Total
12558 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-3653 | 2 Broadcom, Ca | 34 Brightstor Arcserve Backup, Brightstor Arcserve Backup Laptops Desktops, Brightstor Portal and 31 more | 2025-04-03 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in the iGateway service for various Computer Associates (CA) iTechnology products, in iTechnology iGateway before 4.0.051230, allows remote attackers to execute arbitrary code via an HTTP request with a negative Content-Length field. | |||||
| CVE-2003-1374 | 1 Hp | 1 Hp-ux | 2025-04-03 | 4.6 MEDIUM | N/A |
| Buffer overflow in disable of HP-UX 11.0 may allow local users to execute arbitrary code via a long argument to the (1) -r or (2)-c options. | |||||
| CVE-2006-2026 | 1 Libtiff | 1 Libtiff | 2025-04-03 | 6.5 MEDIUM | N/A |
| Double free vulnerability in tif_jpeg.c in libtiff before 3.8.1 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image that triggers errors related to "setfield/getfield methods in cleanup functions." | |||||
| CVE-2006-1453 | 1 Apple | 1 Quicktime | 2025-04-03 | 5.1 MEDIUM | N/A |
| Stack-based buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a crafted QuickDraw PICT image format file containing malformed font information. | |||||
| CVE-2006-4262 | 1 Cscope | 1 Cscope | 2025-04-03 | 5.1 MEDIUM | N/A |
| Multiple buffer overflows in cscope 15.5 and earlier allow user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via multiple vectors including (1) a long pathname that is not properly handled during file list parsing, (2) long pathnames that result from path variable expansion such as tilde expansion for the HOME environment variable, and (3) a long -f (aka reffile) command line argument. | |||||
| CVE-2001-1582 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in the LDAP naming services library (libsldap) in Sun Solaris 8 allows local users to execute arbitrary code via a long LDAP_OPTIONS environment variable to a privileged program that uses libsldap. | |||||
| CVE-2005-3317 | 1 Zipgenius | 1 Zipgenius | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple stack-based buffer overflows in ZipGenius 5.5.1.468 and 6.0.2.1041, and other versions before 6.0.2.1050, allow remote attackers to execute arbitrary code via (1) a ZIP archive that contains a file with a long filename, which is not properly handled by (a) zipgenius.exe, (b) zg.exe, (c) zgtips.dll, and (d) contmenu.dll; (2) a long original name in a (a) UUE, (b) XXE, or (c) MIM file, which is not properly handled by zipgenius.exe; or (3) an ACE archive with a file with a long filename, which is not properly handled by unacev2.dll. | |||||
| CVE-2005-4444 | 1 David Harris | 1 Pegasus Mail | 2025-04-03 | 5.1 MEDIUM | N/A |
| Stack-based buffer overflow in the trace message functionality in Pegasus Mail 4.21a through 4.21c and 4.30PB1 allow remote attackers to execute arbitrary code via a long POP3 reply. | |||||
| CVE-2002-2390 | 1 Cerulean Studios | 2 Trillian, Trillian Pro | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in the IDENT daemon (identd) in Trillian 0.6351, 0.725, 0.73, 0.74 and 1.0 pro allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long request. | |||||
| CVE-2005-4873 | 1 Cups | 1 Cups | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple stack-based buffer overflows in the phpcups PHP module for CUPS 1.1.23rc1 might allow context-dependent attackers to execute arbitrary code via vectors that result in long function parameters, as demonstrated by the cups_get_dest_options function in phpcups.c. | |||||
| CVE-2003-1375 | 1 Hp | 1 Hp-ux | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in wall for HP-UX 10.20 through 11.11 may allow local users to execute arbitrary code by calling wall with a large file as an argument. | |||||
| CVE-2006-2788 | 1 Mozilla | 1 Firefox | 2025-04-03 | 7.5 HIGH | N/A |
| Double free vulnerability in the getRawDER function for nsIX509Cert in Firefox allows remote attackers to cause a denial of service (hang) and possibly execute arbitrary code via certain Javascript code. | |||||
| CVE-2002-2385 | 1 Hotfoon Corporation | 1 Hotfoon | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in hotfoon4.exe in Hotfoon 4.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a URL containing a long voice phone number. | |||||
| CVE-2004-1114 | 1 Skype Technologies | 1 Skype | 2025-04-03 | 9.3 HIGH | N/A |
| Buffer overflow in the handling of command line arguments in Skype 1.0.x.94 through 1.0.x.98 allows remote attackers to execute arbitrary code via a callto:// URL with a long non-existent username, a different vulnerability than CVE-2004-1777. | |||||
| CVE-2003-1514 | 1 Emule | 1 Emule | 2025-04-03 | 7.8 HIGH | N/A |
| eMule 0.29c allows remote attackers to cause a denial of service (crash) via a long password, possibly due to a buffer overflow. | |||||
| CVE-2005-1929 | 1 Trend Micro | 1 Serverprotect | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple heap-based buffer overflows in (1) isaNVWRequest.dll and (2) relay.dll in Trend Micro ServerProtect Management Console 5.58 and earlier, as used in Control Manager 2.5 and 3.0 and Damage Cleanup Server 1.1, allow remote attackers to execute arbitrary code via "wrapped" length values in Chunked transfer requests. NOTE: the original report suggests that the relay.dll issue is related to a problem in which a Microsoft Foundation Classes (MFC) static library returns invalid values under heavy load. As such, this might not be a vulnerability in Trend Micro's product. | |||||
| CVE-2006-3146 | 2 Microsoft, Toshiba | 2 Windows, Bluetooth Stack | 2025-04-03 | 5.0 MEDIUM | N/A |
| The TOSRFBD.SYS driver for Toshiba Bluetooth Stack 4.00.29 and earlier on Windows allows remote attackers to cause a denial of service (reboot) via a L2CAP echo request that triggers an out-of-bounds memory access, similar to "Ping o' Death" and as demonstrated by BlueSmack. NOTE: this issue was originally reported for 4.00.23. | |||||
| CVE-2006-2180 | 1 Kmint21 Software | 1 Golden Ftp Server | 2025-04-03 | 6.4 MEDIUM | N/A |
| Buffer overflow in Golden FTP Server Pro 2.70 allows remote attackers to cause a denial of service (application crash) and execute arbitrary code via a long argument to the (1) NLST or (2) APPE commands, as demonstrated by the Infigo FTPStress Fuzzer. | |||||
| CVE-2006-1983 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 6.4 MEDIUM | N/A |
| Multiple heap-based buffer overflows in Mac OS X 10.4.6 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) PredictorVSetField function for TIFF or (2) CFAllocatorAllocate function for GIF, as used in applications that use ImageIO or AppKit. NOTE: the BMP vector has been re-assigned to CVE-2006-2238 because it affects a separate product family. | |||||
| CVE-2006-2408 | 1 Raydium | 1 Raydium | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple buffer overflows in Raydium before SVN revision 310 allow remote attackers to execute arbitrary code via a large packet when logged via (1) the raydium_log function in log.c or (2) the raydium_console_line_add function in console.c, possibly from a long player name. | |||||