Total
13113 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-3182 | 1 Speedbit | 1 Download Accelerator Plus | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in DAP.exe in Download Accelerator Plus (DAP) 7.0.1.3, 8.6.6.3, and other 8.x versions allows user-assisted remote attackers to execute arbitrary code via an M3U (.m3u) file containing a long MP3 URL. | |||||
| CVE-2008-1925 | 1 Inspircd | 1 Inspircd | 2025-04-09 | 5.0 MEDIUM | N/A |
| Buffer overflow in InspIRCd before 1.1.18, when using the namesx and uhnames modules, allows remote attackers to cause a denial of service (daemon crash) via a large number of channel users with crafted nicknames, idents, and long hostnames. | |||||
| CVE-2007-6109 | 1 Gnu | 1 Emacs | 2025-04-09 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in emacs allows user-assisted attackers to cause a denial of service (application crash) and possibly have unspecified other impact via a large precision value in an integer format string specifier to the format function, as demonstrated via a certain "emacs -batch -eval" command line. | |||||
| CVE-2008-2408 | 1 Ceruleanstudios | 1 Trillian Pro | 2025-04-09 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in the XML parsing functionality in talk.dll in Cerulean Studios Trillian Pro before 3.1.10.0 allows remote attackers to execute arbitrary code via a malformed attribute in an IMG tag. | |||||
| CVE-2008-3642 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | 9.3 HIGH | N/A |
| Buffer overflow in ColorSync in Mac OS X 10.4.11 and 10.5.5 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via an image with a crafted ICC profile. | |||||
| CVE-2009-3170 | 1 Aimp | 1 Aimp2 Audio Converter | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in AIMP2 Audio Converter 2.53 (build 330) and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long File1 argument in a (1) .pls or (2) .m3u playlist file. | |||||
| CVE-2009-4171 | 1 Yahoo | 1 Messenger | 2025-04-09 | 4.3 MEDIUM | N/A |
| An ActiveX control in YahooBridgeLib.dll for Yahoo! Messenger 9.0.0.2162, and possibly other 9.0 versions, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) by calling the RegisterMe method with a long argument. | |||||
| CVE-2008-3338 | 1 Tibco | 4 Hawk, Iprocess Engine, Mainframe Service Tracker and 1 more | 2025-04-09 | 10.0 HIGH | N/A |
| Multiple buffer overflows in TIBCO Hawk (1) AMI C library (libtibhawkami) and (2) Hawk HMA (tibhawkhma), as used in TIBCO Hawk before 4.8.1; Runtime Agent (TRA) before 5.6.0; iProcess Engine 10.3.0 through 10.6.2 and 11.0.0; and Mainframe Service Tracker before 1.1.0 might allow remote attackers to execute arbitrary code via a crafted message. | |||||
| CVE-2008-6846 | 1 Avast | 1 Avast Antivirus | 2025-04-09 | 6.8 MEDIUM | N/A |
| Multiple stack-based buffer overflows in avast! Linux Home Edition 1.0.5, 1.0.5-1, and 1.0.8 allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via a malformed (1) ISO or (2) RPM file. | |||||
| CVE-2009-1356 | 1 Elecard | 1 Elecard Avc Hd Player | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Elecard AVC HD Player allows remote attackers to execute arbitrary code via a long MP3 filename in a playlist (.xpl) file. | |||||
| CVE-2009-1722 | 1 Openexr | 1 Openexr | 2025-04-09 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in the compression implementation in OpenEXR 1.2.2 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors. | |||||
| CVE-2006-6684 | 1 Pedro Lineu Orso | 1 Chetcpasswd | 2025-04-09 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in Pedro Lineu Orso chetcpasswd before 2.4 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long X-Forwarded-For HTTP header. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-2357 | 1 Matt Kimball And Roger Wolff | 1 Mtr | 2025-04-09 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in the split_redraw function in split.c in mtr before 0.73, when invoked with the -p (aka --split) option, allows remote attackers to execute arbitrary code via a crafted DNS PTR record. NOTE: it could be argued that this is a vulnerability in the ns_name_ntop function in resolv/ns_name.c in glibc and the proper fix should be in glibc; if so, then this should not be treated as a vulnerability in mtr. | |||||
| CVE-2009-2817 | 1 Apple | 1 Itunes | 2025-04-09 | 9.3 HIGH | N/A |
| Buffer overflow in Apple iTunes before 9.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted .pls file. | |||||
| CVE-2008-1944 | 2 Redhat, Xensource | 4 Desktop, Enterprise Linux, Virtualization Server and 1 more | 2025-04-09 | 7.2 HIGH | N/A |
| Buffer overflow in the backend framebuffer of XenSource Xen Para-Virtualized Framebuffer (PVFB) Message 3.0 through 3.0.3 allows local users to cause a denial of service (SDL crash) and possibly execute arbitrary code via "bogus screen updates," related to missing validation of the "format of messages." | |||||
| CVE-2007-5652 | 1 Ibm | 1 Db2 | 2025-04-09 | 7.8 HIGH | N/A |
| IBM DB2 UDB 9.1 before Fixpak 4 does not properly manage storage of a list containing authentication information, which might allow attackers to cause a denial of service (instance crash) or trigger memory corruption. NOTE: the vendor description of this issue is too vague to be certain that it is security-related. | |||||
| CVE-2008-6821 | 1 Ibm | 1 Db2 | 2025-04-09 | 10.0 HIGH | N/A |
| Buffer overflow in the DAS server in IBM DB2 8 before FP17, 9.1 before FP5, and 9.5 before FP2 might allow attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors, a different vulnerability than CVE-2007-3676 and CVE-2008-3853. | |||||
| CVE-2008-5050 | 1 Clam Anti-virus | 1 Clamav | 2025-04-09 | 9.3 HIGH | N/A |
| Off-by-one error in the get_unicode_name function (libclamav/vba_extract.c) in Clam Anti-Virus (ClamAV) before 0.94.1 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted VBA project file, which triggers a heap-based buffer overflow. | |||||
| CVE-2009-0323 | 1 W3 | 1 Amaya | 2025-04-09 | 10.0 HIGH | N/A |
| Multiple stack-based buffer overflows in W3C Amaya Web Browser 10.0 and 11.0 allow remote attackers to execute arbitrary code via (1) a long type parameter in an input tag, which is not properly handled by the EndOfXmlAttributeValue function; (2) an "HTML GI" in a start tag, which is not properly handled by the ProcessStartGI function; and unspecified vectors in (3) html2thot.c and (4) xml2thot.c, related to the msgBuffer variable. NOTE: these are different vectors than CVE-2008-6005. | |||||
| CVE-2008-0047 | 2 Apple, Cups | 3 Mac Os X, Mac Os X Server, Cups | 2025-04-09 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in the cgiCompileSearch function in CUPS 1.3.5, and other versions including the version bundled with Apple Mac OS X 10.5.2, when printer sharing is enabled, allows remote attackers to execute arbitrary code via crafted search expressions. | |||||