Total
2695 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-5001 | 1 Redhat | 2 Enterprise Linux, Enterprise Linux Desktop | 2025-04-09 | 4.9 MEDIUM | N/A |
| Linux kernel before 2.4.21 allows local users to cause a denial of service (kernel panic) via asynchronous input or output on a FIFO special file. | |||||
| CVE-2007-1531 | 1 Microsoft | 2 Windows Vista, Windows Xp | 2025-04-09 | 5.0 MEDIUM | N/A |
| Microsoft Windows XP and Vista overwrites ARP table entries included in gratuitous ARP, which allows remote attackers to cause a denial of service (loss of network access) by sending a gratuitous ARP for the address of the Vista host. | |||||
| CVE-2008-1309 | 1 Realnetworks | 1 Realplayer | 2025-04-09 | 9.3 HIGH | N/A |
| The RealAudioObjects.RealAudio ActiveX control in rmoc3260.dll in RealNetworks RealPlayer Enterprise, RealPlayer 10, RealPlayer 10.5 before build 6.0.12.1675, and RealPlayer 11 before 11.0.3 build 6.0.14.806 does not properly manage memory for the (1) Console or (2) Controls property, which allows remote attackers to execute arbitrary code or cause a denial of service (browser crash) via a series of assignments of long string values, which triggers an overwrite of freed heap memory. | |||||
| CVE-2007-2884 | 1 Microsoft | 1 Visual Basic | 2025-04-09 | 9.3 HIGH | N/A |
| Multiple stack-based buffer overflows in Microsoft Visual Basic 6 allow user-assisted remote attackers to cause a denial of service (CPU consumption) or execute arbitrary code via a Visual Basic Project (vbp) file with a long (1) Description or (2) Company Name (VersionCompanyName) field. | |||||
| CVE-2007-6423 | 2 Apache, Microsoft | 2 Http Server, Windows Nt | 2025-04-09 | 7.8 HIGH | N/A |
| Unspecified vulnerability in mod_proxy_balancer for Apache HTTP Server 2.2.x before 2.2.7-dev, when running on Windows, allows remote attackers to trigger memory corruption via a long URL. NOTE: the vendor could not reproduce this issue | |||||
| CVE-2008-3013 | 1 Microsoft | 13 Digital Image Suite, Forefront Client Security, Internet Explorer and 10 more | 2025-04-09 | 9.3 HIGH | N/A |
| gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a malformed GIF image file containing many extension markers for graphic control extensions and subsequent unknown labels, aka "GDI+ GIF Parsing Vulnerability." | |||||
| CVE-2007-5656 | 1 Tibco | 3 Enterprise Message Service, Rtworks, Smartsockets Rtserver | 2025-04-09 | 10.0 HIGH | N/A |
| TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted requests that control loop operations related to memory. | |||||
| CVE-2008-4382 | 1 Kde | 1 Konqueror | 2025-04-09 | 5.0 MEDIUM | N/A |
| Konqueror in KDE 3.5.9 allows remote attackers to cause a denial of service (application crash) via Javascript that calls the alert function with a URL-encoded string of a large number of invalid characters. | |||||
| CVE-2008-0102 | 1 Microsoft | 1 Publisher | 2025-04-09 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Microsoft Office Publisher 2000, 2002, and 2003 SP2 allows remote attackers to execute arbitrary code via a crafted .pub file, related to invalid "memory values," aka "Publisher Invalid Memory Reference Vulnerability." | |||||
| CVE-2007-4985 | 1 Imagemagick | 1 Imagemagick | 2025-04-09 | 4.3 MEDIUM | N/A |
| ImageMagick before 6.3.5-9 allows context-dependent attackers to cause a denial of service via a crafted image file that triggers (1) an infinite loop in the ReadDCMImage function, related to ReadBlobByte function calls; or (2) an infinite loop in the ReadXCFImage function, related to ReadBlobMSBLong function calls. | |||||
