Total
12268 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-3360 | 1 Intellitamper | 1 Intellitamper | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the HTML parser in IntelliTamper 2.0.7 allows remote attackers to execute arbitrary code via a long URL in the HREF attribute of an A element, a different vulnerability than CVE-2006-2494. | |||||
| CVE-2008-0003 | 2 Openpegasus, Redhat | 3 Management Server, Enterprise Linux, Enterprise Linux Desktop | 2025-04-09 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the PAMBasicAuthenticator::PAMCallback function in OpenPegasus CIM management server (tog-pegasus), when compiled to use PAM and without PEGASUS_USE_PAM_STANDALONE_PROC defined, might allow remote attackers to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2007-5360. | |||||
| CVE-2009-1372 | 1 Clamav | 1 Clamav | 2025-04-09 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the cli_url_canon function in libclamav/phishcheck.c in ClamAV before 0.95.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted URL. | |||||
| CVE-2007-1087 | 1 Ibm | 1 Db2 | 2025-04-09 | 7.2 HIGH | N/A |
| IBM DB2 8.x before 8.1 FixPak 15 and 9.1 before Fix Pack 2 does not properly terminate certain input strings, which allows local users to execute arbitrary code via unspecified environment variables that trigger a heap-based buffer overflow. | |||||
| CVE-2007-4731 | 1 Trend Micro | 1 Serverprotect | 2025-04-09 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the TMregChange function in TMReg.dll in Trend Micro ServerProtect before 5.58 Security Patch 4 allows remote attackers to execute arbitrary code via a crafted packet to TCP port 5005. | |||||
| CVE-2008-5281 | 1 South River Technologies | 1 Titan Ftp Server | 2025-04-09 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in Titan FTP Server 6.05 build 550 allows remote attackers to execute arbitrary code via a long DELE command. | |||||
| CVE-2007-1709 | 1 Php | 1 Php | 2025-04-09 | 4.3 MEDIUM | N/A |
| Buffer overflow in the confirm_phpdoc_compiled function in the phpDOC extension (PECL phpDOC) in PHP 5.2.1 allows context-dependent attackers to execute arbitrary code via a long argument string. | |||||
| CVE-2008-2080 | 1 Nasa Goddard Space Flight Center | 1 Common Data Format | 2025-04-09 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the Read32s_64 function in src/lib/cdfread64.c in the NASA Goddard Space Flight Center Common Data Format (CDF) library before 3.2.1 allows context-dependent attackers to execute arbitrary code via a .cdf file with crafted length tags. | |||||
| CVE-2007-5094 | 1 Ipswitch | 1 Imail | 2025-04-09 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in iaspam.dll in the SMTP Server in Ipswitch IMail Server 8.01 through 8.11 allows remote attackers to execute arbitrary code via a set of four different e-mail messages with a long boundary parameter in a certain malformed Content-Type header line, the string "MIME" by itself on a line in the header, and a long Content-Transfer-Encoding header line. | |||||
| CVE-2009-4240 | 1 Ibm | 1 Infosphere Information Server | 2025-04-09 | 10.0 HIGH | N/A |
| Multiple buffer overflows in unspecified setuid executables in the DataStage subsystem in IBM InfoSphere Information Server 8.1 before FP1 have unknown impact and attack vectors. | |||||
| CVE-2009-2957 | 1 Thekelleys | 1 Dnsmasq | 2025-04-09 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in the tftp_request function in tftp.c in dnsmasq before 2.50, when --enable-tftp is used, might allow remote attackers to execute arbitrary code via a long filename in a TFTP packet, as demonstrated by a read (aka RRQ) request. | |||||
| CVE-2009-3428 | 1 Otbcode | 1 Easy Music Player | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Easy Music Player 1.0.0.2 allows remote attackers to execute arbitrary code via a crafted .wav file. | |||||
| CVE-2009-0954 | 1 Apple | 1 Quicktime | 2025-04-09 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in Apple QuickTime before 7.6.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a movie file containing crafted Clipping Region (CRGN) atom types. | |||||
| CVE-2007-0243 | 1 Sun | 3 Jdk, Jre, Sdk | 2025-04-09 | 6.8 MEDIUM | N/A |
| Buffer overflow in Sun JDK and Java Runtime Environment (JRE) 5.0 Update 9 and earlier, SDK and JRE 1.4.2_12 and earlier, and SDK and JRE 1.3.1_18 and earlier allows applets to gain privileges via a GIF image with a block with a 0 width field, which triggers memory corruption. | |||||
| CVE-2009-2362 | 1 Yukudr | 1 Audioplus | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in KUDRSOFT AudioPLUS 2.0.0.215 allows remote attackers to execute arbitrary code via a long string in a (1) .lst or (2) .m3u playlist file. | |||||
| CVE-2007-5655 | 1 Tibco | 4 Ems Server, Enterprise Message Service, Rtworks and 1 more | 2025-04-09 | 10.0 HIGH | N/A |
| TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing values that are used as pointers. | |||||
| CVE-2009-4309 | 1 Microsoft | 4 Windows 2000, Windows 2003 Server, Windows Media Player and 1 more | 2025-04-09 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in the Intel Indeo41 codec for Windows Media Player in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via a large size value in a movi record in an IV41 stream in a media file, as demonstrated by an AVI file. | |||||
| CVE-2008-3916 | 1 Gnu | 1 Ed | 2025-04-09 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in the strip_escapes function in signal.c in GNU ed before 1.0 allows context-dependent or user-assisted attackers to execute arbitrary code via a long filename. NOTE: since ed itself does not typically run with special privileges, this issue only crosses privilege boundaries when ed is invoked as a third-party component. | |||||
| CVE-2007-4793 | 1 Ibm | 1 Aix | 2025-04-09 | 7.2 HIGH | N/A |
| Buffer overflow in xlplm in plm.server.rte in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors. | |||||
| CVE-2008-5240 | 1 Xine | 1 Xine-lib | 2025-04-09 | 4.3 MEDIUM | N/A |
| xine-lib 1.1.12, and other 1.1.15 and earlier versions, relies on an untrusted input value to determine the memory allocation and does not check the result for (1) the MATROSKA_ID_TR_CODECPRIVATE track entry element processed by demux_matroska.c; and (2) PROP_TAG, (3) MDPR_TAG, and (4) CONT_TAG chunks processed by the real_parse_headers function in demux_real.c; which allows remote attackers to cause a denial of service (NULL pointer dereference and crash) or possibly execute arbitrary code via a crafted value. | |||||