Total
12475 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2007-4814 | 1 Microsoft | 1 Sql Server | 2025-04-09 | 7.5 HIGH | N/A |
Buffer overflow in the SQLServer ActiveX control in the Distributed Management Objects OLE DLL (sqldmo.dll) 2000.085.2004.00 in Microsoft SQL Server Enterprise Manager 8.05.2004 allows remote attackers to execute arbitrary code via a long second argument to the Start method. | |||||
CVE-2007-5848 | 1 Apple | 1 Mac Os X | 2025-04-09 | 7.2 HIGH | N/A |
Buffer overflow in CUPS in Apple Mac OS X 10.4.11 allows local admin users to execute arbitrary code via a crafted URI to the CUPS service. | |||||
CVE-2008-7227 | 1 Geoserver | 1 Geoserver | 2025-04-09 | 5.0 MEDIUM | N/A |
PartialBufferOutputStream2 in GeoServer before 1.6.1 and 1.7.0-beta1 attempts to flush buffer contents even when it is handling an "in memory buffer," which prevents the reporting of a service exception, with unknown impact and attack vectors. | |||||
CVE-2007-6008 | 1 Autonomy | 3 Keyview Export Sdk, Keyview Filter Sdk, Keyview Viewer Sdk | 2025-04-09 | 9.3 HIGH | N/A |
Heap-based buffer overflow in emlsr.dll before 2.0.0.4 in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK allows remote attackers to execute arbitrary code via a long Content-Type header line in an EML file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
CVE-2007-5436 | 1 Gdata | 1 Antivirus | 2025-04-09 | 7.6 HIGH | N/A |
Buffer overflow in a certain ActiveX control in ScanObjectBrowser.DLL in G DATA Antivirus 2007 might allow remote attackers to execute arbitrary code via unspecified parameters to the SelectPath function. NOTE: this issue might not cross privilege boundaries in most environments, since it is not marked as safe for scripting. | |||||
CVE-2009-4097 | 1 Malsmith | 1 Serenity Audio Player | 2025-04-09 | 9.3 HIGH | N/A |
Stack-based buffer overflow in the MplayInputFile function in Serenity Audio Player 3.2.3 and earlier allows remote attackers to execute arbitrary code via a long URL in an M3U file. NOTE: some of these details are obtained from third party information. | |||||
CVE-2007-2846 | 2 Avas\!t, Avast\! | 2 Avast\! Antivirus, Avast\! Antivirus | 2025-04-09 | 9.3 HIGH | N/A |
Heap-based buffer overflow in the SIS unpacker in avast! Anti-Virus Managed Client before 4.7.700 allows user-assisted remote attackers to execute arbitrary code via a crafted SIS archive, resulting from an "integer cast around." | |||||
CVE-2008-3869 | 1 Sun | 1 Solaris | 2025-04-09 | 10.0 HIGH | N/A |
Heap-based buffer overflow in sadmind in Sun Solaris 8 and 9 allows remote attackers to execute arbitrary code via a crafted RPC request, related to improper decoding of request parameters. | |||||
CVE-2009-2566 | 1 Tfm | 1 Mmplayer | 2025-04-09 | 9.3 HIGH | N/A |
Stack-based buffer overflow in TFM MMPlayer 2.0, and possibly 2.0.0.30, allows remote attackers to execute arbitrary code via a long string in a playlist (.m3u) file. | |||||
CVE-2007-0449 | 1 Broadcom | 5 Brightstor Arcserve Backup Laptops Desktops, Brightstor Mobile Backup, Business Protection Suite and 2 more | 2025-04-09 | 10.0 HIGH | N/A |
Multiple buffer overflows in LGSERVER.EXE in CA BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.1 SP1, Mobile Backup r4.0, Desktop and Business Protection Suite r2, and Desktop Management Suite (DMS) r11.0 and r11.1 allow remote attackers to execute arbitrary code via crafted packets to TCP port (1) 1900 or (2) 2200. | |||||
