Total
13458 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-3832 | 1 Speedproject | 2 Speedcommander, Squeez | 2025-04-03 | 5.1 MEDIUM | N/A |
|
Stack-based buffer overflow in (1) CxUux60.dll and (2) CxUux60u.dll, as used in SpeedProject products including (a) Squeez 5.0 Build 4285, and (b) SpeedCommander 11.0 Build 4430 and 10.51 Build 4430, allows user-assisted attackers to execute arbitrary code via a ZIP archive containing a long filename.
|
|||||
| CVE-2006-0481 | 1 Greg Roelofs | 1 Libpng | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Heap-based buffer overflow in the alpha strip capability in libpng 1.2.7 allows context-dependent attackers to cause a denial of service (crash) when the png_do_strip_filler function is used to strip alpha channels out of the image.
|
|||||
| CVE-2006-3462 | 1 Libtiff | 1 Libtiff | 2025-04-03 | 7.5 HIGH | N/A |
|
Heap-based buffer overflow in the NeXT RLE decoder in the TIFF library (libtiff) before 3.8.2 might allow context-dependent attackers to execute arbitrary code via unknown vectors involving decoding large RLE images.
|
|||||
| CVE-2005-4048 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-03 | 7.5 HIGH | N/A |
|
Heap-based buffer overflow in the avcodec_default_get_buffer function (utils.c) in FFmpeg libavcodec 0.4.9-pre1 and earlier, as used in products such as (1) mplayer, (2) xine-lib, (3) Xmovie, and (4) GStreamer, allows remote attackers to execute arbitrary commands via small PNG images with palettes.
|
|||||
| CVE-2005-2341 | 1 Rim | 2 Blackberry Attachment Service, Blackberry Enterprise Server | 2025-04-03 | 7.5 HIGH | N/A |
|
Heap-based buffer overflow in Research in Motion (RIM) BlackBerry Attachment Service allows remote attackers to cause a denial of service (hang) via an e-mail attachment with a crafted TIFF file.
|
|||||
| CVE-2006-3838 | 1 Eiqnetworks | 1 Enterprise Security Analyzer | 2025-04-03 | 10.0 HIGH | N/A |
|
Multiple stack-based buffer overflows in eIQnetworks Enterprise Security Analyzer (ESA) before 2.5.0, as used in products including (a) Sidewinder, (b) iPolicy Security Manager, (c) Astaro Report Manager, (d) Fortinet FortiReporter, (e) Top Layer Network Security Analyzer, and possibly other products, allow remote attackers to execute arbitrary code via long (1) DELTAINTERVAL, (2) LOGFOLDER, (3) DELETELOGS, (4) FWASERVER, (5) SYSLOGPUBLICIP, (6) GETFWAIMPORTLOG, (7) GETFWADELTA, (8) DELETERDEPDE ...
Show More |
|||||
| CVE-2006-0021 | 1 Microsoft | 2 Windows 2003 Server, Windows Xp | 2025-04-03 | 7.8 HIGH | N/A |
|
Microsoft Windows XP SP1 and SP2, and Server 2003 up to SP1, allows remote attackers to cause a denial of service (hang) via an IGMP packet with an invalid IP option, aka the "IGMP v3 DoS Vulnerability."
|
|||||
| CVE-2006-2108 | 1 Oce North America | 2 3121 Printer, 3122 Printer | 2025-04-03 | 7.8 HIGH | N/A |
|
parser.exe in Océ (OCE) 3121/3122 Printer allows remote attackers to cause a denial of service (crash or reboot) via a long request, possibly triggering a buffer overflow.
|
|||||
| CVE-2005-4864 | 1 Ibm | 1 Db2 Universal Database | 2025-04-03 | 7.2 HIGH | N/A |
|
Stack-based buffer overflow in libdb2.so in IBM DB2 7.x and 8.1 allows local users to execute arbitrary code via a long DB2LPORT environment variable.
