Total
13458 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-2379 | 1 Microsoft | 4 Windows 2000, Windows 2003 Server, Windows Nt and 1 more | 2025-04-03 | 9.3 HIGH | N/A |
|
Buffer overflow in the TCP/IP Protocol driver in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via unknown vectors related to IP source routing.
|
|||||
| CVE-2006-4262 | 1 Cscope | 1 Cscope | 2025-04-03 | 5.1 MEDIUM | N/A |
|
Multiple buffer overflows in cscope 15.5 and earlier allow user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via multiple vectors including (1) a long pathname that is not properly handled during file list parsing, (2) long pathnames that result from path variable expansion such as tilde expansion for the HOME environment variable, and (3) a long -f (aka reffile) command line argument.
|
|||||
| CVE-2006-2399 | 1 Outgun | 1 Outgun | 2025-04-03 | 7.5 HIGH | N/A |
|
Stack-based buffer overflow in the ServerNetworking::incoming_client_data function in servnet.cpp in Outgun 1.0.3 bot 2 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a data_file_request command with a long (1) type or (2) name string.
|
|||||
| CVE-2006-0710 | 1 Isode | 1 M-vault Server | 2025-04-03 | 7.5 HIGH | N/A |
|
Double free vulnerability in isode.eddy in Isode M-Vault Server 11.3 allows remote attackers to execute arbitrary code via a crafted LDAP request, as demonstrated by ProtoVer Sample LDAP.
|
|||||
| CVE-2006-0031 | 1 Microsoft | 1 Office | 2025-04-03 | 5.1 MEDIUM | N/A |
|
Stack-based buffer overflow in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed record with a modified length value, which leads to memory corruption.
|
|||||
| CVE-2002-2385 | 1 Hotfoon Corporation | 1 Hotfoon | 2025-04-03 | 7.5 HIGH | N/A |
|
Buffer overflow in hotfoon4.exe in Hotfoon 4.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a URL containing a long voice phone number.
|
|||||
| CVE-2006-0301 | 1 Xpdf | 1 Xpdf | 2025-04-03 | 7.5 HIGH | N/A |
|
Heap-based buffer overflow in Splash.cc in xpdf, as used in other products such as (1) poppler, (2) kdegraphics, (3) gpdf, (4) pdfkit.framework, and others, allows attackers to cause a denial of service and possibly execute arbitrary code via crafted splash images that produce certain values that exceed the width or height of the associated bitmap.
|
|||||
| CVE-2006-1060 | 1 Xzgv | 1 Xzgv | 2025-04-03 | 7.5 HIGH | N/A |
|
Heap-based buffer overflow in zgv before 5.8 and xzgv before 0.8 might allow user-assisted attackers to execute arbitrary code via a JPEG image with more than 3 output components, such as a CMYK or YCCK color space, which causes less memory to be allocated than required.
|
|||||
| CVE-2005-2856 | 1 Winace | 1 Winace | 2025-04-03 | 7.5 HIGH | N/A |
|
Stack-based buffer overflow in the WinACE UNACEV2.DLL third-party compression utility before 2.6.0.0, as used in multiple products including (1) ALZip 5.51 through 6.11, (2) Servant Salamander 2.0 and 2.5 Beta 1, (3) WinHKI 1.66 and 1.67, (4) ExtractNow 3.x, (5) Total Commander 6.53, (6) Anti-Trojan 5.5.421, (7) PowerArchiver before 9.61, (8) UltimateZip 2.7,1, 3.0.3, and 3.1b, (9) Where Is It (WhereIsIt) 3.73.501, (10) FilZip 3.04, (11) IZArc 3.5 beta3, (12) Eazel 1.0, (13) Rising Antivirus 18. ...
Show More |
|||||
| CVE-2003-1382 | 1 Instantservers Inc. | 1 Ismail | 2025-04-03 | 7.5 HIGH | N/A |
|
Buffer overflow in ISMail 1.4.3 and earlier allow remote attackers to execute arbitrary code via long domain names in (1) MAIL FROM or (2) RCPT TO fields.
|
|||||
| CVE-2005-4863 | 1 Ibm | 1 Db2 Universal Database | 2025-04-03 | 7.2 HIGH | N/A |
|
Stack-based buffer overflow in db2fmp in IBM DB2 7.x and 8.1 allows local users to execute arbitrary code via a long parameter.
|
|||||
| CVE-2002-2268 | 1 Netdave | 1 Webster Http Server | 2025-04-03 | 9.4 HIGH | N/A |
|
Buffer overflow in Webster HTTP Server allows remote attackers to execute arbitrary code via a long URL.
|
|||||
| CVE-2006-2408 | 1 Raydium | 1 Raydium | 2025-04-03 | 7.5 HIGH | N/A |
|
Multiple buffer overflows in Raydium before SVN revision 310 allow remote attackers to execute arbitrary code via a large packet when logged via (1) the raydium_log function in log.c or (2) the raydium_console_line_add function in console.c, possibly from a long player name.
|
|||||
| CVE-2005-2127 | 2 Ati, Microsoft | 6 Catalyst Driver, .net Framework, Office and 3 more | 2025-04-03 | 7.5 HIGH | N/A |
|
Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not intended for use within Internet Explorer, as originally demonstrated using the (1) DDS Library Shape Control (Msdds.dll) COM object, and other objects including (2) Blnmgrps.dll, (3) Ciodm.dll, (4) Comsvcs.dll, (5) Danim.dll, (6) Htmlmarq.ocx, (7) Mdt2dd.dll (a ...
