Total
13113 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-2556 | 1 Google | 1 Chrome | 2025-04-09 | 9.3 HIGH | N/A |
| Google Chrome before 2.0.172.37 allows attackers to leverage renderer access to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors that trigger excessive memory allocation. | |||||
| CVE-2008-7249 | 1 Pedro Lineu Orso | 1 Sarg | 2025-04-09 | 9.3 HIGH | N/A |
| Buffer overflow in Squid Analysis Report Generator (Sarg) 2.2.3.1, and probably later, allows user-assisted remote attackers to execute arbitrary code via a long HTTP request method in a crafted access.log file, a different vulnerability than CVE-2008-1167. | |||||
| CVE-2009-0146 | 3 Apple, Foolabs, Glyphandcog | 3 Cups, Xpdf, Xpdfreader | 2025-04-09 | 4.3 MEDIUM | N/A |
| Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2SymbolDict::setBitmap and (2) JBIG2Stream::readSymbolDictSeg. | |||||
| CVE-2009-4500 | 1 Zabbix | 1 Zabbix | 2025-04-09 | 5.0 MEDIUM | N/A |
| The process_trap function in trapper/trapper.c in Zabbix Server before 1.6.6 allows remote attackers to cause a denial of service (crash) via a crafted request with data that lacks an expected : (colon) separator, which triggers a NULL pointer dereference. | |||||
| CVE-2007-6026 | 1 Microsoft | 6 Jet, Office, Windows 2000 and 3 more | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Microsoft msjet40.dll 4.0.8618.0 (aka Microsoft Jet Engine), as used by Access 2003 in Microsoft Office 2003 SP3, allows user-assisted attackers to execute arbitrary code via a crafted MDB file database file containing a column structure with a modified column count. NOTE: this might be the same issue as CVE-2005-0944. | |||||
| CVE-2009-0824 | 1 Slysoft | 4 Anydvd, Clonecd, Clonedvd and 1 more | 2025-04-09 | 4.9 MEDIUM | N/A |
| Elaborate Bytes ElbyCDIO.sys 6.0.2.0 and earlier, as distributed in SlySoft AnyDVD before 6.5.2.6, Virtual CloneDrive 5.4.2.3 and earlier, CloneDVD 2.9.2.0 and earlier, and CloneCD 5.3.1.3 and earlier, uses the METHOD_NEITHER communication method for IOCTLs and does not properly validate a buffer associated with the Irp object, which allows local users to cause a denial of service (system crash) via a crafted IOCTL call. | |||||
| CVE-2007-6387 | 3 Intuit, Microsoft, Vantage Linquistics | 8 Bookkeeping, Proseries, Quickbooks and 5 more | 2025-04-09 | 9.3 HIGH | N/A |
| Multiple stack-based buffer overflows in the awApi4.AnswerWorks.1 ActiveX control in awApi4.dll 4.0.0.42, as used by Vantage Linguistics AnswerWorks, and Intuit Clearly Bookkeeping, ProSeries, QuickBooks, Quicken, QuickTax, and TurboTax, allow remote attackers to execute arbitrary code via long arguments to the (1) GetHistory, (2) GetSeedQuery, (3) SetSeedQuery, and possibly other methods. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2007-2459 | 1 Tony Cook | 1 Imager | 2025-04-09 | 7.8 HIGH | N/A |
| Heap-based buffer overflow in the BMP reader (bmp.c) in Imager perl module (libimager-perl) 0.45 through 0.56 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted 8-bit/pixel compressed BMP files. | |||||
| CVE-2007-5466 | 1 Extremail | 1 Extremail | 2025-04-09 | 10.0 HIGH | N/A |
| Multiple buffer overflows in eXtremail 2.1.1 and earlier allow remote attackers to (1) have an unknown impact by sending multiple long strings to the IMAP port (143/tcp); (2) execute arbitrary code via a long string in an IMAP AUTHENTICATE PLAIN action, involving the ifParseAuthPlain function; (3) execute arbitrary code via a long LOGIN command to the admin interface port (4501/tcp); or (4) execute arbitrary code via a long string in an IMAP AUTHENTICATE LOGIN (aka CRAM-MD5 authentication) action, involving the ifProcImapAuth1 function. | |||||
