Total
13113 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-3409 | 1 Epic Games | 1 Unreal Tournament 3 | 2025-04-09 | 7.5 HIGH | N/A |
| Buffer overflow in Unreal Tournament 3 1.3beta4 and earlier allows remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via a UDP packet containing a large value in a certain size field, followed by a data string of that size, aka attack 1 in ut3mendo.c. | |||||
| CVE-2007-2741 | 1 Littlecms | 1 Lcms | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Little CMS (lcms) before 1.15 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ICC profile in a JPG file. | |||||
| CVE-2007-5279 | 1 Conexware | 1 Powerarchiver | 2025-04-09 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in ConeXware PowerArchiver before 10.20.21 might allow remote attackers to execute arbitrary code via a long filename in a BlackHole archive. | |||||
| CVE-2008-5036 | 1 Videolan | 1 Vlc Media Player | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in VideoLAN VLC media player 0.9.x before 0.9.6 might allow user-assisted attackers to execute arbitrary code via an an invalid RealText (rt) subtitle file, related to the ParseRealText function in modules/demux/subtitle.c. NOTE: this issue was SPLIT from CVE-2008-5032 on 20081110. | |||||
| CVE-2007-5972 | 1 Mit | 1 Kerberos 5 | 2025-04-09 | 9.0 HIGH | N/A |
| Double free vulnerability in the krb5_def_store_mkey function in lib/kdb/kdb_default.c in MIT Kerberos 5 (krb5) 1.5 has unknown impact and remote authenticated attack vectors. NOTE: the free operations occur in code that stores the krb5kdc master key, and so the attacker must have privileges to store this key. | |||||
| CVE-2008-5178 | 2 Microsoft, Opera | 2 Windows, Opera | 2025-04-09 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in Opera 9.62 on Windows allows remote attackers to execute arbitrary code via a long file:// URI. NOTE: this might overlap CVE-2008-5680. | |||||
| CVE-2007-6697 | 1 Sdl | 1 Sdl Image | 2025-04-09 | 7.5 HIGH | N/A |
| Buffer overflow in the LWZReadByte function in IMG_gif.c in SDL_image before 1.2.7 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted GIF file, a similar issue to CVE-2006-4484. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-3213 | 1 Broid | 1 Broid | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in broid 1.0 Beta 3a allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long string in a .mp3 file. | |||||
| CVE-2008-0036 | 1 Apple | 1 Quicktime | 2025-04-09 | 6.8 MEDIUM | N/A |
| Buffer overflow in Apple QuickTime before 7.4 allows remote attackers to execute arbitrary code via a crafted compressed PICT image, which triggers the overflow during decoding. | |||||
| CVE-2009-2356 | 1 Dan Cahill | 1 Nulllogic Groupware | 2025-04-09 | 9.3 HIGH | N/A |
| Multiple stack-based buffer overflows in the pgsqlQuery function in NullLogic Groupware 1.2.7, when PostgreSQL is used, might allow remote attackers to execute arbitrary code via input to the (1) POP3, (2) SMTP, or (3) web component that triggers a long SQL query. | |||||
| CVE-2008-0365 | 1 Core Security Technologies | 1 Core Force | 2025-04-09 | 7.2 HIGH | N/A |
| Multiple buffer overflows in CORE FORCE before 0.95.172 allow local users to cause a denial of service (system crash) and possibly execute arbitrary code in the kernel context via crafted arguments to (1) IOCTL functions in the Firewall module or (2) SSDT hook handler functions in the Registry module. | |||||
| CVE-2007-4776 | 1 Microsoft | 1 Visual Basic | 2025-04-09 | 9.3 HIGH | N/A |
| Buffer overflow in Microsoft Visual Basic 6.0 and Enterprise Edition 6.0 SP6 allows user-assisted remote attackers to execute arbitrary code via a Visual Basic project (vbp) file containing a long Reference line, related to VBP_Open and OLE. NOTE: there are limited usage scenarios under which this would be a vulnerability. | |||||
| CVE-2009-1291 | 1 Tibco | 4 Enterprise Message Service, Rtworks, Smartsockets and 1 more | 2025-04-09 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in TIBCO SmartSockets before 6.8.2, SmartSockets Product Family (aka RTworks) before 4.0.5, and Enterprise Message Service (EMS) 4.0.0 through 5.1.1, as used in SmartSockets Server and RTworks Server (aka RTserver), SmartSockets client libraries and add-on products, RTworks libraries and components, EMS Server (aka tibemsd), SmartMQ, iProcess Engine, ActiveMatrix products, and CA Enterprise Communicator, allows remote attackers to execute arbitrary code via "inbound data," as demonstrated by requests to the UDP interface of the RTserver component, and data injection into the TCP stream to tibemsd. | |||||
| CVE-2009-2997 | 1 Adobe | 2 Acrobat, Acrobat Reader | 2025-04-09 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 might allow attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2007-4814 | 1 Microsoft | 1 Sql Server | 2025-04-09 | 7.5 HIGH | N/A |
| Buffer overflow in the SQLServer ActiveX control in the Distributed Management Objects OLE DLL (sqldmo.dll) 2000.085.2004.00 in Microsoft SQL Server Enterprise Manager 8.05.2004 allows remote attackers to execute arbitrary code via a long second argument to the Start method. | |||||
| CVE-2008-0309 | 1 Symantec | 10 Scan Engine, Symantec Antivirus Filtering Domino Mpe, Symantec Antivirus Network Attached Storage and 7 more | 2025-04-09 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in Symantec Decomposer, as used in certain Symantec antivirus products including Symantec Scan Engine 5.1.2 and other versions before 5.1.6.31, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a malformed RAR file to the Internet Content Adaptation Protocol (ICAP) port (1344/tcp). | |||||
| CVE-2007-4821 | 1 Edraw | 1 Office Viewer Component | 2025-04-09 | 9.3 HIGH | N/A |
| Buffer overflow in a certain ActiveX control in officeviewer.ocx 5.2.218.1 in EDraw Office Viewer Component 5.2 allows remote attackers to execute arbitrary code via a long first argument to the HttpDownloadFileToTempDir method, a different vulnerability than CVE-2007-3169. | |||||
| CVE-2007-5327 | 1 Broadcom | 2 Brightstor Arcserve Backup, Brightstor Enterprise Backup | 2025-04-09 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the RPC interface for the Message Engine (mediasvr.exe) in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows remote attackers to execute arbitrary code via a long argument in the 0x10d opnum. | |||||
| CVE-2007-3962 | 1 Fsp | 1 C Library | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple stack-based buffer overflows in fsplib.c in fsplib before 0.9 might allow remote attackers to execute arbitrary code via (1) a long filename that is not properly handled by the fsp_readdir_native function when MAXNAMLEN is greater than 255, or (2) a long d_name directory (dirent) field in the fsp_readdir function. | |||||
| CVE-2007-3294 | 1 Php | 1 Php | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple buffer overflows in libtidy, as used in the Tidy extension for PHP 5.2.3 and possibly other products, allow context-dependent attackers to execute arbitrary code via (1) a long second argument to the tidy_parse_string function or (2) an unspecified vector to the tidy_repair_string function. NOTE: this might only be an issue in environments where vsnprintf is implemented as a wrapper for vsprintf. | |||||