Total
12268 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-5864 | 1 Gnu | 1 Gv | 2025-04-09 | 5.1 MEDIUM | N/A |
| Stack-based buffer overflow in the ps_gettext function in ps.c for GNU gv 3.6.2, and possibly earlier versions, allows user-assisted attackers to execute arbitrary code via a PostScript (PS) file with certain headers that contain long comments, as demonstrated using the (1) DocumentMedia, (2) DocumentPaperSizes, and possibly (3) PageMedia and (4) PaperSize headers. NOTE: this issue can be exploited through other products that use gv such as evince. | |||||
| CVE-2007-0009 | 3 Canonical, Debian, Mozilla | 6 Ubuntu Linux, Debian Linux, Firefox and 3 more | 2025-04-09 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, SeaMonkey before 1.0.8, and certain Sun Java System server products before 20070611, allows remote attackers to execute arbitrary code via invalid "Client Master Key" length values. | |||||
| CVE-2008-1922 | 1 Sarg | 1 Squid Analysis Report Generator | 2025-04-09 | 10.0 HIGH | N/A |
| Multiple stack-based buffer overflows in Sarg might allow attackers to execute arbitrary code via unknown vectors, probably a crafted Squid log file. | |||||
| CVE-2007-4759 | 1 Hitachi | 3 Ucosminexus Application Server Enterprise, Ucosminexus Application Server Standard, Ucosminexus Service Platform | 2025-04-09 | 5.0 MEDIUM | N/A |
| Multiple unspecified vulnerabilities in the image-processing APIs in Cosminexus Developer's Kit for Java in Cosminexus 4 through 7 allow remote attackers to cause a denial of service via unspecified vectors. | |||||
| CVE-2008-0532 | 1 Cisco | 3 Acs For Windows, Acs Solution Engine, User Changeable Password | 2025-04-09 | 10.0 HIGH | N/A |
| Multiple buffer overflows in securecgi-bin/CSuserCGI.exe in User-Changeable Password (UCP) before 4.2 in Cisco Secure Access Control Server (ACS) for Windows and ACS Solution Engine allow remote attackers to execute arbitrary code via a long argument located immediately after the Logout argument, and possibly unspecified other vectors. | |||||
| CVE-2008-1472 | 2 Computer Associates, Unicenter | 7 Brightstor Arcserve Backup Laptops Desktops, Desktop Management Suite, Unicenter Dsm R11 List Control Atx and 4 more | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the ListCtrl ActiveX Control (ListCtrl.ocx), as used in multiple CA products including BrightStor ARCserve Backup R11.5, Desktop Management Suite r11.1 through r11.2, and Unicenter products r11.1 through r11.2, allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a long argument to the AddColumn method. | |||||
| CVE-2007-5358 | 1 Digium | 1 Asterisk | 2025-04-09 | 6.8 MEDIUM | N/A |
| Multiple buffer overflows in the voicemail functionality in Asterisk 1.4.x before 1.4.13, when using IMAP storage, might allow (1) remote attackers to execute arbitrary code via a long combination of Content-type and Content-description headers, or (2) local users to execute arbitrary code via a long combination of astspooldir, voicemail context, and voicemail mailbox fields. NOTE: vector 2 requires write access to Asterisk configuration files. | |||||
| CVE-2009-3214 | 1 Photodex | 1 Proshow Gold | 2025-04-09 | 9.3 HIGH | N/A |
| Multiple stack-based buffer overflows in Photodex ProShow Gold 4.0.2549 allow remote attackers to execute arbitrary code via a crafted Slideshow project (.psh) file, related to the (1) cell[n].images[m].image and (2) cell[n].sound.file fields. | |||||
| CVE-2009-4482 | 1 Tversity | 1 Tversity | 2025-04-09 | 10.0 HIGH | N/A |
| Buffer overflow in MediaServer.exe in TVersity 1.6 allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by the vd_tversity module in VulnDisco Pack Professional 8.11. NOTE: as of 20091229, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. | |||||