Show More |
|||||
| CVE-2005-3658 | 1 Emc | 1 Legato Networker | 2025-04-03 | 7.5 HIGH | N/A |
|
Multiple heap-based buffer overflows in EMC Legato NetWorker 7.1.x before 7.1.4 and 7.2.x before 7.2.1.Build.314, and other products such as Sun Solstice Backup (SBU) 6.0 and 6.1 and StorEdge Enterprise Backup Software (EBS) 7.1 through 7.2L, allow remote attackers to execute arbitrary code or cause a denial of service (unresponsive application) via malformed RPC packets to (1) RPC program number 390109 (nsrd.exe) and (2) RPC program number 390113 (nsrexecd.exe).
|
|||||
| CVE-2005-4867 | 1 Ibm | 1 Db2 Universal Database | 2025-04-03 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in the SATENCRYPT function in IBM DB2 8.1, when Satellite Administration (SATADMIN) is enabled, allows remote attackers to execute arbitrary code via a long parameter.
|
|||||
| CVE-2005-3185 | 3 Curl, Libcurl, Wget | 3 Curl, Libcurl, Wget | 2025-04-03 | 7.5 HIGH | N/A |
|
Stack-based buffer overflow in the ntlm_output function in http-ntlm.c for (1) wget 1.10, (2) curl 7.13.2, and (3) libcurl 7.13.2, and other products that use libcurl, when NTLM authentication is enabled, allows remote servers to execute arbitrary code via a long NTLM username.
|
|||||
| CVE-2005-1812 | 1 Futuresoft | 1 Tftp Server 2000 | 2025-04-03 | 10.0 HIGH | N/A |
|
Multiple stack-based buffer overflows in FutureSoft TFTP Server Evaluation Version 1.0.0.1 allow remote attackers to execute arbitrary code via a long (1) filename or (2) transfer mode string in a Read Request (RRQ) or Write Request (WRQ) packet.
|
|||||
| CVE-2006-0813 | 1 Winace | 1 Winace | 2025-04-03 | 5.1 MEDIUM | N/A |
|
Heap-based buffer overflow in WinACE 2.60 allows user-assisted attackers to execute arbitrary code via a large header block in an ARJ archive.
|
|||||
| CVE-2006-1902 | 1 Gnu | 1 Gcc | 2025-04-03 | 2.1 LOW | N/A |
|
fold_binary in fold-const.c in GNU Compiler Collection (gcc) 4.1 improperly handles pointer overflow when folding a certain expr comparison to a corresponding offset comparison in cases other than EQ_EXPR and NE_EXPR, which might introduce buffer overflow vulnerabilities into applications that could be exploited by context-dependent attackers.NOTE: the vendor states that the essence of the issue is "not correctly interpreting an offset to a pointer as a signed value."
|
|||||
| CVE-2003-1397 | 1 Opera | 1 Opera Browser | 2025-04-03 | 4.3 MEDIUM | N/A |
|
The PluginContext object of Opera 6.05 and 7.0 allows remote attackers to cause a denial of service (crash) via an HTTP request containing a long string that gets passed to the ShowDocument method.
|
|||||
| CVE-2005-1462 | 1 Ethereal Group | 1 Ethereal | 2025-04-03 | 7.5 HIGH | N/A |
|
Double free vulnerability in the ICEP dissector in Ethereal before 0.10.11 may allow remote attackers to execute arbitrary code.
|
|||||
| CVE-1999-0874 | 1 Microsoft | 3 Internet Information Server, Windows 2000, Windows Nt | 2025-04-03 | 10.0 HIGH | N/A |
|
Buffer overflow in IIS 4.0 allows remote attackers to cause a denial of service via a malformed request for files with .HTR, .IDC, or .STM extensions.
|
|||||
| CVE-2005-2340 | 1 Apple | 1 Quicktime | 2025-04-03 | 7.5 HIGH | N/A |
|
Heap-based buffer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via a crafted (1) QuickTime Image File (QTIF), (2) PICT, or (3) JPEG format image with a long data field.
|
|||||
| CVE-2003-1368 | 1 Electrasoft | 1 Ftp Client | 2025-04-03 | 6.4 MEDIUM | N/A |
|
Buffer overflow in the 32bit FTP client 9.49.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long FTP server banner.
|
|||||
| CVE-2006-1469 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 7.5 HIGH | N/A |
|
Stack-based buffer overflow in ImageIO in Apple Mac OS X 10.4 up to 10.4.6 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image.
|
|||||
| CVE-2005-4268 | 1 Gnu | 1 Cpio | 2025-04-03 | 3.7 LOW | N/A |
|
Buffer overflow in cpio 2.6-8.FC4 on 64-bit platforms, when creating a cpio archive, allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a file whose size is represented by more than 8 digits.