| CVE-2008-5500 | 3 Canonical, Debian, Mozilla | 5 Ubuntu Linux, Debian Linux, Firefox and 2 more | 2025-04-09 | 10.0 HIGH | N/A |
| The layout engine in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to cause a denial of service (crash) and possibly trigger memory corruption via vectors related to (1) a reachable assertion or (2) an integer overflow. | |||||
| CVE-2008-3134 | 1 Graphicsmagick | 1 Graphicsmagick | 2025-04-09 | 5.0 MEDIUM | N/A |
| Multiple unspecified vulnerabilities in GraphicsMagick before 1.2.4 allow remote attackers to cause a denial of service (crash, infinite loop, or memory consumption) via (a) unspecified vectors in the (1) AVI, (2) AVS, (3) DCM, (4) EPT, (5) FITS, (6) MTV, (7) PALM, (8) RLA, and (9) TGA decoder readers; and (b) the GetImageCharacteristics function in magick/image.c, as reachable from a crafted (10) PNG, (11) JPEG, (12) BMP, or (13) TIFF file. | |||||
| CVE-2009-1180 | 4 Apple, Foolabs, Glyphandcog and 1 more | 4 Cups, Xpdf, Xpdfreader and 1 more | 2025-04-09 | 6.8 MEDIUM | N/A |
| The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a free of invalid data. | |||||
| CVE-2007-3116 | 1 Maradns | 1 Maradns | 2025-04-09 | 5.0 MEDIUM | N/A |
| Memory leak in server/MaraDNS.c in MaraDNS 1.2.12.06 and 1.3.05 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors, a different set of affected versions than CVE-2007-3114 and CVE-2007-3115. | |||||
| CVE-2007-5506 | 1 Oracle | 1 Database Server | 2025-04-09 | 7.8 HIGH | N/A |
| The Core RDBMS component in Oracle Database 9.0.1.5+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote attackers to cause a denial of service (CPU consumption) via a crafted type 6 Data packet, aka DB20. | |||||
| CVE-2009-0188 | 1 Apple | 1 Quicktime | 2025-04-09 | 9.3 HIGH | N/A |
| Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie composed of a Sorenson 3 video file. | |||||
| CVE-2008-4844 | 1 Microsoft | 1 Internet Explorer | 2025-04-09 | 9.3 HIGH | N/A |
| Use-after-free vulnerability in the CRecordInstance::TransferToDestination function in mshtml.dll in Microsoft Internet Explorer 5.01, 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via DSO bindings involving (1) an XML Island, (2) XML DSOs, or (3) Tabular Data Control (TDC) in a crafted HTML or XML document, as demonstrated by nested SPAN or MARQUEE elements, and exploited in the wild in December 2008. | |||||
| CVE-2008-1590 | 2 Apple, Webkit | 4 Iphone, Iphone Os, Ipod Touch and 1 more | 2025-04-09 | 6.8 MEDIUM | N/A |
| JavaScriptCore in WebKit on Apple iPhone before 2.0 and iPod touch before 2.0 does not properly perform runtime garbage collection, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors that trigger memory corruption, a different vulnerability than CVE-2008-2317. | |||||
| CVE-2009-0075 | 1 Microsoft | 5 Internet Explorer, Windows Server 2003, Windows Server 2008 and 2 more | 2025-04-09 | 9.3 HIGH | N/A |
| Microsoft Internet Explorer 7 does not properly handle errors during attempted access to deleted objects, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to CFunctionPointer and the appending of document objects, aka "Uninitialized Memory Corruption Vulnerability." | |||||
| CVE-2009-2858 | 1 Ibm | 1 Db2 | 2025-04-09 | 5.0 MEDIUM | N/A |
| Memory leak in the Security component in IBM DB2 8.1 before FP18 on Unix platforms allows attackers to cause a denial of service (memory consumption) via unspecified vectors, related to private memory within the DB2 memory structure. | |||||