|
|||||
| CVE-2006-2200 | 2 Mimms, Xine | 2 Mimms, Xine-lib | 2025-04-03 | 5.1 MEDIUM | N/A |
|
Stack-based buffer overflow in libmms, as used by (a) MiMMS 0.0.9 and (b) xine-lib 1.1.0 and earlier, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via the (1) send_command, (2) string_utf16, (3) get_data, and (4) get_media_packet functions, and possibly other functions.
|
|||||
| CVE-2006-2238 | 1 Apple | 1 Quicktime | 2025-04-03 | 7.5 HIGH | N/A |
|
Heap-based buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a crafted BMP file that triggers the overflow in the ReadBMP function. NOTE: this issue was originally included as item 3 in CVE-2006-1983, but it has been given a separate identifier because it is a distinct issue.
|
|||||
| CVE-2006-3401 | 1 Id Software | 1 Quake 3 Engine | 2025-04-03 | 7.5 HIGH | N/A |
|
Stack-based buffer overflow in Quake 3 Engine as used by Quake 3: Arena 1.32b and 1.32c allows remote attackers to cause a denial of service and possibly execute code via long CS_ITEMS values.
|
|||||
| CVE-2004-0123 | 1 Microsoft | 7 Windows 2000, Windows 2003 Server, Windows 98 and 4 more | 2025-04-03 | 7.5 HIGH | N/A |
|
Double free vulnerability in the ASN.1 library as used in Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service and possibly execute arbitrary code.
|
|||||
| CVE-2005-3485 | 1 Glider | 1 Collectn Kill | 2025-04-03 | 7.5 HIGH | N/A |
|
Buffer overflow in Glider Collect'n kill 1.0.0.0 allows remote attackers to execute arbitrary code via a gl_playerEnter command with a long player name.
|
|||||
| CVE-1999-0069 | 1 Sun | 1 Sunos | 2025-04-03 | 7.2 HIGH | 8.4 HIGH |
|
Solaris ufsrestore buffer overflow.
|
|||||
| CVE-2003-1464 | 1 Siemens | 2 M45, S45 | 2025-04-03 | 7.8 HIGH | N/A |
|
Buffer overflow in Siemens 45 series mobile phones allows remote attackers to cause a denial of service (disconnect and unavailable inbox) via a Short Message Service (SMS) message with a long image name.
|
|||||
| CVE-2005-3354 | 1 Sylpheed | 1 Sylpheed | 2025-04-03 | 5.1 MEDIUM | N/A |
|
Stack-based buffer overflow in the ldif_get_line function in ldif.c of Sylpheed before 2.1.6 allows user-assisted attackers to execute arbitrary code by having local users import LDIF files with long lines.
|
|||||
| CVE-2004-2728 | 1 Hummingbird | 1 Connectivity | 2025-04-03 | 3.5 LOW | N/A |
|
Buffer overflow in the FTP server of Hummingbird Connectivity 7.1 and 9.0 allows remote, authenticated users to cause a denial of service (application crash) via a long argument to the XCWD command.
|
|||||
| CVE-2005-3314 | 1 Novell | 1 Netmail | 2025-04-03 | 7.5 HIGH | N/A |
|
Stack-based buffer overflow in the IMAP daemon in Novell Netmail 3.5.2 allows remote attackers to execute arbitrary code via "long verb arguments."
|
|||||
| CVE-2004-0368 | 3 Ibm, Open Group, Xi Graphics | 3 Aix, Cde Common Desktop Environment, Dextop | 2025-04-03 | 10.0 HIGH | N/A |
|
Double free vulnerability in dtlogin in CDE on Solaris, HP-UX, and other operating systems allows remote attackers to execute arbitrary code via a crafted XDMCP packet.
|
|||||
| CVE-2005-0504 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Buffer overflow in the MoxaDriverIoctl function for the moxa serial driver (moxa.c) in Linux 2.2.x, 2.4.x, and 2.6.x before 2.6.22 allows local users to execute arbitrary code via a certain modified length value.