| CVE-2008-1320 | 1 Asg | 1 Asg-sentry | 2025-04-09 | 10.0 HIGH | N/A |
| Multiple buffer overflows in ASG-Sentry Network Manager 7.0.0 and earlier allow remote attackers to execute arbitrary code or cause a denial of service (crash) via (1) a long request to FxIAList on TCP port 6162, or (2) an SNMP request with a long community string to FxAgent on UDP port 6161. | |||||
| CVE-2007-2418 | 1 Cerulean Studios | 1 Trillian Pro | 2025-04-09 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in the Rendezvous / Extensible Messaging and Presence Protocol (XMPP) component (plugins\rendezvous.dll) for Cerulean Studios Trillian Pro before 3.1.5.1 allows remote attackers to execute arbitrary code via a message that triggers the overflow from expansion that occurs during encoding. | |||||
| CVE-2008-0947 | 1 Mit | 1 Kerberos 5 | 2025-04-09 | 10.0 HIGH | N/A |
| Buffer overflow in the RPC library used by libgssrpc and kadmind in MIT Kerberos 5 (krb5) 1.4 through 1.6.3 allows remote attackers to execute arbitrary code by triggering a large number of open file descriptors. | |||||
| CVE-2008-5030 | 1 Libcaudio | 1 Libcaudio | 2025-04-09 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in the cddb_read_disc_data function in cddb.c in libcdaudio 0.99.12p2 allows remote CDDB servers to execute arbitrary code via long CDDB data. | |||||
| CVE-2009-1568 | 1 Novell | 1 Iprint Client | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in ienipp.ocx in Novell iPrint Client 5.30, and possibly other versions before 5.32, allows remote attackers to execute arbitrary code via a long target-frame parameter. | |||||
| CVE-2008-4322 | 1 Realflex Technologies Ltd | 1 Realwin Server | 2025-04-09 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in RealFlex Technologies Ltd. RealWin Server 2.0, as distributed by DATAC, allows remote attackers to execute arbitrary code via a crafted FC_INFOTAG/SET_CONTROL packet. | |||||
| CVE-2009-0779 | 1 Ibm | 1 Aix | 2025-04-09 | 7.2 HIGH | N/A |
| Buffer overflow in pppdial in IBM AIX 5.3 and 6.1 allows local users to gain privileges via a long "input string." | |||||
| CVE-2009-0065 | 1 Linux | 1 Linux Kernel | 2025-04-09 | 10.0 HIGH | N/A |
| Buffer overflow in net/sctp/sm_statefuns.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.28-git8 allows remote attackers to have an unknown impact via an FWD-TSN (aka FORWARD-TSN) chunk with a large stream ID. | |||||
| CVE-2008-5358 | 1 Sun | 2 Jdk, Jre | 2025-04-09 | 9.3 HIGH | N/A |
| Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier might allow remote attackers to execute arbitrary code via a crafted GIF file that triggers memory corruption during display of the splash screen, possibly related to splashscreen.dll. | |||||
| CVE-2008-0220 | 1 Gateway | 2 Cweblaunchctl Activex Control, Weblaunch | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple stack-based buffer overflows in the WebLaunch.WeblaunchCtl.1 (aka CWebLaunchCtl) ActiveX control in weblaunch.ocx 1.0.0.1 in Gateway Weblaunch allow remote attackers to execute arbitrary code via a long string in the (1) second or (2) fourth argument to the DoWebLaunch method. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2007-6115 | 1 Wireshark | 1 Wireshark | 2025-04-09 | 10.0 HIGH | N/A |
| Buffer overflow in the ANSI MAP dissector for Wireshark (formerly Ethereal) 0.99.5 to 0.99.6, when running on unspecified platforms, allows remote attackers to cause a denial of service and possibly execute arbitrary code via unknown vectors. | |||||