an iCalendar attachment, which is not properly handled during a reply in the calendar view (aka the Calendars window).
|
|||||
| CVE-2009-2632 | 1 Cmu | 1 Cyrus Imap Server | 2025-04-09 | 4.4 MEDIUM | N/A |
|
Buffer overflow in the SIEVE script component (sieve/script.c), as used in cyrus-imapd in Cyrus IMAP Server 2.2.13 and 2.3.14, and Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, allows local users to execute arbitrary code and read or modify arbitrary messages via a crafted SIEVE script, related to the incorrect use of the sizeof operator for determining buffer length, combined with an integer signedness error.
|
|||||
| CVE-2007-6063 | 1 Linux | 1 Linux Kernel | 2025-04-09 | 6.9 MEDIUM | N/A |
|
Buffer overflow in the isdn_net_setcfg function in isdn_net.c in Linux kernel 2.6.23 allows local users to have an unknown impact via a crafted argument to the isdn_ioctl function.
|
|||||
| CVE-2009-1897 | 1 Linux | 1 Linux Kernel | 2025-04-09 | 6.9 MEDIUM | N/A |
|
The tun_chr_poll function in drivers/net/tun.c in the tun subsystem in the Linux kernel 2.6.30 and 2.6.30.1, when the -fno-delete-null-pointer-checks gcc option is omitted, allows local users to gain privileges via vectors involving a NULL pointer dereference and an mmap of /dev/net/tun, a different vulnerability than CVE-2009-1894.
|
|||||
| CVE-2009-0195 | 3 Apple, Foolabs, Glyphandcog | 3 Cups, Xpdf, Xpdfreader | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Heap-based buffer overflow in Xpdf 3.02pl2 and earlier, CUPS 1.3.9, and probably other products, allows remote attackers to execute arbitrary code via a PDF file with crafted JBIG2 symbol dictionary segments.
|
|||||
| CVE-2009-4501 | 1 Zabbix | 1 Zabbix | 2025-04-09 | 5.0 MEDIUM | N/A |
|
The zbx_get_next_field function in libs/zbxcommon/str.c in Zabbix Server before 1.6.8 allows remote attackers to cause a denial of service (crash) via a request that lacks expected separators, which triggers a NULL pointer dereference, as demonstrated using the Command keyword.
|
|||||
| CVE-2007-4795 | 1 Ibm | 1 Aix | 2025-04-09 | 7.2 HIGH | N/A |
|
Buffer overflow in mkpath in bos.rte.methods in IBM AIX 5.2 and 5.3 allows local users to gain privileges via a long ODM name.
|
|||||
| CVE-2008-2240 | 1 Ibm | 1 Lotus Domino | 2025-04-09 | 10.0 HIGH | N/A |
|
Stack-based buffer overflow in the Web Server service in IBM Lotus Domino before 7.0.3 FP1, and 8.x before 8.0.1, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long Accept-Language HTTP header.
|
|||||
| CVE-2007-6228 | 1 Yahoo | 1 Toolbar | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Stack-based buffer overflow in the Helper class in the yt.ythelper.2 ActiveX control in Yahoo! Toolbar 1.4.1 allows remote attackers to cause a denial of service (browser crash) via a long argument to the c method.
|
|||||
| CVE-2009-1439 | 1 Linux | 1 Linux Kernel | 2025-04-09 | 7.8 HIGH | N/A |
|
Buffer overflow in fs/cifs/connect.c in CIFS in the Linux kernel 2.6.29 and earlier allows remote attackers to cause a denial of service (crash) via a long nativeFileSystem field in a Tree Connect response to an SMB mount request.
|
|||||
| CVE-2008-5381 | 1 Ffdshow-tryout | 1 Ffdshow | 2025-04-09 | 9.3 HIGH | N/A |
|
Buffer overflow in the URL processing in ffdshow (aka ffdshow-tryout) before SVN revision 2347 allows remote attackers to execute arbitrary code via a long URL.
|
|||||