Total
13113 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-5542 | 1 Miranda-im | 1 Miranda Im | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Miranda IM 0.6.8 allows remote attackers to execute arbitrary code via a crafted Yahoo! Messenger packet. NOTE: this might overlap CVE-2007-5590. | |||||
| CVE-2008-0553 | 1 Tcl Tk | 1 Tcl Tk | 2025-04-09 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in the ReadImage function in tkImgGIF.c in Tk (Tcl/Tk) before 8.5.1 allows remote attackers to execute arbitrary code via a crafted GIF image, a similar issue to CVE-2006-4484. | |||||
| CVE-2009-0546 | 1 Newsgator | 1 Feeddemon | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in NewsGator FeedDemon 2.7 and earlier allows user-assisted remote attackers to execute arbitrary code via a long text attribute in an outline element in a .opml file. | |||||
| CVE-2009-0183 | 1 Free Download Manager | 1 Free Download Manager | 2025-04-09 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in Remote Control Server in Free Download Manager (FDM) 2.5 Build 758 and 3.0 Build 844 allows remote attackers to execute arbitrary code via a long Authorization header in an HTTP request. | |||||
| CVE-2008-3229 | 1 Swapoff | 1 Op | 2025-04-09 | 6.9 MEDIUM | N/A |
| Stack-based buffer overflow in op before Changeset 563, when xauth support is enabled, allows local users to gain privileges via a long XAUTHORITY environment variable. | |||||
| CVE-2008-3647 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | 9.3 HIGH | N/A |
| Buffer overflow in PSNormalizer in Mac OS X 10.4.11 and 10.5.5 allows remote attackers to cause a denial of service (application termination) and execute arbitrary code via a PostScript file with a crafted bounding box comment. | |||||
| CVE-2009-0220 | 1 Microsoft | 1 Office Powerpoint | 2025-04-09 | 9.3 HIGH | N/A |
| Multiple stack-based buffer overflows in the PowerPoint 4.0 importer (PP4X32.DLL) in Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allow remote attackers to execute arbitrary code via crafted formatting data for paragraphs in a file that uses a PowerPoint 4.0 native file format, related to (1) an incorrect calculation from a record header, or (2) an interget that is used to specify the number of bytes to copy, aka "Legacy File Format Vulnerability." | |||||
| CVE-2007-5910 | 4 Activepdf, Autonomy, Ibm and 1 more | 6 Docconverter, Keyview Export Sdk, Keyview Filter Sdk and 3 more | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK before 9.2.0.12, as used by ActivePDF DocConverter, wp6sr.dll in IBM Lotus Notes 8.0 and before 7.0.3, Symantec Mail Security, and other products, allows remote attackers to execute arbitrary code via a crafted WordPerfect (WPD) file. | |||||
| CVE-2006-6125 | 1 Netgear | 1 Wg311v1 | 2025-04-09 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in the wireless driver (WG311ND5.SYS) 2.3.1.10 for NetGear WG311v1 wireless adapter allows remote attackers to execute arbitrary code via an 802.11 management frame with a long SSID. | |||||
| CVE-2007-3928 | 1 Yahoo | 1 Messenger | 2025-04-09 | 7.6 HIGH | N/A |
| Buffer overflow in Yahoo! Messenger 8.1 allows user-assisted remote authenticated users to execute arbitrary code via a long e-mail address in an address book entry. NOTE: this might overlap CVE-2007-3638. | |||||
| CVE-2008-4396 | 1 Safer Networking | 1 Filealyzer | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Safer Networking FileAlyzer 1.6.0.0 and 1.6.0.4 beta, and possibly other versions, allows user-assisted remote attackers to execute arbitrary code via an executable with malformed version data. | |||||
| CVE-2007-3147 | 1 Yahoo | 1 Messenger | 2025-04-09 | 9.3 HIGH | N/A |
| Buffer overflow in the Yahoo! Webcam Upload ActiveX control in ywcupl.dll 2.0.1.4 for Yahoo! Messenger 8.1.0.249 allows remote attackers to execute arbitrary code via a long server property value to the send method. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-4124 | 1 Ruby-lang | 1 Ruby | 2025-04-09 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in the rb_str_justify function in string.c in Ruby 1.9.1 before 1.9.1-p376 allows context-dependent attackers to execute arbitrary code via unspecified vectors involving (1) String#ljust, (2) String#center, or (3) String#rjust. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2007-6631 | 1 Lscube | 1 Libnemesi | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple buffer overflows in LScube libnemesi 0.6.4-rc1 and earlier allow remote attackers to execute arbitrary code via (1) a reply that begins with a long version string, which triggers an overflow in handle_rtsp_pkt in rtsp_handlers.c; long headers that trigger overflows in (2) send_pause_request, (3) send_play_request, (4) send_setup_request, or (5) send_teardown_request in rtsp_send.c, as demonstrated by the Content-Base header; or a long Transport header, which triggers an overflow in (6) get_transport_str_sctp, (7) get_transport_str_tcp, or (8) get_transport_str_udp in rtsp_transport.c. | |||||
| CVE-2008-1444 | 1 Microsoft | 6 Directx, Windows-nt, Windows 2000 and 3 more | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Microsoft DirectX 7.0 and 8.1 on Windows 2000 SP4 allows remote attackers to execute arbitrary code via a Synchronized Accessible Media Interchange (SAMI) file with crafted parameters for a Class Name variable, aka the "SAMI Format Parsing Vulnerability." | |||||
| CVE-2009-2206 | 1 Apple | 2 Iphone Os, Ipod Touch | 2025-04-09 | 6.8 MEDIUM | N/A |
| Multiple heap-based buffer overflows in the AudioCodecs library in the CoreAudio component in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted (1) AAC or (2) MP3 file, as demonstrated by a ringtone with malformed entries in the sample size table. | |||||
| CVE-2007-0325 | 1 Trend Micro | 2 Client-server-messaging Security, Officescan Corporate Edition | 2025-04-09 | 9.3 HIGH | N/A |
| Multiple buffer overflows in the Trend Micro OfficeScan Web-Deployment SetupINICtrl ActiveX control in OfficeScanSetupINI.dll, as used in OfficeScan 7.0 before Build 1344, OfficeScan 7.3 before Build 1241, and Client / Server / Messaging Security 3.0 before Build 1197, allow remote attackers to execute arbitrary code via a crafted HTML document. | |||||
| CVE-2008-4771 | 3 4xem, D-link, Vivotek | 3 Vatctrl Class, Mpeg4 Shm Audio Control, Rtsp Mpeg4 Sp Control | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in VATDecoder.VatCtrl.1 ActiveX control in (1) 4xem VatCtrl Class (VATDecoder.dll 1.0.0.27 and 1.0.0.51), (2) D-Link MPEG4 SHM Audio Control (VAPGDecoder.dll 1.7.0.5), (3) Vivotek RTSP MPEG4 SP Control (RtspVapgDecoderNew.dll 2.0.0.39), and possibly other products, allows remote attackers to execute arbitrary code via a long Url property. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-1667 | 1 Mini-stream | 1 Castripper | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Mini-stream CastRipper 2.50.70 allows remote attackers to execute arbitrary code via a long entry in a .m3u file, a different vector than CVE-2009-5137. | |||||
| CVE-2009-1611 | 1 Electrasoft | 1 32bit Ftp | 2025-04-09 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in ElectraSoft 32bit FTP 09.04.24 allows remote FTP servers to execute arbitrary code via a long 257 reply to a CWD command. | |||||