CVE-2007-4672 | 2 Apple, Microsoft | 4 Mac Os X, Quicktime, Windows Vista and 1 more | 2025-04-09 | 7.6 HIGH | N/A |
Stack-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via an invalid UncompressedQuickTimeData opcode length in a PICT image. | |||||
CVE-2007-0464 | 2 Apple, Cfnetwork | 2 Mac Os X, Cfnetwork | 2025-04-09 | 5.0 MEDIUM | N/A |
The _CFNetConnectionWillEnqueueRequests function in CFNetwork 129.19 on Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to cause a denial of service (application crash) via a crafted HTTP 301 response, which results in a NULL pointer dereference. | |||||
CVE-2007-0002 | 1 Libwpd | 1 Libwpd Library | 2025-04-09 | 9.3 HIGH | N/A |
Multiple heap-based buffer overflows in WordPerfect Document importer/exporter (libwpd) before 0.8.9 allow user-assisted remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted WordPerfect file in which values to loop counters are not properly handled in the (1) WP3TablesGroup::_readContents and (2) WP5DefinitionGroup_DefineTablesSubGroup::WP5DefinitionGroup_DefineTablesSubGroup functions. NOTE: the integer overflow has been split into CVE-2007-1466. | |||||
CVE-2008-4922 | 2 Djvu, Microsoft | 2 Activex Control For Microsoft Office 2000, Office | 2025-04-09 | 9.3 HIGH | N/A |
Buffer overflow in the DjVu ActiveX Control 3.0 for Microsoft Office (DjVu_ActiveX_MSOffice.dll) allows remote attackers to execute arbitrary code via a long (1) ImageURL property, and possibly the (2) Mode, (3) Page, or (4) Zoom properties. | |||||
CVE-2008-2932 | 1 Redhat | 1 Adminutil | 2025-04-09 | 7.5 HIGH | N/A |
Heap-based buffer overflow in Red Hat adminutil 1.1.6 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via % (percent) encoded HTTP input to unspecified CGI scripts in Fedora Directory Server. NOTE: this vulnerability exists because of an incorrect fix for CVE-2008-2929. | |||||
CVE-2008-0590 | 1 Progress | 1 Ws Ftp Server | 2025-04-09 | 9.0 HIGH | N/A |
Buffer overflow in Ipswitch WS_FTP Server with SSH 6.1.0.0 allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a long opendir command. | |||||
CVE-2009-1671 | 1 Sun | 1 Jre | 2025-04-09 | 9.3 HIGH | N/A |
Multiple buffer overflows in the Deployment Toolkit ActiveX control in deploytk.dll 6.0.130.3 in Sun Java SE Runtime Environment (aka JRE) 6 Update 13 allow remote attackers to execute arbitrary code via a long string argument to the (1) setInstallerType, (2) setAdditionalPackages, (3) compareVersion, (4) getStaticCLSID, or (5) launch method. | |||||
CVE-2006-6125 | 1 Netgear | 1 Wg311v1 | 2025-04-09 | 7.5 HIGH | N/A |
Heap-based buffer overflow in the wireless driver (WG311ND5.SYS) 2.3.1.10 for NetGear WG311v1 wireless adapter allows remote attackers to execute arbitrary code via an 802.11 management frame with a long SSID. | |||||
CVE-2009-1251 | 2 Openafs, Unix | 2 Openafs, Unix | 2025-04-09 | 10.0 HIGH | N/A |
Heap-based buffer overflow in the cache manager in the client in OpenAFS 1.0 through 1.4.8 and 1.5.0 through 1.5.58 on Unix platforms allows remote attackers to cause a denial of service (system crash) or possibly execute arbitrary code via an RX response containing more data than specified in a request, related to use of XDR arrays. | |||||
CVE-2009-3809 | 1 Acoustica | 1 Mp3 Audio Mixer | 2025-04-09 | 4.3 MEDIUM | N/A |
Acoustica MP3 Audio Mixer 1.0 and possibly 2.471 allows remote attackers to cause a denial of service (crash) via a long string in a .sgp playlist file. |