Total
12539 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-4395 | 2 Linux, Ubuntu | 2 Linux Kernel, Linux Kernel | 2025-04-09 | 8.3 HIGH | N/A |
| Multiple buffer overflows in the ndiswrapper module 1.53 for the Linux kernel 2.6 allow remote attackers to execute arbitrary code by sending packets over a local wireless network that specify long ESSIDs. | |||||
| CVE-2007-5029 | 1 Dibbler | 1 Dibbler | 2025-04-09 | 5.0 MEDIUM | N/A |
| Dibbler 0.6.0 does not verify that certain length parameters are appropriate for buffer sizes, which allows remote attackers to trigger a buffer over-read and cause a denial of service (daemon crash), as demonstrated by incorrect behavior of the TSrvMsg constructor in SrvMessages/SrvMsg.cpp when (1) reading the option code and option length and (2) parsing options. | |||||
| CVE-2009-2406 | 1 Linux | 2 Kernel, Linux Kernel | 2025-04-09 | 6.9 MEDIUM | N/A |
| Stack-based buffer overflow in the parse_tag_11_packet function in fs/ecryptfs/keystore.c in the eCryptfs subsystem in the Linux kernel before 2.6.30.4 allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving a crafted eCryptfs file, related to not ensuring that the key signature length in a Tag 11 packet is compatible with the key signature buffer size. | |||||
| CVE-2007-3180 | 1 Hp | 1 Help And Support Center | 2025-04-09 | 9.4 HIGH | N/A |
| Buffer overflow in Help and Support Center before 4.4 C on HP Windows systems allows remote attackers to read or write arbitrary files via unknown vectors. | |||||
| CVE-2008-3389 | 3 Hp, Ingres, Linux | 3 Hp-ux, Ingres, Linux Kernel | 2025-04-09 | 4.6 MEDIUM | N/A |
| Stack-based buffer overflow in the libbecompat library in Ingres 2.6, Ingres 2006 release 1 (aka 9.0.4), and Ingres 2006 release 2 (aka 9.1.0) on Linux and HP-UX allows local users to gain privileges by setting a long value of an environment variable before running (1) verifydb, (2) iimerge, or (3) csreport. | |||||
| CVE-2009-3170 | 1 Aimp | 1 Aimp2 Audio Converter | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in AIMP2 Audio Converter 2.53 (build 330) and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long File1 argument in a (1) .pls or (2) .m3u playlist file. | |||||
| CVE-2007-0444 | 1 Citrix | 2 Metaframe, Metaframe Presentation Server | 2025-04-09 | 7.2 HIGH | N/A |
| Stack-based buffer overflow in the print provider library (cpprov.dll) in Citrix Presentation Server 4.0, MetaFrame Presentation Server 3.0, and MetaFrame XP 1.0 allows local users and remote attackers to execute arbitrary code via long arguments to the (1) EnumPrintersW and (2) OpenPrinter functions. | |||||
| CVE-2009-1641 | 1 Mini-stream | 1 Ripper | 2025-04-09 | 9.3 HIGH | N/A |
| Multiple stack-based buffer overflows in Mini-stream Ripper 3.0.1.1 allow remote attackers to execute arbitrary code via (1) a long rtsp URL in a .ram file and (2) a long string in the HREF attribute of a REF element in a .asx file. | |||||
| CVE-2009-1726 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in ColorSync in Apple Mac OS X 10.4.11 and 10.5 before 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted image containing an embedded ColorSync profile. | |||||
| CVE-2009-1642 | 1 Mini-stream | 1 Mini-stream To Mp3 Converter | 2025-04-09 | 9.3 HIGH | N/A |
| Multiple stack-based buffer overflows in Mini-stream ASX to MP3 Converter 3.0.0.7 allow remote attackers to execute arbitrary code via (1) a long rtsp URL in a .ram file and (2) a long string in the HREF attribute of a REF element in a .asx file. NOTE: the latter was also subsequently reported in "prior to 3.1.3.7." | |||||
| CVE-2007-5935 | 2 Tetex, Tug | 2 Tetex, Texlive 2007 | 2025-04-09 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in hpc.c in dvips in teTeX and TeXlive 2007 and earlier allows user-assisted attackers to execute arbitrary code via a DVI file with a long href tag. | |||||
| CVE-2009-3969 | 1 Faslo | 1 Faslo Player | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Faslo Player 7.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long string in a .m3u playlist file. | |||||
| CVE-2007-0447 | 1 Symantec | 13 Antivirus Scan Engine, Brightmail Antispam, Client Security and 10 more | 2025-04-09 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in the Decomposer component in multiple Symantec products allows remote attackers to execute arbitrary code via multiple crafted CAB archives. | |||||
| CVE-2008-1083 | 1 Microsoft | 5 Windows 2000, Windows 2003 Server, Windows Server 2008 and 2 more | 2025-04-09 | 9.3 HIGH | 8.1 HIGH |
| Heap-based buffer overflow in the CreateDIBPatternBrushPt function in GDI in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Vista, and Server 2008 allows remote attackers to execute arbitrary code via an EMF or WMF image file with a malformed header that triggers an integer overflow, aka "GDI Heap Overflow Vulnerability." | |||||
| CVE-2007-3454 | 1 Trend Micro | 1 Officescan | 2025-04-09 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in CGIOCommon.dll before 8.0.0.1042 in Trend Micro OfficeScan Corporate Edition 8.0 allows remote attackers to execute arbitrary code via long crafted requests, as demonstrated using a long session cookie to unspecified CGI programs that use this library. | |||||
| CVE-2009-0885 | 1 Mediacommands | 1 Media Commands | 2025-04-09 | 9.3 HIGH | N/A |
| Multiple heap-based buffer overflows in Media Commands 1.0 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long string in a (1) M3U, (2) M3l, (3) TXT, and (4) LRC playlist file. | |||||
| CVE-2007-5601 | 1 Realnetworks | 1 Realplayer | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the Database Component in MPAMedia.dll in RealNetworks RealPlayer 10.5 and 11 beta, and earlier versions including 10, RealOne Player, and RealOne Player 2, allows remote attackers to execute arbitrary code via certain playlist names, as demonstrated via the import method to the IERPCtl ActiveX control in ierpplug.dll. | |||||
| CVE-2008-1670 | 1 Kde | 1 Kde | 2025-04-09 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in the progressive PNG Image loader (decoders/pngloader.cpp) in KHTML in KDE 4.0.x up to 4.0.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted image. | |||||
| CVE-2008-0152 | 1 Seattle Lab Software | 1 Slnet Rf Telnet Server | 2025-04-09 | 4.3 MEDIUM | N/A |
| SLnet.exe in SeattleLab SLNet RF Telnet Server 4.1.1.3758 and earlier allows user-assisted remote attackers to cause a denial of service (crash) via unspecified telnet options, which triggers a NULL pointer dereference. NOTE: the crash is not user-assisted when the server is running in debug mode. | |||||
| CVE-2008-2468 | 1 Landesk | 3 Landesk Management Suite, Landesk Security Suite, Landesk Server Manager | 2025-04-09 | 10.0 HIGH | N/A |
| Multiple buffer overflows in the QIP Server Service (aka qipsrvr.exe) in LANDesk Management Suite, Security Suite, and Server Manager 8.8 and earlier allow remote attackers to execute arbitrary code via a crafted heal request, related to the StringToMap and StringSize arguments. | |||||