| CVE-2007-2980 | 1 Lead Technologies | 2 Leadtools Raster Image Sdk, Leadtools Raster Isis Object | 2025-04-09 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in a certain ActiveX control in LEADTOOLS LEAD Raster ISIS Object (LTRIS14e.DLL) 14.5.0.44 allows remote attackers to cause a denial of service (Internet Explorer crash) or execute arbitrary code via a long DriverName property, a different ActiveX control than CVE-2007-2827. | |||||
| CVE-2009-0928 | 1 Adobe | 2 Acrobat, Acrobat Reader | 2025-04-09 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in Adobe Acrobat Reader and Acrobat Professional 7.1.0, 8.1.3, 9.0.0, and other versions allows remote attackers to execute arbitrary code via a PDF file containing a JBIG2 stream with a size inconsistency related to an unspecified table. | |||||
| CVE-2007-0005 | 2 Linux, Omnikey.aaitg | 2 Linux Kernel, Omnikey Cardman 4040 | 2025-04-09 | 6.9 MEDIUM | N/A |
| Multiple buffer overflows in the (1) read and (2) write handlers in the Omnikey CardMan 4040 driver in the Linux kernel before 2.6.21-rc3 allow local users to gain privileges. | |||||
| CVE-2008-6005 | 1 W3c | 1 Amaya Web Browser | 2025-04-09 | 10.0 HIGH | N/A |
| Multiple buffer overflows in the CheckUniqueName function in W3C Amaya Web Browser 10.0.1, and possibly other versions including 11.0.1, might allow remote attackers to execute arbitrary code via "duplicated" attribute value inputs. | |||||
| CVE-2007-2893 | 1 Bochs Project | 1 Bochs | 2025-04-09 | 7.2 HIGH | N/A |
| Heap-based buffer overflow in the bx_ne2k_c::rx_frame function in iodev/ne2k.cc in the emulated NE2000 device in Bochs 2.3 allows local users of the guest operating system to write to arbitrary memory locations and gain privileges on the host operating system via vectors that cause TXCNT register values to exceed the device memory size, aka "RX Frame heap overflow." | |||||
| CVE-2008-3863 | 1 Gnu | 1 Enscript | 2025-04-09 | 7.6 HIGH | N/A |
| Stack-based buffer overflow in the read_special_escape function in src/psgen.c in GNU Enscript 1.6.1 and 1.6.4 beta, when the -e (aka special escapes processing) option is enabled, allows user-assisted remote attackers to execute arbitrary code via a crafted ASCII file, related to the setfilename command. | |||||
| CVE-2009-0199 | 1 Vmware | 4 Ace, Movie Decoder, Player and 1 more | 2025-04-09 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in the VMnc media codec in vmnc.dll in VMware Movie Decoder before 6.5.3 build 185404, VMware Workstation 6.5.x before 6.5.3 build 185404, VMware Player 2.5.x before 2.5.3 build 185404, and VMware ACE 2.5.x before 2.5.3 build 185404 on Windows might allow remote attackers to execute arbitrary code via a video file with crafted dimensions (aka framebuffer parameters). | |||||
| CVE-2008-3576 | 1 Openttd | 1 Openttd | 2025-04-09 | 10.0 HIGH | N/A |
| Buffer overflow in the TruncateString function in src/gfx.cpp in OpenTTD before 0.6.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted string. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-4009 | 1 Powerdns | 1 Recursor | 2025-04-09 | 10.0 HIGH | N/A |
| Buffer overflow in PowerDNS Recursor before 3.1.7.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via crafted packets. | |||||
| CVE-2007-5083 | 1 Broadcom | 1 Brightstor Hierarchical Storage Manager | 2025-04-09 | 10.0 HIGH | N/A |
| Multiple integer overflows in Computer Associates (CA) BrightStor Hierarchical Storage Manager (HSM) before r11.6 allow remote attackers to execute arbitrary code via unspecified CsAgent service commands that trigger a heap-based buffer overflow. | |||||
| CVE-2008-2426 | 1 Carsten Haitzler | 1 Imlib2 | 2025-04-09 | 9.3 HIGH | N/A |
| Multiple stack-based buffer overflows in Imlib 2 (aka imlib2) 1.4.0 allow user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via (1) a PNM image with a crafted header, related to the load function in src/modules/loaders/loader_pnm.c; or (2) a crafted XPM image, related to the load function in src/modules/loader_xpm.c. | |||||