Total
13113 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-3408 | 1 Coolplayer | 1 Coolplayer | 2025-04-09 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in CoolPlayer 2.18, and possibly other versions, allows user-assisted remote attackers to execute arbitrary code via a crafted m3u file. | |||||
| CVE-2006-3738 | 1 Openssl | 1 Openssl | 2025-04-09 | 10.0 HIGH | N/A |
| Buffer overflow in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions has unspecified impact and remote attack vectors involving a long list of ciphers. | |||||
| CVE-2008-2097 | 1 Vmware | 2 Esx, Esxi | 2025-04-09 | 9.0 HIGH | N/A |
| Buffer overflow in the openwsman management service in VMware ESXi 3.5 and ESX 3.5 allows remote authenticated users to gain privileges via an "invalid Content-Length." | |||||
| CVE-2008-6899 | 1 Freesshd | 1 Freesshd | 2025-04-09 | 9.0 HIGH | N/A |
| Multiple buffer overflows in freeSSHd 1.2.1 allow remote authenticated users to cause a denial of service (crash) and execute arbitrary code via a long (1) open, (2) unlink, (3) mkdir, (4) rmdir, or (5) stat SFTP command. | |||||
| CVE-2007-6227 | 1 Qemu | 1 Qemu | 2025-04-09 | 7.2 HIGH | N/A |
| QEMU 0.9.0 allows local users of a Windows XP SP2 guest operating system to overwrite the TranslationBlock (code_gen_buffer) buffer, and probably have unspecified other impacts related to an "overflow," via certain Windows executable programs, as demonstrated by qemu-dos.com. | |||||
| CVE-2007-5070 | 1 Quiksoft | 1 Easymail Messageprinter Object | 2025-04-09 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in the EasyMailMessagePrinter ActiveX control in emprint.DLL 6.0.1.0 in the Quiksoft EasyMail MessagePrinter Object allows remote attackers to execute arbitrary code via a long string in the first argument to the SetFont method. | |||||
| CVE-2009-2961 | 1 Kolmck | 1 Kol Player | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Thaddy de Konng KOL Player 1.0 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long URL in a .MP3 playlist file. | |||||
| CVE-2009-4420 | 1 F5 | 3 Big-ip Application Security Manager, Big-ip Protocol Security Manager, Big-ip Protocol Security Module | 2025-04-09 | 7.8 HIGH | N/A |
| Buffer overflow in the bd daemon in F5 Networks BIG-IP Application Security Manager (ASM) 9.4.4 through 9.4.7 and 10.0.0 through 10.0.1, and Protocol Security Manager (PSM) 9.4.5 through 9.4.7 and 10.0.0 through 10.0.1, allows remote attackers to cause a denial of service (crash) via unknown vectors. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2007-5381 | 1 Cisco | 1 Ios | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the Line Printer Daemon (LPD) in Cisco IOS before 12.2(18)SXF11, 12.4(16a), and 12.4(2)T6 allow remote attackers to execute arbitrary code by setting a long hostname on the target system, then causing an error message to be printed, as demonstrated by a telnet session to the LPD from a source port other than 515. | |||||
| CVE-2008-1083 | 1 Microsoft | 5 Windows 2000, Windows 2003 Server, Windows Server 2008 and 2 more | 2025-04-09 | 9.3 HIGH | 8.1 HIGH |
| Heap-based buffer overflow in the CreateDIBPatternBrushPt function in GDI in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Vista, and Server 2008 allows remote attackers to execute arbitrary code via an EMF or WMF image file with a malformed header that triggers an integer overflow, aka "GDI Heap Overflow Vulnerability." | |||||
| CVE-2009-3235 | 1 Dovecot | 1 Dovecot | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple stack-based buffer overflows in the Sieve plugin in Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, as derived from Cyrus libsieve, allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SIEVE script, as demonstrated by forwarding an e-mail message to a large number of recipients, a different vulnerability than CVE-2009-2632. | |||||
| CVE-2009-2986 | 1 Adobe | 2 Acrobat, Acrobat Reader | 2025-04-09 | 9.3 HIGH | N/A |
| Multiple heap-based buffer overflows in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 might allow attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2007-5507 | 1 Oracle | 1 Database Server | 2025-04-09 | 6.4 MEDIUM | N/A |
| The GIOP service in TNS Listener in the Oracle Net Services component in Oracle Database 9.0.1.5+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote attackers to cause a denial of service (crash) or read potentially sensitive memory via a connect GIOP packet with an invalid data size, which triggers a buffer over-read, aka DB22. | |||||
| CVE-2007-5543 | 1 Miranda-im | 1 Miranda Im | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Miranda IM 0.6.8 and 0.7.0 allows remote attackers to execute arbitrary code via a crafted Yahoo! Messenger packet. NOTE: this might overlap CVE-2007-5590. | |||||
| CVE-2008-2514 | 1 Ibm | 1 Aix | 2025-04-09 | 4.6 MEDIUM | N/A |
| Buffer overflow in errpt in IBM AIX 5.2, 5.3, and 6.1 allows local users to gain privileges via unknown attack vectors. | |||||
| CVE-2007-5155 | 1 Iceows | 1 Iceows | 2025-04-09 | 9.3 HIGH | N/A |
| IceGUI.DLL in ICEOWS 4.20b invokes a function with incorrect arguments, which allows user-assisted remote attackers to execute arbitrary code via a long filename in the header of an ACE archive, which triggers a stack-based buffer overflow. | |||||
| CVE-2008-5242 | 1 Xine | 1 Xine-lib | 2025-04-09 | 6.8 MEDIUM | N/A |
| demux_qt.c in xine-lib 1.1.12, and other 1.1.15 and earlier versions, does not validate the count field before calling calloc for STSD_ATOM atom allocation, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted media file. | |||||
| CVE-2007-5029 | 1 Dibbler | 1 Dibbler | 2025-04-09 | 5.0 MEDIUM | N/A |
| Dibbler 0.6.0 does not verify that certain length parameters are appropriate for buffer sizes, which allows remote attackers to trigger a buffer over-read and cause a denial of service (daemon crash), as demonstrated by incorrect behavior of the TSrvMsg constructor in SrvMessages/SrvMsg.cpp when (1) reading the option code and option length and (2) parsing options. | |||||
| CVE-2008-0108 | 1 Microsoft | 2 Office, Works | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in wkcvqd01.dll in Microsoft Works 6 File Converter, as used in Office 2003 SP2 and SP3, Works 8.0, and Works Suite 2005, allows remote attackers to execute arbitrary code via a .wps file with crafted field lengths, aka "Microsoft Works File Converter Field Length Vulnerability." | |||||
| CVE-2007-4004 | 1 Ibm | 1 Aix | 2025-04-09 | 6.9 MEDIUM | N/A |
| Buffer overflow in the ftp client in IBM AIX 5.3 SP6 and 5.2.0 allows local users to execute arbitrary code via unspecified vectors that trigger the overflow in a gets function call. NOTE: the client is setuid root on AIX, so this issue crosses privilege boundaries. | |||||