Total
13113 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-3484 | 1 Coreftp | 1 Core Ftp | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Core FTP 2.1 build 1612 allows user-assisted remote attackers to execute arbitrary code via a long hostname in an FTP server entry in a site backup file. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-0096 | 1 Georgia Softworks | 1 Ssh2 Server | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple buffer overflows in Georgia SoftWorks SSH2 Server (GSW_SSHD) 7.01.0003 and earlier allow remote attackers to execute arbitrary code via a (1) a long username, which triggers an overflow in the log function; or (2) a long password. | |||||
| CVE-2009-0894 | 1 Xvid | 1 Xvid | 2025-04-09 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in the decoder_create function in the initialization functionality in xvidcore/src/decoder.c in Xvid before 1.2.2, as used by Windows Media Player and other applications, allows remote attackers to execute arbitrary code via vectors involving the DirectShow (aka DShow) frontend and improper handling of the XVID_ERR_MEMORY return code during processing of a crafted movie file. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-5387 | 1 Ibm | 1 Aix | 2025-04-09 | 6.2 MEDIUM | N/A |
| Buffer overflow in autoconf6 in IBM AIX 6.1.0 through 6.1.2, when Role-Based Access Control is enabled, allows local users with aix.network.config.tcpip authorization to gain privileges via unspecified vectors. | |||||
| CVE-2007-1682 | 1 Softartisans | 1 Xfile | 2025-04-09 | 9.3 HIGH | N/A |
| Multiple stack-based buffer overflows in the FileManager ActiveX control in SAFmgPws.dll in SoftArtisans XFile before 2.4.0 allow remote attackers to execute arbitrary code via unspecified calls to the (1) BuildPath, (2) GetDriveName, (3) DriveExists, or (4) DeleteFile method. | |||||
| CVE-2009-0305 | 2 Microsoft, Research In Motion Limited | 2 Internet Explorer, Blackberry Application Web Loader | 2025-04-09 | 9.3 HIGH | N/A |
| Multiple stack-based buffer overflows in the Research in Motion RIM AxLoader ActiveX control in AxLoader.ocx and AxLoader.dll in BlackBerry Application Web Loader 1.0 allow remote attackers to execute arbitrary code via unspecified use of the (1) load or (2) loadJad method. | |||||
| CVE-2007-0712 | 2 Apple, Microsoft | 3 Mac Os X, Quicktime, Windows | 2025-04-09 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted MIDI file. | |||||
| CVE-2008-5078 | 1 Gnu | 1 Escript | 2025-04-09 | 6.8 MEDIUM | N/A |
| Multiple buffer overflows in the (1) recognize_eps_file function (src/psgen.c) and (2) tilde_subst function (src/util.c) in GNU enscript 1.6.1, and possibly earlier, might allow remote attackers to execute arbitrary code via an epsf escape sequence with a long filename. | |||||
| CVE-2007-5634 | 2 Almico, Microsoft | 2 Speedfan, Windows Vista | 2025-04-09 | 4.9 MEDIUM | N/A |
| Speedfan.sys in Alfredo Milani Comparetti SpeedFan 4.33, when used on Microsoft Windows Vista x64, does not properly check a buffer during an IOCTL 0x9c402420 call, which allows local users to cause a denial of service (machine crash) and possibly gain privileges via unspecified vectors. | |||||
| CVE-2008-4562 | 1 Hp | 1 Openview Network Node Manager | 2025-04-09 | 10.0 HIGH | N/A |
| Buffer overflow in the ovlaunch CGI program in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 on Windows allows remote attackers to execute arbitrary code via a crafted Host parameter. NOTE: this issue may be partially covered by CVE-2009-0205. | |||||
| CVE-2008-0747 | 1 Cowon America | 1 Jetaudio Basic | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in COWON America jetAudio 7.0.5 and earlier allows user-assisted remote attackers to execute arbitrary code via a long URL in a .asx file, a different vulnerability than CVE-2007-5487. | |||||
| CVE-2007-5198 | 1 Nagios | 1 Plugins | 2025-04-09 | 6.8 MEDIUM | N/A |
| Buffer overflow in the redir function in check_http.c in Nagios Plugins before 1.4.10, when running with the -f (follow) option, allows remote web servers to execute arbitrary code via Location header responses (redirects) with a large number of leading "L" characters. | |||||
| CVE-2009-0228 | 1 Microsoft | 1 Windows 2000 | 2025-04-09 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the EnumeratePrintShares function in Windows Print Spooler Service (win32spl.dll) in Microsoft Windows 2000 SP4 allows remote printer servers to execute arbitrary code via a crafted ShareName in a response to an RPC request, related to "printing data structures," aka "Buffer Overflow in Print Spooler Vulnerability." | |||||
| CVE-2008-2407 | 1 Ceruleanstudios | 1 Trillian | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in AIM.DLL in Cerulean Studios Trillian before 3.1.10.0 allows user-assisted remote attackers to execute arbitrary code via a long attribute value in a FONT tag in a message. | |||||
| CVE-2007-3832 | 1 Cerulean Studios | 1 Trillian | 2025-04-09 | 9.3 HIGH | N/A |
| Buffer overflow in the AOL Instant Messenger (AIM) protocol handler in AIM.DLL in Cerulean Studios Trillian allows remote attackers to execute arbitrary code via a malformed aim: URI, as demonstrated by a long URI beginning with the aim:///#1111111/ substring. | |||||
| CVE-2008-3558 | 1 Cisco | 1 Webex Meeting Manager | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the WebexUCFObject ActiveX control in atucfobj.dll in Cisco WebEx Meeting Manager before 20.2008.2606.4919 allows remote attackers to execute arbitrary code via a long argument to the NewObject method. | |||||
| CVE-2008-3126 | 1 Fujitsu | 1 Serverview | 2025-04-09 | 6.5 MEDIUM | N/A |
| Multiple stack-based buffer overflows in the ServerView web interface (SnmpGetMibValues.exe) in Fujitsu Siemens Computers ServerView 04.60.07 and earlier allow remote authenticated users to execute arbitrary code via a crafted URL. | |||||
| CVE-2007-4037 | 1 Guidance Software | 1 Encase | 2025-04-09 | 4.3 MEDIUM | N/A |
| Guidance Software EnCase allows user-assisted attackers to trigger a buffer over-read and application crash via a malformed NTFS filesystem containing a modified FILE record with a certain large offset. NOTE: the vendor disputes the significance of this issue, asserting that relevant attackers typically do not corrupt a filesystem, and indicating that the relevant read operation can be disabled | |||||
| CVE-2008-3247 | 1 Linux | 1 Linux Kernel | 2025-04-09 | 7.2 HIGH | N/A |
| The LDT implementation in the Linux kernel 2.6.25.x before 2.6.25.11 on x86_64 platforms uses an incorrect size for ldt_desc, which allows local users to cause a denial of service (system crash) or possibly gain privileges via unspecified vectors. | |||||
| CVE-2009-2832 | 1 Apple | 1 Mac Os X Server | 2025-04-09 | 5.1 MEDIUM | N/A |
| Buffer overflow in FTP Server in Apple Mac OS X before 10.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a CWD command specifying a pathname in a deeply nested hierarchy of directories, related to a "CWD command line tool." | |||||