Total
13337 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-2508 | 1 Trend Micro | 1 Serverprotect | 2025-04-09 | 10.0 HIGH | N/A |
| Multiple stack-based buffer overflows in Trend Micro ServerProtect 5.58 before Security Patch 2 Build 1174 allow remote attackers to execute arbitrary code via crafted data to (1) TCP port 5168, which triggers an overflow in the CAgRpcClient::CreateBinding function in the AgRpcCln.dll library in SpntSvc.exe; or (2) TCP port 3628, which triggers an overflow in EarthAgent.exe. NOTE: both issues are reachable via TmRpcSrv.dll. | |||||
| CVE-2007-4568 | 1 X.org | 1 X Font Server | 2025-04-09 | 6.8 MEDIUM | N/A |
| Integer overflow in the build_range function in X.Org X Font Server (xfs) before 1.0.5 allows context-dependent attackers to execute arbitrary code via (1) QueryXBitmaps and (2) QueryXExtents protocol requests with crafted size values, which triggers a heap-based buffer overflow. | |||||
| CVE-2007-6613 | 1 Gnu | 1 Libcdio | 2025-04-09 | 5.0 MEDIUM | N/A |
| Stack-based buffer overflow in the print_iso9660_recurse function in iso-info (src/iso-info.c) in GNU Compact Disc Input and Control Library (libcdio) 0.79 and earlier allows context-dependent attackers to cause a denial of service (core dump) and possibly execute arbitrary code via a disk or image that contains a long joilet file name. | |||||
| CVE-2008-2021 | 1 Lhaplus | 1 Lhaplus | 2025-04-09 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in Lhaplus before 1.57 allows remote attackers to execute arbitrary code via a long comment field in a ZOO archive. | |||||
| CVE-2007-6699 | 1 Aol | 1 Ygp Piceditor Activex Control | 2025-04-09 | 4.3 MEDIUM | N/A |
| Multiple buffer overflows in the AIM PicEditor 9.5.1.8 ActiveX control in YGPPicEdit.dll in AOL You've Got Pictures (YGP) Picture Editor allow remote attackers to cause a denial of service (browser crash) via a long string in the (1) DisplayName, (2) FinalSavePath, (3) ForceSaveTo, (4) HiddenControls, (5) InitialEditorScreen, (6) Locale, (7) Proxy, and (8) UserAgent property values. | |||||
| CVE-2008-0365 | 1 Core Security Technologies | 1 Core Force | 2025-04-09 | 7.2 HIGH | N/A |
| Multiple buffer overflows in CORE FORCE before 0.95.172 allow local users to cause a denial of service (system crash) and possibly execute arbitrary code in the kernel context via crafted arguments to (1) IOCTL functions in the Firewall module or (2) SSDT hook handler functions in the Registry module. | |||||
| CVE-2008-2040 | 1 Peercast | 1 Peercast | 2025-04-09 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the HTTP::getAuthUserPass function (core/common/http.cpp) in Peercast 0.1218 and gnome-peercast allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Basic Authentication string with a long (1) username or (2) password. | |||||
| CVE-2008-0248 | 1 Streamaudio | 1 Chaincast Proxymanager Activex Control | 2025-04-09 | 9.3 HIGH | N/A |
| Buffer overflow in an ActiveX control in ccpm_0237.dll for StreamAudio ChainCast ProxyManager allows remote attackers to execute arbitrary code via a long URL argument to the InternalTuneIn method. | |||||
| CVE-2008-2851 | 1 Offsystem | 1 Offsystem | 2025-04-09 | 10.0 HIGH | N/A |
| Multiple buffer overflows in OFF System before 0.19.14 allow remote attackers to have an unknown impact via unspecified vectors related to "parsing of http headers." | |||||
| CVE-2007-5245 | 1 Firebirdsql | 1 Firebird | 2025-04-09 | 10.0 HIGH | N/A |
| Multiple stack-based buffer overflows in Firebird LI 1.5.3.4870 and 1.5.4.4910, and WI 1.5.3.4870 and 1.5.4.4910, allow remote attackers to execute arbitrary code via (1) a long service attach request on TCP port 3050 to the SVC_attach function or (2) unspecified vectors involving the INET_connect function. | |||||
| CVE-2009-3345 | 1 Sap | 1 Crystal Reports Server | 2025-04-09 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in SAP Crystal Reports Server 2008 has unknown impact and attack vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.3 through 8.11. NOTE: as of 20090917, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. | |||||
| CVE-2009-1449 | 1 Coolplayer | 1 Coolplayer | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in PortableApps CoolPlayer Portable (aka CoolPlayer+ Portable) 2.19.1 allows remote attackers to execute arbitrary code via a skin file (skin.ini) with a large PlaylistSkin parameter. NOTE: this may overlap CVE-2008-5735. | |||||
| CVE-2008-3658 | 1 Php | 1 Php | 2025-04-09 | 7.5 HIGH | N/A |
| Buffer overflow in the imageloadfont function in ext/gd/gd.c in PHP 4.4.x before 4.4.9 and PHP 5.2 before 5.2.6-r6 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted font file. | |||||
| CVE-2009-3135 | 1 Microsoft | 4 Office, Office Word, Office Word Viewer and 1 more | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Microsoft Office Word 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, Open XML File Format Converter for Mac, Office Word Viewer 2003 SP3, and Office Word Viewer allow remote attackers to execute arbitrary code via a Word document with a malformed File Information Block (FIB) structure, aka "Microsoft Office Word File Information Memory Corruption Vulnerability." | |||||
| CVE-2008-5120 | 1 Hp | 1 Openvms | 2025-04-09 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the Process Software MultiNet finger service (aka FINGERD) for HP OpenVMS 8.3 allows remote attackers to execute arbitrary code via a long request string. | |||||
| CVE-2007-1659 | 1 Pcre | 1 Pcre | 2025-04-09 | 6.8 MEDIUM | N/A |
| Perl-Compatible Regular Expression (PCRE) library before 7.3 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via regex patterns containing unmatched "\Q\E" sequences with orphan "\E" codes. | |||||
| CVE-2008-0016 | 1 Mozilla | 2 Firefox, Seamonkey | 2025-04-09 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the URL parsing implementation in Mozilla Firefox before 2.0.0.17 and SeaMonkey before 1.1.12 allows remote attackers to execute arbitrary code via a crafted UTF-8 URL in a link. | |||||
| CVE-2009-1389 | 1 Linux | 2 Kernel, Linux Kernel | 2025-04-09 | 7.8 HIGH | N/A |
| Buffer overflow in the RTL8169 NIC driver (drivers/net/r8169.c) in the Linux kernel before 2.6.30 allows remote attackers to cause a denial of service (kernel memory corruption and crash) via a long packet. | |||||
| CVE-2006-5142 | 1 Broadcom | 1 Brightstor Arcserve Backup | 2025-04-09 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in CA BrightStor ARCserve Backup R11.5 client and server allows remote attackers to execute arbitrary code via long messages to the CheyenneDS Mailslot. | |||||
| CVE-2008-5297 | 1 Vitalwerks | 1 No-ip Duc | 2025-04-09 | 7.6 HIGH | N/A |
| Buffer overflow in No-IP DUC 2.1.7 and earlier allows remote HTTP servers to execute arbitrary code via a crafted response to a DNS update request, related to a missing length check in the GetNextLine function. | |||||