Total
12268 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-1372 | 1 Bzip | 1 Bzip2 | 2025-04-09 | 4.3 MEDIUM | N/A |
| bzlib.c in bzip2 before 1.0.5 allows user-assisted remote attackers to cause a denial of service (crash) via a crafted file that triggers a buffer over-read, as demonstrated by the PROTOS GENOME test suite for Archive Formats. | |||||
| CVE-2008-2542 | 1 Nasa Ames Research Center | 1 Bigview | 2025-04-09 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in the getline function in Ppm/ppm.C in NASA Ames Research Center BigView 1.8 allows user-assisted remote attackers to execute arbitrary code via a crafted PNM file. | |||||
| CVE-2008-7177 | 1 Nasm | 1 Netwide Assembler | 2025-04-09 | 9.3 HIGH | N/A |
| Buffer overflow in the listing module in Netwide Assembler (NASM) before 2.03.01 has unknown impact and attack vectors, a different vulnerability than CVE-2008-2719. | |||||
| CVE-2006-6133 | 2 Businessobjects, Microsoft | 2 Crystal Reports Xi, Visual Studio .net | 2025-04-09 | 7.6 HIGH | N/A |
| Stack-based buffer overflow in Visual Studio Crystal Reports for Microsoft Visual Studio .NET 2002 and 2002 SP1, .NET 2003 and 2003 SP1, and 2005 and 2005 SP1 (formerly Business Objects Crystal Reports XI Professional) allows user-assisted remote attackers to execute arbitrary code via a crafted RPT file. | |||||
| CVE-2008-2404 | 1 Sun | 1 Java Asp Server | 2025-04-09 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the request handling implementation in Sun Java Active Server Pages (ASP) Server before 4.0.3 allows remote attackers to execute arbitrary code via an unspecified string field. | |||||
| CVE-2009-2685 | 1 Hp | 1 Power Manager | 2025-04-09 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the login form in the management web server in HP Power Manager allows remote attackers to execute arbitrary code via the Login variable. | |||||
| CVE-2008-0778 | 1 Apple | 1 Quicktime | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple stack-based buffer overflows in an ActiveX control in QTPlugin.ocx for Apple QuickTime 7.4.1 and earlier allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long arguments to the (1) SetBgColor, (2) SetHREF, (3) SetMovieName, (4) SetTarget, and (5) SetMatrix methods. | |||||
| CVE-2006-6442 | 1 Aol | 1 Aol Client Software | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the SetClientInfo function in the CDDBControlAOL.CDDBAOLControl ActiveX control (cddbcontrol.dll), as used in America Online (AOL) 7.0 4114.563, 8.0 4129.230, and 9.0 Security Edition 4156.910, and possibly other products, allows remote attackers to execute arbitrary code via a long ClientId argument. | |||||
| CVE-2008-1718 | 2 Autonomy, Ibm | 2 Keyview, Lotus Notes | 2025-04-09 | 9.3 HIGH | N/A |
| Buffer overflow in mimesr.dll in Autonomy (formerly Verity) KeyView, as used in IBM Lotus Notes before 8.0, might allow user-assisted remote attackers to execute arbitrary code via an e-mail message with a crafted Text mail (MIME) attachment. | |||||
| CVE-2008-7166 | 2 Bittorrent, Utorrent | 2 Bittorrent, Utorrent | 2025-04-09 | 5.0 MEDIUM | N/A |
| Buffer overflow in the web interface in BitTorrent 6.0.1 (build 7859) and earlier, and uTorrent 1.7.6 (build 7859) and earlier, allows remote attackers to cause a denial of service (memory consumption and crash) via a crafted Range header. NOTE: this is probably a different vulnerability than CVE-2008-0071 and CVE-2008-0364. | |||||
| CVE-2008-2828 | 1 Tmsnc | 1 Tmsnc | 2025-04-09 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in tmsnc allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an MSN packet with a UBX command containing a large UBX payload length field. | |||||
| CVE-2008-0973 | 1 Double-take Software | 1 Double-take | 2025-04-09 | 7.5 HIGH | N/A |
| Buffer overflow in Double-Take (aka HP StorageWorks Storage Mirroring) 4.5.0.1629, and other 4.5.0.x versions, allows remote attackers to have an unknown impact via a packet with a long string in the username field. | |||||
| CVE-2008-7004 | 1 Elog | 1 Elog | 2025-04-09 | 10.0 HIGH | N/A |
| Buffer overflow in Electronic Logbook (ELOG) before 2.7.1 has unknown impact and attack vectors, possibly related to elog.c. | |||||
| CVE-2008-5664 | 1 Realtek | 1 Realtek Media Player | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Realtek Media Player (aka Realtek Sound Manager, RtlRack, or rtlrack.exe) 1.15.0.0 allows remote attackers to execute arbitrary code via a crafted playlist (PLA) file. | |||||
| CVE-2008-0621 | 1 Sap | 3 Sapgui, Saplpd, Sapsprint | 2025-04-09 | 7.5 HIGH | N/A |
| Buffer overflow in SAPLPD 6.28 and earlier included in SAP GUI 7.10 and SAPSprint before 1018 allows remote attackers to execute arbitrary code via long arguments to the (1) 0x01, (2) 0x02, (3) 0x03, (4) 0x04, and (5) 0x05 LPD commands. | |||||
| CVE-2009-1800 | 1 Chinagames | 1 Igame | 2025-04-09 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the Chinagames CGAgent ActiveX control 1.x in CGAgent.dll, as distributed in Chinagames iGame 2009, allows remote attackers to execute arbitrary code via a long argument to the CreateChinagames method, as exploited in the wild in April and May 2009. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-2304 | 1 Apple | 1 Core Image Fun House | 2025-04-09 | 6.8 MEDIUM | N/A |
| Buffer overflow in Apple Core Image Fun House 2.0 and earlier in CoreImage Examples in Xcode tools before 3.1 allows user-assisted attackers to execute arbitrary code or cause a denial of service (application crash) via a .funhouse file with a string XML element that contains many characters. | |||||
| CVE-2009-2404 | 4 Aol, Gnome, Mozilla and 1 more | 7 Instant Messenger, Evolution, Firefox and 4 more | 2025-04-09 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in a regular-expression parser in Mozilla Network Security Services (NSS) before 3.12.3, as used in Firefox, Thunderbird, SeaMonkey, Evolution, Pidgin, and AOL Instant Messenger (AIM), allows remote SSL servers to cause a denial of service (application crash) or possibly execute arbitrary code via a long domain name in the subject's Common Name (CN) field of an X.509 certificate, related to the cert_TestHostName function. | |||||
| CVE-2007-3340 | 1 Bughunter | 1 Http Server | 2025-04-09 | 7.8 HIGH | N/A |
| BugHunter HTTP SERVER (httpsv.exe) 1.6.2 allows remote attackers to cause a denial of service (application crash) via a large number of requests for nonexistent pages. | |||||
| CVE-2009-4097 | 1 Malsmith | 1 Serenity Audio Player | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the MplayInputFile function in Serenity Audio Player 3.2.3 and earlier allows remote attackers to execute arbitrary code via a long URL in an M3U file. NOTE: some of these details are obtained from third party information. | |||||