|
|||||
| CVE-2003-1508 | 1 Mirc | 1 Mirc | 2025-04-03 | 4.3 MEDIUM | N/A |
|
Buffer overflow in mIRC 6.12, when the DCC get dialog window has been minimized and the user opens the minimized window, allows remote attackers to cause a denial of service (crash) via a long filename.
|
|||||
| CVE-2005-3192 | 1 Xpdf | 1 Xpdf | 2025-04-03 | 7.5 HIGH | N/A |
|
Heap-based buffer overflow in the StreamPredictor function in Xpdf 3.01, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, and (4) pdftohtml, (5) KOffice KWord, (6) CUPS, and (7) libextractor allows remote attackers to execute arbitrary code via a PDF file with an out-of-range numComps (number of components) field.
|
|||||
| CVE-2003-1407 | 1 Microsoft | 1 Windows Nt | 2025-04-03 | 7.2 HIGH | N/A |
|
Buffer overflow in cmd.exe in Windows NT 4.0 may allow local users to execute arbitrary code via a long pathname argument to the cd command.
|
|||||
| CVE-2005-4267 | 1 Qualcomm | 1 Worldmail | 2025-04-03 | 7.5 HIGH | N/A |
|
Stack-based buffer overflow in Qualcomm WorldMail 3.0 allows remote attackers to execute arbitrary code via a long IMAP command that ends with a "}" character, as demonstrated using long (1) LIST, (2) LSUB, (3) SEARCH TEXT, (4) STATUS INBOX, (5) AUTHENTICATE, (6) FETCH, (7) SELECT, and (8) COPY commands.
|
|||||
| CVE-2004-0836 | 2 Debian, Oracle | 2 Debian Linux, Mysql | 2025-04-03 | 10.0 HIGH | N/A |
|
Buffer overflow in the mysql_real_connect function in MySQL 4.x before 4.0.21, and 3.x before 3.23.49, allows remote DNS servers to cause a denial of service and possibly execute arbitrary code via a DNS response with a large address length (h_length).
|
|||||
| CVE-2006-3632 | 1 Ethereal Group | 1 Ethereal | 2025-04-03 | 10.0 HIGH | N/A |
|
Buffer overflow in Wireshark (aka Ethereal) 0.8.16 to 0.99.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the NFS dissector.
|
|||||
| CVE-2001-0629 | 1 Hp | 1 Openview Network Node Manager | 2025-04-03 | 10.0 HIGH | N/A |
|
HP Event Correlation Service (ecsd) as included with OpenView Network Node Manager 6.1 allows a remote attacker to gain addition privileges via a buffer overflow attack in the '-restore_config' command line parameter.
|
|||||
| CVE-2006-1337 | 1 Mailenable | 1 Mailenable | 2025-04-03 | 7.5 HIGH | N/A |
|
Buffer overflow in the POP 3 (POP3) service in MailEnable Standard Edition before 1.93, Professional Edition before 1.73, and Enterprise Edition before 1.21 allows remote attackers to execute arbitrary code via unknown vectors before authentication.
|
|||||
| CVE-2006-2297 | 1 Microsoft | 1 Infotech Storage System Library | 2025-04-03 | 4.0 MEDIUM | N/A |
|
Heap-based buffer overflow in Microsoft Infotech Storage System Library (itss.dll) allows user-assisted attackers to execute arbitrary code via a crafted CHM / ITS file that triggers the overflow while decompiling.
|
|||||
| CVE-2005-4865 | 1 Ibm | 1 Db2 Universal Database | 2025-04-03 | 10.0 HIGH | N/A |
|
Stack-based buffer overflow in call in IBM DB2 7.x and 8.1 allows remote attackers to execute arbitrary code via a long libname.