|
|||||
| CVE-2002-2253 | 1 Cyrus | 1 Libsieve | 2025-04-03 | 10.0 HIGH | N/A |
|
Multiple buffer overflows in Cyrus Sieve / libSieve 2.1.2 and earlier allow remote attackers to execute arbitrary code via (1) a long header name, (2) a long IMAP flag, or (3) a script that generates a large number of errors that overflow the resulting error string.
|
|||||
| CVE-2005-1123 | 1 Monkey-project | 1 Monkey | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Monkey daemon (monkeyd) before 0.9.1 allows remote attackers to cause a denial of service (memory corruption) via a request for a zero byte file.
|
|||||
| CVE-2003-1477 | 2 Clearswift, Microsoft | 2 Mailsweeper For Smtp, All Windows | 2025-04-03 | 7.8 HIGH | N/A |
|
MAILsweeper for SMTP 4.3.6 and 4.3.7 allows remote attackers to cause a denial of service (CPU consumption) via a PowerPoint attachment that either (1) is corrupt or (2) contains "embedded objects."
|
|||||
| CVE-2004-1114 | 1 Skype Technologies | 1 Skype | 2025-04-03 | 9.3 HIGH | N/A |
|
Buffer overflow in the handling of command line arguments in Skype 1.0.x.94 through 1.0.x.98 allows remote attackers to execute arbitrary code via a callto:// URL with a long non-existent username, a different vulnerability than CVE-2004-1777.
|
|||||
| CVE-2006-1985 | 1 Apple | 3 Mac Os X, Mac Os X Server, Safari | 2025-04-03 | 5.1 MEDIUM | N/A |
|
Heap-based buffer overflow in BOM BOMArchiveHelper 10.4 (6.3) Build 312, as used in Mac OS X 10.4.6 and earlier, allows user-assisted attackers to execute arbitrary code via a crafted archive (such as ZIP) that contains long path names, which triggers an error in the BOMStackPop function.
|
|||||
| CVE-2006-0179 | 1 Cisco | 1 Ip Phone 7940 | 2025-04-03 | 5.0 MEDIUM | N/A |
|
The Cisco IP Phone 7940 allows remote attackers to cause a denial of service (reboot) via a large amount of TCP SYN packets (syn flood) to arbitrary ports, as demonstrated to port 80.
|
|||||
| CVE-2005-3713 | 1 Apple | 1 Quicktime | 2025-04-03 | 7.5 HIGH | N/A |
|
Heap-based buffer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via a GIF image file with a crafted Netscape Navigator Application Extension Block that modifies the heap in the Picture Modifier block.
|
|||||
| CVE-2006-0097 | 1 Php | 1 Php | 2025-04-03 | 7.5 HIGH | N/A |
|
Stack-based buffer overflow in the create_named_pipe function in libmysql.c in PHP 4.3.10 and 4.4.x before 4.4.3 for Windows allows attackers to execute arbitrary code via a long (1) arg_host or (2) arg_unix_socket argument, as demonstrated by a long named pipe variable in the host argument to the mysql_connect function.
|
|||||
| CVE-2002-2404 | 1 Curtis Specialty Consulting | 1 Iispop | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Buffer overflow in IISPop email server 1.161 and 1.181 allows remote attackers to cause a denial of service (crash) via a long request to the POP3 port (TCP port 110).
|
|||||
| CVE-2003-1514 | 1 Emule | 1 Emule | 2025-04-03 | 7.8 HIGH | N/A |
|
eMule 0.29c allows remote attackers to cause a denial of service (crash) via a long password, possibly due to a buffer overflow.
|
|||||
| CVE-2005-4872 | 1 Pcre | 1 Pcre | 2025-04-03 | 4.3 MEDIUM | N/A |
|
Perl-Compatible Regular Expression (PCRE) library before 6.2 does not properly count the number of named capturing subpatterns, which allows context-dependent attackers to cause a denial of service (crash) via a regular expression with a large number of named subpatterns, which triggers a buffer overflow. NOTE: this issue was originally subsumed by CVE-2006-7224, but that CVE has been REJECTED and split.
|
|||||
| CVE-2004-1371 | 1 Oracle | 10 Application Server, Collaboration Suite, Database Server and 7 more | 2025-04-03 | 9.0 HIGH | N/A |
|
Stack-based buffer overflow in Oracle 9i and 10g allows remote attackers to execute arbitrary code via a long token in the text of a wrapped procedure.
|
|||||
| CVE-2005-3653 | 2 Broadcom, Ca | 34 Brightstor Arcserve Backup, Brightstor Arcserve Backup Laptops Desktops, Brightstor Portal and 31 more | 2025-04-03 | 10.0 HIGH | N/A |
|
Heap-based buffer overflow in the iGateway service for various Computer Associates (CA) iTechnology products, in iTechnology iGateway before 4.0.051230, allows remote attackers to execute arbitrary code via an HTTP request with a negative Content-Length field.
|
|||||