Total
12268 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-4092 | 1 Apple | 2 Itunes, Quicktime | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple heap-based buffer overflows in QuickTime.qts in Apple QuickTime Player 7.0.3 and iTunes 6.0.1 (3) and earlier allow remote attackers to cause a denial of service (crash) and execute arbitrary code via a .mov file with (1) a Movie Resource atom with a large size value, or (2) an stsd atom with a modified Sample Description Table size value, and possibly other vectors involving media files. NOTE: item 1 was originally identified by CVE-2005-4127 for a pre-patch announcement, and item 2 was originally identified by CVE-2005-4128 for a pre-patch announcement. | |||||
| CVE-2001-0819 | 1 Fetchmail | 1 Fetchmail | 2025-04-03 | 7.5 HIGH | N/A |
| A buffer overflow in Linux fetchmail before 5.8.6 allows remote attackers to execute arbitrary code via a large 'To:' field in an email header. | |||||
| CVE-2002-2367 | 1 Socks5 | 1 Socks5 | 2025-04-03 | 7.8 HIGH | N/A |
| Off-by-one buffer overflow in NEC SOCKS5 1.0 r11 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long hostname. | |||||
| CVE-2006-2656 | 1 Libtiff | 1 Libtiff | 2025-04-03 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the tiffsplit command in libtiff 3.8.2 and earlier might might allow attackers to execute arbitrary code via a long filename. NOTE: tiffsplit is not setuid. If there is not a common scenario under which tiffsplit is called with attacker-controlled command line arguments, then perhaps this issue should not be included in CVE. | |||||
| CVE-2005-3534 | 1 Wouter Verhelst | 1 Nbd | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the Network Block Device (nbd) server 2.7.5 and earlier, and 2.8.0 through 2.8.2, allows remote attackers to execute arbitrary code via a large request, which is written past the end of the buffer because nbd does not account for memory taken by the reply header. | |||||
| CVE-2005-3192 | 1 Xpdf | 1 Xpdf | 2025-04-03 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in the StreamPredictor function in Xpdf 3.01, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, and (4) pdftohtml, (5) KOffice KWord, (6) CUPS, and (7) libextractor allows remote attackers to execute arbitrary code via a PDF file with an out-of-range numComps (number of components) field. | |||||
| CVE-2004-0220 | 1 Openbsd | 1 Openbsd | 2025-04-03 | 10.0 HIGH | N/A |
| isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service via an ISAKMP packet with a malformed Cert Request payload, which causes an integer underflow that is used in a malloc operation that is not properly handled, as demonstrated by the Striker ISAKMP Protocol Test Suite. | |||||
| CVE-2005-3483 | 2 Graphon, Microsoft | 2 Go-global, Windows | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in GO-Global for Windows 3.1.0.3270 and earlier allows remote attackers to execute arbitrary code via a data block that is longer than the specified data block size. | |||||
| CVE-2006-3961 | 1 Mcafee | 9 Antispyware, Internet Security Suite, Personal Firewall Plus and 6 more | 2025-04-03 | 6.8 MEDIUM | N/A |
| Buffer overflow in McSubMgr ActiveX control (mcsubmgr.dll) in McAfee Security Center 6.0.23 for Internet Security Suite 2006, Wireless Home Network Security, Personal Firewall Plus, VirusScan, Privacy Service, SpamKiller, AntiSpyware, and QuickClean allows remote user-assisted attackers to execute arbitrary commands via long string parameters, which are later used in vsprintf. | |||||
| CVE-1999-0876 | 1 Microsoft | 2 Ie, Internet Explorer | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in Internet Explorer 4.0 via EMBED tag. | |||||
| CVE-2006-1302 | 1 Microsoft | 2 Excel, Excel Viewer | 2025-04-03 | 9.3 HIGH | N/A |
| Buffer overflow in Microsoft Excel 2000 through 2003 allows user-assisted attackers to execute arbitrary code via a .xls file with certain crafted fields in a SELECTION record, which triggers memory corruption, aka "Malformed SELECTION record Vulnerability." | |||||
| CVE-2006-0459 | 1 Westes | 1 Flex | 2025-04-03 | 7.5 HIGH | N/A |
| flex.skl in Will Estes and John Millaway Fast Lexical Analyzer Generator (flex) before 2.5.33 does not allocate enough memory for grammars containing (1) REJECT statements or (2) trailing context rules, which causes flex to generate code that contains a buffer overflow that might allow context-dependent attackers to execute arbitrary code. | |||||
| CVE-2004-1267 | 2 Easy Software Products, Redhat | 2 Cups, Fedora Core | 2025-04-03 | 6.5 MEDIUM | N/A |
| Buffer overflow in the ParseCommand function in hpgl-input.c in the hpgltops program for CUPS 1.1.22 allows remote attackers to execute arbitrary code via a crafted HPGL file. | |||||
| CVE-2005-4807 | 2 Canonical, Gnu | 2 Ubuntu Linux, Binutils | 2025-04-03 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the as_bad function in messages.c in the GNU as (gas) assembler in Free Software Foundation GNU Binutils before 20050721 allows attackers to execute arbitrary code via a .c file with crafted inline assembly code. | |||||
| CVE-2005-1775 | 1 Atari | 1 Terminator 3 War Of The Machines | 2025-04-03 | 5.0 MEDIUM | N/A |
| Terminator 3: War of the Machines 1.16 and earlier allows remote attackers to cause a denial of service (application crash) via a large nickname. | |||||
| CVE-2006-3632 | 1 Ethereal Group | 1 Ethereal | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in Wireshark (aka Ethereal) 0.8.16 to 0.99.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the NFS dissector. | |||||
| CVE-2006-1337 | 1 Mailenable | 1 Mailenable | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the POP 3 (POP3) service in MailEnable Standard Edition before 1.93, Professional Edition before 1.73, and Enterprise Edition before 1.21 allows remote attackers to execute arbitrary code via unknown vectors before authentication. | |||||
| CVE-2002-2385 | 1 Hotfoon Corporation | 1 Hotfoon | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in hotfoon4.exe in Hotfoon 4.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a URL containing a long voice phone number. | |||||
| CVE-1999-0349 | 1 Microsoft | 1 Internet Information Server | 2025-04-03 | 7.5 HIGH | N/A |
| A buffer overflow in the FTP list (ls) command in IIS allows remote attackers to conduct a denial of service and, in some cases, execute arbitrary commands. | |||||
| CVE-2006-2379 | 1 Microsoft | 4 Windows 2000, Windows 2003 Server, Windows Nt and 1 more | 2025-04-03 | 9.3 HIGH | N/A |
| Buffer overflow in the TCP/IP Protocol driver in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via unknown vectors related to IP source routing. | |||||