|
|||||
| CVE-2006-2026 | 1 Libtiff | 1 Libtiff | 2025-04-03 | 6.5 MEDIUM | N/A |
|
Double free vulnerability in tif_jpeg.c in libtiff before 3.8.1 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image that triggers errors related to "setfield/getfield methods in cleanup functions."
|
|||||
| CVE-1999-0876 | 1 Microsoft | 2 Ie, Internet Explorer | 2025-04-03 | 10.0 HIGH | N/A |
|
Buffer overflow in Internet Explorer 4.0 via EMBED tag.
|
|||||
| CVE-2006-3460 | 1 Libtiff | 1 Libtiff | 2025-04-03 | 7.5 HIGH | N/A |
|
Heap-based buffer overflow in the JPEG decoder in the TIFF library (libtiff) before 3.8.2 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via an encoded JPEG stream that is longer than the scan line size (TiffScanLineSize).
|
|||||
| CVE-2005-3831 | 1 Speedproject | 3 Speedcommander, Squeez, Zipstar | 2025-04-03 | 5.1 MEDIUM | N/A |
|
Stack-based buffer overflow in (1) CxZIP60.dll and (2) CxZIP60u.dll, as used in SpeedProject products including (a) ZipStar 5.0 Build 4285, (b) Squeez 5.0 Build 4285, and (c) SpeedCommander 11.0 Build 4430 and 10.51 Build 4430, allows user-assisted attackers to execute arbitrary code via a ZIP archive containing a long filename.
|
|||||
| CVE-2005-3640 | 1 Floosietek | 1 Ftgate | 2025-04-03 | 10.0 HIGH | N/A |
|
Multiple buffer overflows in the IMAP Groupware Mail server of Floosietek FTGate (FTGate4) 4.1 allow remote attackers to execute arbitrary code via long arguments to various IMAP commands, as demonstrated with the EXAMINE command.
|
|||||
| CVE-2005-4866 | 1 Ibm | 1 Db2 Universal Database | 2025-04-03 | 6.8 MEDIUM | N/A |
|
Stack-based buffer overflow in JDBC Applet Server in IBM DB2 8.1 allows remote attackers to execute arbitrary by connecting and sending a long username, then disconnecting gracefully and reconnecting and sending a short username and an unexpected db2java.zip version, which causes a null terminator to be removed and leads to the overflow.
|
|||||
| CVE-2005-4092 | 1 Apple | 2 Itunes, Quicktime | 2025-04-03 | 7.5 HIGH | N/A |
|
Multiple heap-based buffer overflows in QuickTime.qts in Apple QuickTime Player 7.0.3 and iTunes 6.0.1 (3) and earlier allow remote attackers to cause a denial of service (crash) and execute arbitrary code via a .mov file with (1) a Movie Resource atom with a large size value, or (2) an stsd atom with a modified Sample Description Table size value, and possibly other vectors involving media files. NOTE: item 1 was originally identified by CVE-2005-4127 for a pre-patch announcement, and item 2 w ...
Show More |
|||||
| CVE-2003-0096 | 1 Oracle | 3 Database Server, Oracle8i, Oracle9i | 2025-04-03 | 9.0 HIGH | N/A |
|
Multiple buffer overflows in Oracle 9i Database release 2, Release 1, 8i, 8.1.7, and 8.0.6 allow remote attackers to execute arbitrary code via (1) a long conversion string argument to the TO_TIMESTAMP_TZ function, (2) a long time zone argument to the TZ_OFFSET function, or (3) a long DIRECTORY parameter to the BFILENAME function.
|
|||||
| CVE-2003-1557 | 1 Spamassassin | 1 Spamassassin | 2025-04-03 | 7.6 HIGH | N/A |
|
Off-by-one buffer overflow in spamc of SpamAssassin 2.40 through 2.43, when using BSMTP mode ("-B"), allows remote attackers to execute arbitrary code via email containing headers with leading "." characters.
|
|||||