Total
12268 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-1469 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in ImageIO in Apple Mac OS X 10.4 up to 10.4.6 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image. | |||||
| CVE-2003-1464 | 1 Siemens | 2 M45, S45 | 2025-04-03 | 7.8 HIGH | N/A |
| Buffer overflow in Siemens 45 series mobile phones allows remote attackers to cause a denial of service (disconnect and unavailable inbox) via a Short Message Service (SMS) message with a long image name. | |||||
| CVE-2006-3460 | 1 Libtiff | 1 Libtiff | 2025-04-03 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in the JPEG decoder in the TIFF library (libtiff) before 3.8.2 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via an encoded JPEG stream that is longer than the scan line size (TiffScanLineSize). | |||||
| CVE-1999-0027 | 1 Sgi | 1 Irix | 2025-04-03 | 7.2 HIGH | N/A |
| root privileges via buffer overflow in eject command on SGI IRIX systems. | |||||
| CVE-2006-1857 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 9.0 HIGH | N/A |
| Buffer overflow in SCTP in Linux kernel before 2.6.16.17 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a malformed HB-ACK chunk. | |||||
| CVE-2006-3638 | 1 Microsoft | 2 Ie, Internet Explorer | 2025-04-03 | 7.5 HIGH | N/A |
| Microsoft Internet Explorer 5.01 and 6 does not properly handle uninitialized COM objects, which allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code, as demonstrated by the Nth function in the DirectAnimation.DATuple ActiveX control, aka "COM Object Instantiation Memory Corruption Vulnerability." | |||||
| CVE-2006-0966 | 1 Ncp Network Communications | 1 Secure Client | 2025-04-03 | 2.1 LOW | N/A |
| NCP Network Communication Secure Client 8.11 Build 146, and possibly other versions, allows local users to cause a denial of service (CPU consumption) via a large number of arguments to ncprwsnt.exe, possibly due to a buffer overflow. | |||||
| CVE-2004-0836 | 2 Debian, Oracle | 2 Debian Linux, Mysql | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in the mysql_real_connect function in MySQL 4.x before 4.0.21, and 3.x before 3.23.49, allows remote DNS servers to cause a denial of service and possibly execute arbitrary code via a DNS response with a large address length (h_length). | |||||
| CVE-2002-2232 | 1 Mollensoft Software | 1 Enceladus Server Suite | 2025-04-03 | 8.5 HIGH | N/A |
| Buffer overflow in Enceladus Server Suite 3.9 allows remote attackers to execute arbitrary code via a long CD (CWD) command. | |||||
| CVE-2006-2297 | 1 Microsoft | 1 Infotech Storage System Library | 2025-04-03 | 4.0 MEDIUM | N/A |
| Heap-based buffer overflow in Microsoft Infotech Storage System Library (itss.dll) allows user-assisted attackers to execute arbitrary code via a crafted CHM / ITS file that triggers the overflow while decompiling. | |||||
| CVE-2006-3146 | 2 Microsoft, Toshiba | 2 Windows, Bluetooth Stack | 2025-04-03 | 5.0 MEDIUM | N/A |
| The TOSRFBD.SYS driver for Toshiba Bluetooth Stack 4.00.29 and earlier on Windows allows remote attackers to cause a denial of service (reboot) via a L2CAP echo request that triggers an out-of-bounds memory access, similar to "Ping o' Death" and as demonstrated by BlueSmack. NOTE: this issue was originally reported for 4.00.23. | |||||
| CVE-2002-2404 | 1 Curtis Specialty Consulting | 1 Iispop | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in IISPop email server 1.161 and 1.181 allows remote attackers to cause a denial of service (crash) via a long request to the POP3 port (TCP port 110). | |||||
| CVE-2005-4863 | 1 Ibm | 1 Db2 Universal Database | 2025-04-03 | 7.2 HIGH | N/A |
| Stack-based buffer overflow in db2fmp in IBM DB2 7.x and 8.1 allows local users to execute arbitrary code via a long parameter. | |||||
| CVE-2006-2407 | 3 Freeftpd, Freesshd, Weonlydo | 3 Freeftpd, Freesshd, Wodsshserver | 2025-04-03 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in (1) WeOnlyDo wodSSHServer ActiveX Component 1.2.7 and 1.3.3 DEMO, as used in other products including (2) FreeSSHd 1.0.9 and (3) freeFTPd 1.0.10, allows remote attackers to execute arbitrary code via a long key exchange algorithm string. | |||||
| CVE-2003-1360 | 1 Hp | 1 Hp-ux | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in the setupterm function of (1) lanadmin and (2) landiag programs of HP-UX 10.0 through 10.34 allows local users to execute arbitrary code via a long TERM environment variable. | |||||
| CVE-2005-2856 | 1 Winace | 1 Winace | 2025-04-03 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the WinACE UNACEV2.DLL third-party compression utility before 2.6.0.0, as used in multiple products including (1) ALZip 5.51 through 6.11, (2) Servant Salamander 2.0 and 2.5 Beta 1, (3) WinHKI 1.66 and 1.67, (4) ExtractNow 3.x, (5) Total Commander 6.53, (6) Anti-Trojan 5.5.421, (7) PowerArchiver before 9.61, (8) UltimateZip 2.7,1, 3.0.3, and 3.1b, (9) Where Is It (WhereIsIt) 3.73.501, (10) FilZip 3.04, (11) IZArc 3.5 beta3, (12) Eazel 1.0, (13) Rising Antivirus 18.27.21 and earlier, (14) AutoMate 6.1.0.0, (15) BitZipper 4.1 SR-1, (16) ZipTV, and other products, allows user-assisted attackers to execute arbitrary code via a long filename in an ACE archive. | |||||
| CVE-2001-1582 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in the LDAP naming services library (libsldap) in Sun Solaris 8 allows local users to execute arbitrary code via a long LDAP_OPTIONS environment variable to a privileged program that uses libsldap. | |||||
| CVE-2006-0301 | 1 Xpdf | 1 Xpdf | 2025-04-03 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in Splash.cc in xpdf, as used in other products such as (1) poppler, (2) kdegraphics, (3) gpdf, (4) pdfkit.framework, and others, allows attackers to cause a denial of service and possibly execute arbitrary code via crafted splash images that produce certain values that exceed the width or height of the associated bitmap. | |||||
| CVE-2006-0010 | 1 Microsoft | 7 Windows 2000, Windows 2003 Server, Windows 98 and 4 more | 2025-04-03 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in T2EMBED.DLL in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 up to SP1, Windows 98, and Windows ME allows remote attackers to execute arbitrary code via an e-mail message or web page with a crafted Embedded Open Type (EOT) web font that triggers the overflow during decompression. | |||||
| CVE-2006-2898 | 1 Digium | 1 Asterisk | 2025-04-03 | 7.5 HIGH | N/A |
| The IAX2 channel driver (chan_iax2) for Asterisk 1.2.x before 1.2.9 and 1.0.x before 1.0.11 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via truncated IAX 2 (IAX2) video frames, which bypasses a length check and leads to a buffer overflow involving negative length check. NOTE: the vendor advisory claims that only a DoS is possible, but the original researcher is reliable. | |||||