Total
12541 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-0066 | 2 Autonomy, Ibm | 2 Keyview, Lotus Notes | 2025-04-09 | 9.3 HIGH | N/A |
| Multiple buffer overflows in htmsr.dll in the HTML speed reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes 7.0.2 and 7.0.3, allow remote attackers to execute arbitrary code via an HTML document with (1) "large chunks of data," or a long URL in the (2) BACKGROUND attribute of a BODY element or (3) SRC attribute of an IMG element. | |||||
| CVE-2007-6386 | 1 Trend Micro | 3 Trend Micro Antivirus Plus Antispyware, Trend Micro Internet Security Virus Bust, Trend Micro Internet Security Pro | 2025-04-09 | 7.2 HIGH | N/A |
| Stack-based buffer overflow in PccScan.dll before build 1451 in Trend Micro AntiVirus plus AntiSpyware 2008, Internet Security 2008, and Internet Security Pro 2008 allows user-assisted remote attackers to cause a denial of service (SfCtlCom.exe crash), and allows local users to gain privileges, via a malformed .zip archive with a long name, as demonstrated by a .zip file created via format string specifiers in a crafted .uue file. | |||||
| CVE-2007-0906 | 2 Php, Trustix | 2 Php, Secure Linux | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple buffer overflows in PHP before 5.2.1 allow attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors in the (1) session, (2) zip, (3) imap, and (4) sqlite extensions; (5) stream filters; and the (6) str_replace, (7) mail, (8) ibase_delete_user, (9) ibase_add_user, and (10) ibase_modify_user functions. NOTE: vector 6 might actually be an integer overflow (CVE-2007-1885). NOTE: as of 20070411, vector (3) might involve the imap_mail_compose function (CVE-2007-1825). | |||||
| CVE-2007-3832 | 1 Cerulean Studios | 1 Trillian | 2025-04-09 | 9.3 HIGH | N/A |
| Buffer overflow in the AOL Instant Messenger (AIM) protocol handler in AIM.DLL in Cerulean Studios Trillian allows remote attackers to execute arbitrary code via a malformed aim: URI, as demonstrated by a long URI beginning with the aim:///#1111111/ substring. | |||||
| CVE-2009-0264 | 1 Fujitsu | 1 Systemcastwizard Lite | 2025-04-09 | 10.0 HIGH | N/A |
| Buffer overflow in the Registry Setting Tool in Fujitsu SystemcastWizard Lite 2.0A, 2.0, 1.9, and earlier has unknown impact and attack vectors. | |||||
| CVE-2008-3257 | 3 Bea, Bea Systems, Oracle | 4 Weblogic Server, Apache Connector In Weblogic Server, Weblogic Server and 1 more | 2025-04-09 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the Apache Connector (mod_wl) in Oracle WebLogic Server (formerly BEA WebLogic Server) 10.3 and earlier allows remote attackers to execute arbitrary code via a long HTTP version string, as demonstrated by a string after "POST /.jsp" in an HTTP request. | |||||
| CVE-2008-4504 | 1 Herosoft | 1 Hero Dvd Player | 2025-04-09 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in Mplayer.exe in Herosoft Inc. Hero DVD Player 3.0.8 allows user-assisted remote attackers to execute arbitrary code via an M3u file with a "long entry." NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2007-4137 | 6 Conectiva, Gentoo, Mandrakesoft and 3 more | 8 Linux, Linux, Mandrake Linux and 5 more | 2025-04-09 | 7.5 HIGH | N/A |
| Off-by-one error in the QUtf8Decoder::toUnicode function in Trolltech Qt 3 allows context-dependent attackers to cause a denial of service (crash) via a crafted Unicode string that triggers a heap-based buffer overflow. NOTE: Qt 4 has the same error in the QUtf8Codec::convertToUnicode function, but it is not exploitable. | |||||
| CVE-2007-4792 | 1 Ibm | 1 Aix | 2025-04-09 | 7.2 HIGH | N/A |
| Buffer overflow in ibstat in devices.common.IBM.ib.rte in IBM AIX 5.3 allows local users to gain privileges via unspecified vectors. | |||||
| CVE-2007-0777 | 2 Canonical, Mozilla | 4 Ubuntu Linux, Firefox, Seamonkey and 1 more | 2025-04-09 | 9.3 HIGH | N/A |
| The JavaScript engine in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain vectors that trigger memory corruption. | |||||
| CVE-2008-5048 | 1 Isecsoft | 1 Anti-trojan Elite | 2025-04-09 | 7.2 HIGH | N/A |
| Buffer overflow in Atepmon.sys in ISecSoft Anti-Trojan Elite 4.2.1 and earlier, and possibly 4.2.2, allows local users to cause a denial of service (crash) and possibly execute arbitrary code via long inputs to the 0x00222494 IOCTL. | |||||
| CVE-2008-2008 | 1 Cerulean Studios | 1 Trillian | 2025-04-09 | 9.3 HIGH | N/A |
| Buffer overflow in the Display Names message feature in Cerulean Studios Trillian Basic and Pro 3.1.9.0 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long nickname in an MSN protocol message. | |||||
| CVE-2009-1675 | 1 Electrasoft | 1 32bit Ftp | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in ElectraSoft 32bit FTP 09.04.24 allows remote FTP servers to execute arbitrary code via a long 227 reply to a PASV command. | |||||
| CVE-2009-2827 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in Disk Images in Apple Mac OS X 10.5.8 allows user-assisted remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FAT filesystem on a disk image. | |||||
| CVE-2008-3878 | 1 Ultrashareware | 1 Ultra Office Control | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the Ultra.OfficeControl ActiveX control in OfficeCtrl.ocx 2.0.2008.801 in Ultra Shareware Ultra Office Control allows remote attackers to execute arbitrary code via long strUrl, strFile, and strPostData parameters to the HttpUpload method. | |||||
| CVE-2006-5266 | 1 Microsoft | 1 Dynamics Gp | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple buffer overflows in Microsoft Dynamics GP (formerly Great Plains) 9.0 and earlier allow remote attackers to execute arbitrary code via (1) a crafted Distributed Process Manager (DPM) message to the (a) DPM component, or a (2) long string or (3) long IP address in a Distributed Process Server (DPS) message to the DPM or (b) DPS component. | |||||
| CVE-2009-0511 | 1 Adobe | 2 Acrobat, Acrobat Reader | 2025-04-09 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2009-0510, CVE-2009-0512, CVE-2009-0888, and CVE-2009-0889. | |||||
| CVE-2009-2650 | 1 Sorcerersoftware | 1 Multimedia Jukebox | 2025-04-09 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in Sorcerer Software MultiMedia Jukebox 4.0 Build 020124 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted (1) .m3u or possibly (2) .pst file. | |||||
| CVE-2007-6402 | 2 3ivx, Guliverkli | 2 Mpeg-4 Codec, Media Player Classic | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in mplayerc.exe in Media Player Classic (MPC) 6.4.9, when used with the 3ivx 4.5.1 or 5.0.1 codec, allows remote attackers to execute arbitrary code via a certain .mp4 file, possibly a related issue to CVE-2007-6401. | |||||
| CVE-2007-5394 | 1 Adobe | 1 Pagemaker | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in AldFs32.dll in Adobe PageMaker 7.0.1 and 7.0.2 allows user-assisted remote attackers to execute arbitrary code via a .PMD file with a crafted font structure, a different vulnerability than CVE-2007-5169 and CVE-2007-6432. | |||||