Total
12538 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-2479 | 1 Mozilla | 1 Firefox | 2025-04-09 | 7.8 HIGH | N/A |
| Mozilla Firefox 3.0.x, 3.5, and 3.5.1 on Windows allows remote attackers to cause a denial of service (uncaught exception and application crash) via a long Unicode string argument to the write method. NOTE: this was originally reported as a stack-based buffer overflow. NOTE: on Linux and Mac OS X, a crash resulting from this long string reportedly occurs in an operating-system library, not in Firefox. | |||||
| CVE-2007-6562 | 1 Tcpreen | 1 Tcpreen | 2025-04-09 | 5.0 MEDIUM | N/A |
| Multiple stack-based buffer overflows in the use of FD_SET in TCPreen before 1.4.4 allow remote attackers to cause a denial of service via multiple concurrent connections, which result in overflows in the (1) SocketAddress::Connect function in libsolve/sockprot.cpp and (2) monitor_bridge function in src/bridge.cpp. | |||||
| CVE-2007-5395 | 2 Abiword, Link Grammar | 2 Abiword Link Grammar, Link Grammar | 2025-04-09 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the separate_word function in tokenize.c in Link Grammar 4.1b and possibly other versions, as used in AbiWord Link Grammar 4.2.4, allows remote attackers to execute arbitrary code via a long word, as reachable through the separate_sentence function. | |||||
| CVE-2006-3448 | 1 Microsoft | 1 Step-by-step Interactive Training | 2025-04-09 | 9.3 HIGH | N/A |
| Buffer overflow in the Step-by-Step Interactive Training in Microsoft Windows 2000 SP4, XP SP2 and Professional, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a long Syllabus string in crafted bookmark link files (cbo, cbl, or .cbm), a different issue than CVE-2005-1212. | |||||
| CVE-2008-4396 | 1 Safer Networking | 1 Filealyzer | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Safer Networking FileAlyzer 1.6.0.0 and 1.6.0.4 beta, and possibly other versions, allows user-assisted remote attackers to execute arbitrary code via an executable with malformed version data. | |||||
| CVE-2009-3700 | 1 Squidguard | 1 Squidguard | 2025-04-09 | 5.0 MEDIUM | N/A |
| Buffer overflow in sgLog.c in squidGuard 1.3 and 1.4 allows remote attackers to cause a denial of service (application hang or loss of blocking functionality) via a long URL with many / (slash) characters, related to "emergency mode." | |||||
| CVE-2007-2459 | 1 Tony Cook | 1 Imager | 2025-04-09 | 7.8 HIGH | N/A |
| Heap-based buffer overflow in the BMP reader (bmp.c) in Imager perl module (libimager-perl) 0.45 through 0.56 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted 8-bit/pixel compressed BMP files. | |||||
| CVE-2008-1096 | 1 Imagemagick | 2 Graphicsmagick, Imagemagick | 2025-04-09 | 6.8 MEDIUM | N/A |
| The load_tile function in the XCF coder in coders/xcf.c in (1) ImageMagick 6.2.8-0 and (2) GraphicsMagick (aka gm) 1.1.7 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted .xcf file that triggers an out-of-bounds heap write, possibly related to the ScaleCharToQuantum function. | |||||
| CVE-2008-1920 | 1 Icq | 1 Mirabilis Icq | 2025-04-09 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in the boxelyRenderer module in the Personal Status Manager feature in ICQ 6.0 build 6043 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted personal status message. | |||||
| CVE-2007-5070 | 1 Quiksoft | 1 Easymail Messageprinter Object | 2025-04-09 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in the EasyMailMessagePrinter ActiveX control in emprint.DLL 6.0.1.0 in the Quiksoft EasyMail MessagePrinter Object allows remote attackers to execute arbitrary code via a long string in the first argument to the SetFont method. | |||||
| CVE-2007-5583 | 1 Cisco | 1 Ip Phone 7940 | 2025-04-09 | 7.8 HIGH | N/A |
| Cisco IP Phone 7940 with firmware P0S3-08-7-00 allows remote attackers to cause a denial of service ("486 Busy" responses or device reboot) via a sequence of SIP INVITE transactions in which the Request-URI lacks a user name, a different vulnerability than CVE-2007-4459. | |||||
| CVE-2007-5487 | 1 Cowon America | 1 Jetaudio | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in COWON America jetAudio Basic 7.0.3 allows user-assisted remote attackers to execute arbitrary code via a long URL in an EXTM3U section of a .m3u file. | |||||
| CVE-2009-4180 | 1 Hp | 1 Openview Network Node Manager | 2025-04-09 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in snmpviewer.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long HTTP Host header. | |||||
| CVE-2007-6175 | 1 Lhaplus | 1 Lhaplus | 2025-04-09 | 6.6 MEDIUM | N/A |
| Buffer overflow in Lhaplus 1.55 and earlier allows remote attackers to execute arbitrary code via a crafted LZH archive, a different vector than CVE-2007-5048. | |||||
| CVE-2008-5902 | 1 Xrdp | 1 Xrdp | 2025-04-09 | 7.5 HIGH | N/A |
| Buffer overflow in the xrdp_bitmap_invalidate function in xrdp/xrdp_bitmap.c in xrdp 0.4.1 and earlier allows remote attackers to execute arbitrary code via a crafted request. | |||||
| CVE-2007-4793 | 1 Ibm | 1 Aix | 2025-04-09 | 7.2 HIGH | N/A |
| Buffer overflow in xlplm in plm.server.rte in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors. | |||||
| CVE-2008-4562 | 1 Hp | 1 Openview Network Node Manager | 2025-04-09 | 10.0 HIGH | N/A |
| Buffer overflow in the ovlaunch CGI program in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 on Windows allows remote attackers to execute arbitrary code via a crafted Host parameter. NOTE: this issue may be partially covered by CVE-2009-0205. | |||||
| CVE-2007-5548 | 1 Cisco | 1 Ios | 2025-04-09 | 6.9 MEDIUM | N/A |
| Multiple stack-based buffer overflows in Command EXEC in Cisco IOS allow local users to gain privileges via unspecified vectors, aka (1) PSIRT-0474975756 and (2) PSIRT-0388256465. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes. | |||||
| CVE-2007-6609 | 1 Coolplayer | 1 Coolplayer | 2025-04-09 | 5.0 MEDIUM | N/A |
| Multiple stack-based buffer overflows in the CPLI_ReadTag_OGG function in CPI_PlaylistItem.c in CoolPlayer 217 and earlier allow user-assisted remote attackers to execute arbitrary code via a long (1) cTag or (2) cValue field in an OGG Vorbis file. | |||||
| CVE-2007-5360 | 2 Openpegasus, Vmware | 2 Management Server, Esx | 2025-04-09 | 7.5 HIGH | N/A |
| Buffer overflow in OpenPegasus Management server, when compiled to use PAM and with PEGASUS_USE_PAM_STANDALONE_PROC defined, as used in VMWare ESX Server 3.0.1 and 3.0.2, might allow remote attackers to execute arbitrary code via vectors related to PAM authentication, a different vulnerability than CVE-2008-0003. | |||||