Total
12268 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-1382 | 1 Instantservers Inc. | 1 Ismail | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in ISMail 1.4.3 and earlier allow remote attackers to execute arbitrary code via long domain names in (1) MAIL FROM or (2) RCPT TO fields. | |||||
| CVE-2006-4777 | 1 Microsoft | 1 Ie | 2025-04-03 | 7.6 HIGH | N/A |
| Heap-based buffer overflow in the DirectAnimation Path Control (DirectAnimation.PathControl) COM object (daxctle.ocx) for Internet Explorer 6.0 SP1, on Chinese and possibly other Windows distributions, allows remote attackers to execute arbitrary code via unknown manipulations in arguments to the KeyFrame method, possibly related to an integer overflow, as demonstrated by daxctle2, and a different vulnerability than CVE-2006-4446. | |||||
| CVE-2005-3191 | 1 Xpdf | 1 Xpdf | 2025-04-03 | 5.1 MEDIUM | N/A |
| Multiple heap-based buffer overflows in the (1) DCTStream::readProgressiveSOF and (2) DCTStream::readBaselineSOF functions in the DCT stream parsing code (Stream.cc) in xpdf 3.01 and earlier, as used in products such as (a) Poppler, (b) teTeX, (c) KDE kpdf, (d) pdftohtml, (e) KOffice KWord, (f) CUPS, and (g) libextractor allow user-assisted attackers to cause a denial of service (heap corruption) and possibly execute arbitrary code via a crafted PDF file with an out-of-range number of components (numComps), which is used as an array index. | |||||
| CVE-2003-1377 | 1 Sircd | 1 Sircd | 2025-04-03 | 8.3 HIGH | N/A |
| Buffer overflow in the reverse DNS lookup of Smart IRC Daemon (SIRCD) 0.4.0 and 0.4.4 allows remote attackers to execute arbitrary code via a client with a long hostname. | |||||
| CVE-2006-2238 | 1 Apple | 1 Quicktime | 2025-04-03 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a crafted BMP file that triggers the overflow in the ReadBMP function. NOTE: this issue was originally included as item 3 in CVE-2006-1983, but it has been given a separate identifier because it is a distinct issue. | |||||
| CVE-2003-1339 | 1 Ezmeeting | 1 Ezmeeting | 2025-04-03 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in eZnet.exe, as used in eZ (a) eZphotoshare, (b) eZmeeting, (c) eZnetwork, and (d) eZshare allows remote attackers to cause a denial of service (crash) or execute arbitrary code, as demonstrated via (1) a long GET request and (2) a long operation or autologin parameter to SwEzModule.dll. | |||||
| CVE-2006-3581 | 1 Audacious Media Player Team | 1 Adplug | 2025-04-03 | 5.1 MEDIUM | N/A |
| Multiple stack-based buffer overflows in Audacious AdPlug 2.0 and earlier allow remote user-assisted attackers to execute arbitrary code via large (1) DTM and (2) S3M files. | |||||
| CVE-2006-1368 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in the USB Gadget RNDIS implementation in the Linux kernel before 2.6.16 allows remote attackers to cause a denial of service (kmalloc'd memory corruption) via a remote NDIS response to OID_GEN_SUPPORTED_LIST, which causes memory to be allocated for the reply data but not the reply structure. | |||||
| CVE-2006-2439 | 1 Zipcentral | 1 Zipcentral | 2025-04-03 | 7.6 HIGH | N/A |
| Stack-based buffer overflow in ZipCentral 4.01 allows remote user-assisted attackers to execute arbitrary code via a ZIP archive containing a long filename. | |||||
| CVE-2005-3863 | 1 Ktools | 1 Ktools | 2025-04-03 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in kkstrtext.h in ktools library 0.3 and earlier, as used in products such as (1) centericq, (2) orpheus, (3) motor, and (4) groan, allows local users or remote attackers to execute arbitrary code via a long parameter to the VGETSTRING macro. | |||||
| CVE-2006-3086 | 1 Microsoft | 1 Hyperlink Object Library | 2025-04-03 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the HrShellOpenWithMonikerDisplayName function in Microsoft Hyperlink Object Library (hlink.dll) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long hyperlink, as demonstrated using an Excel worksheet with a long link in Unicode, aka "Hyperlink COM Object Buffer Overflow Vulnerability." NOTE: this is a different issue than CVE-2006-3059. | |||||
| CVE-2006-3463 | 1 Libtiff | 1 Libtiff | 2025-04-03 | 7.8 HIGH | N/A |
| The EstimateStripByteCounts function in TIFF library (libtiff) before 3.8.2 uses a 16-bit unsigned short when iterating over an unsigned 32-bit value, which allows context-dependent attackers to cause a denial of service via a large td_nstrips value, which triggers an infinite loop. | |||||
| CVE-2003-1484 | 1 Microsoft | 1 Ie | 2025-04-03 | 4.3 MEDIUM | N/A |
| Microsoft Internet Explorer 6.0 SP1 allows remote attackers to cause a denial of service (crash) by creating a DHTML link that uses the AnchorClick "A" object with a blank href attribute. | |||||
| CVE-2005-3354 | 1 Sylpheed | 1 Sylpheed | 2025-04-03 | 5.1 MEDIUM | N/A |
| Stack-based buffer overflow in the ldif_get_line function in ldif.c of Sylpheed before 2.1.6 allows user-assisted attackers to execute arbitrary code by having local users import LDIF files with long lines. | |||||
| CVE-2003-0095 | 1 Oracle | 3 Database Server, Oracle8i, Oracle9i | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in ORACLE.EXE for Oracle Database Server 9i, 8i, 8.1.7, and 8.0.6 allows remote attackers to execute arbitrary code via a long username that is provided during login, as exploitable through client applications that perform their own authentication, as demonstrated using LOADPSP. | |||||
| CVE-2002-2332 | 1 Opera Software | 1 Opera Web Browser | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in Opera 6.01 allows remote attackers to cause a denial of service (crash) via an IMG tag with large width and height attributes. | |||||
| CVE-2002-0813 | 1 Cisco | 1 Ios | 2025-04-03 | 7.1 HIGH | N/A |
| Heap-based buffer overflow in the TFTP server capability in Cisco IOS 11.1, 11.2, and 11.3 allows remote attackers to cause a denial of service (reset) or modify configuration via a long filename. | |||||
| CVE-2005-3831 | 1 Speedproject | 3 Speedcommander, Squeez, Zipstar | 2025-04-03 | 5.1 MEDIUM | N/A |
| Stack-based buffer overflow in (1) CxZIP60.dll and (2) CxZIP60u.dll, as used in SpeedProject products including (a) ZipStar 5.0 Build 4285, (b) Squeez 5.0 Build 4285, and (c) SpeedCommander 11.0 Build 4430 and 10.51 Build 4430, allows user-assisted attackers to execute arbitrary code via a ZIP archive containing a long filename. | |||||
| CVE-2002-2271 | 1 Bigfun | 1 Bigfun | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in BigFun 1.51b IRC client, when the Direct Client Connection (DCC) option is used, allows remote attackers to cause a denial of service (crash) via a long string. | |||||
| CVE-2004-1114 | 1 Skype Technologies | 1 Skype | 2025-04-03 | 9.3 HIGH | N/A |
| Buffer overflow in the handling of command line arguments in Skype 1.0.x.94 through 1.0.x.98 allows remote attackers to execute arbitrary code via a callto:// URL with a long non-existent username, a different vulnerability than CVE-2004-1777. | |||||